Synopsis: Important: libsoup security update
Advisory ID: SLSA-2017:2459-1
Issue Date: 2017-08-15
CVE Numbers: CVE-2017-2885
—
Security Fix(es):
* A stack-based buffer overflow flaw was discovered within the HTTP
processing of libsoup. A remote attacker could exploit this flaw to cause
a crash or, potentially, execute arbitrary code by sending a specially
crafted HTTP request to a server using the libsoup HTTP server
functionality or by tricking a user into connecting to a malicious HTTP
server with an application using the libsoup HTTP client functionality.
(CVE-2017-2885)
—
SL7
x86_64
libsoup-2.56.0-4.el7_4.i686.rpm
libsoup-2.56.0-4.el7_4.x86_64.rpm
libsoup-debuginfo-2.56.0-4.el7_4.i686.rpm
libsoup-debuginfo-2.56.0-4.el7_4.x86_64.rpm
libsoup-devel-2.56.0-4.el7_4.i686.rpm
libsoup-devel-2.56.0-4.el7_4.x86_64.rpm
– Scientific Linux Development Team
