Package name
openslp
Date
2013-04-10
Advisory ID
MDVSA-2013:111
Affected versions
MBS1 x86_64

Problem description

Updated openslp packages fix security vulnerability:

The extension parser in slp_v2message.c in OpenSLP 1.2.1 allows
remote attackers to cause a denial of service (infinite loop) via a
packet with a next extension offset that references this extension
or a previous extension (CVE-2010-3609).

Updated packages

MBS1 x86_64

 e863b5cd954a8e357b4d302080bcf2b3  mbs1/x86_64/lib64openslp1-1.2.1-12.1.mbs1.x86_64.rpm
 bf3fb47883d845a0db1e860b9974f990  mbs1/x86_64/lib64openslp1-devel-1.2.1-12.1.mbs1.x86_64.rpm
 2773736d0111632d0406a3a13ab6b14b  mbs1/x86_64/openslp-1.2.1-12.1.mbs1.x86_64.rpm 
 9e8e79a76684f70dffb8817762ce6193  mbs1/SRPMS/openslp-1.2.1-12.1.mbs1.src.rpm

References