Bug 21497

Summary: libsoup security vulnerability CVE-2017-2885.
Product: Mageia Reporter: Zombie Ryushu <zombie_ryushu>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://www.debian.org/security/2017/dsa-3929
Whiteboard:
Source RPM: libsoup CVE: CVE-2017-2885
Status comment:

Description Zombie Ryushu 2017-08-11 10:23:28 CEST 
Aleksandar Nikolic of Cisco Talos discovered a stack-based buffer overflow vulnerability in libsoup2.4, a HTTP library implementation in C. A remote attacker can take advantage of this flaw by sending a specially crafted HTTP request to cause an application using the libsoup2.4 library to crash (denial of service), or potentially execute arbitrary code.
Zombie Ryushu 2017-08-11 10:25:33 CEST

CVE: (none) => CVE-2017-2885

Comment 1 Zombie Ryushu 2017-08-11 10:28:34 CEST 
I Forgot to see that there was already a bug reported on this. By about an hour.

*** This bug has been marked as a duplicate of bug 21487 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE