Package name
socat
Date
2014-02-14
Advisory ID
MDVSA-2014:033
Affected versions
MBS1 x86_64

Problem description

A vulnerability has been discovered and corrected in socat:

Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and
2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial
of service (segmentation fault) via a long server name in the
PROXY-CONNECT address in the command line (CVE-2014-0019).

The updated packages have been upgraded to the 1.7.2.3 version which
is not vulnerable to this issue.

Updated packages

MBS1 x86_64

 556abad28fdb5cc80a15ff69790f4487  mbs1/x86_64/socat-1.7.2.3-1.mbs1.x86_64.rpm 
 4174e565e7144f2e37712c97163e8292  mbs1/SRPMS/socat-1.7.2.3-1.mbs1.src.rpm

References