openslp-2.0.0-8.el7
エラータID: AXSA:2019-4405:01
OpenSLP is an open source implementation of the Service Location Protocol (SLP) which is an Internet Engineering Task Force (IETF) standards track protocol and provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks.
Security Fix(es):
* openslp: Heap-based buffer overflow in ProcessSrvRqst() in slpd_process.c leading to remote code execution (CVE-2019-5544)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2019-5544
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
Update packages.
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
N/A
SRPMS
- openslp-2.0.0-8.el7.src.rpm
MD5: f4255eaeee26aae3d0c74c7ea8a81619
SHA-256: d4f0904e0d43e4b7dcb5bb7577f7116e42757275142164599eb0788bdc026305
Size: 5.13 MB
Asianux Server 7 for x86_64
- openslp-2.0.0-8.el7.x86_64.rpm
MD5: d086d271fb15a873a8b93c5019559e5e
SHA-256: 5fe6a5e2ef00f690801fd8142824f7bf475c0c65c0bcf040fb4efe467ae12c03
Size: 324.84 kB - openslp-server-2.0.0-8.el7.x86_64.rpm
MD5: 724144bc12429f6bd1169bbb22bb97fa
SHA-256: 4ebf643310d9db058031207e33570f356ba602c44ecb7112926f8c0214f57bae
Size: 74.43 kB - openslp-2.0.0-8.el7.i686.rpm
MD5: fe5b3c134b737da25cfe710bf8b387ee
SHA-256: 3dae1a490ecabc234ebf8daa505d0086d749d711a9c9663413de079804aaac63
Size: 325.72 kB