Synopsis: Low: rest security update
Advisory ID: SLSA-2015:2237-3
Issue Date: 2015-11-19
CVE Numbers: CVE-2015-2675
—
It was found that the OAuth implementation in librest, a helper library
for RESTful services, incorrectly truncated the pointer returned by the
rest_proxy_call_get_url call. An attacker could use this flaw to crash an
application using the librest library. (CVE-2015-2675)
After installing the update, all applications using librest must be
restarted for the update to take effect.
—
SL7
x86_64
rest-0.7.92-3.el7.i686.rpm
rest-0.7.92-3.el7.x86_64.rpm
rest-debuginfo-0.7.92-3.el7.i686.rpm
rest-debuginfo-0.7.92-3.el7.x86_64.rpm
rest-devel-0.7.92-3.el7.i686.rpm
rest-devel-0.7.92-3.el7.x86_64.rpm
– Scientific Linux Development Team
