libsoup-2.56.0-4.el7
エラータID: AXSA:2017-2107:01
Libsoup is an HTTP library implementation in C. It was originally part
of a SOAP (Simple Object Access Protocol) implementation called Soup, but
the SOAP and non-SOAP parts have now been split into separate packages.
libsoup uses the Glib main loop and is designed to work well with GTK
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the Gtk programming model (a synchronous operation mode is also
supported for those who want it).
CVE-2017-2885
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
Update packages.
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability.
N/A
SRPMS
- libsoup-2.56.0-4.el7.src.rpm
MD5: 5f75624a267db03283e36049c8bcaf13
SHA-256: 8e36e20f9c161594060b0d8e62621c9996df344bde33451acf2d53c14539fe39
Size: 1.77 MB
Asianux Server 7 for x86_64
- libsoup-2.56.0-4.el7.x86_64.rpm
MD5: 774974f811f2683add75073cb67f9c60
SHA-256: bf8c7504283b40e7722129a8a8b84e7d9c941f38a7abbfb2d11f6c630d1077df
Size: 397.22 kB - libsoup-devel-2.56.0-4.el7.x86_64.rpm
MD5: b62ca37b74f69008c9ad75cde0a52d7c
SHA-256: 9f8a972d4f83f6196f71dadfbdb89038bd20f64f894125665ca085a6902c1aee
Size: 318.11 kB - libsoup-2.56.0-4.el7.i686.rpm
MD5: 5d3dad66316cbeed8561163a6554a543
SHA-256: adee1f9ec10e1c88322c6f2c399167ed4825cc1135fb71578501c3c6c3eb319d
Size: 383.83 kB - libsoup-devel-2.56.0-4.el7.i686.rpm
MD5: 77b700d75e3a61aa3c161afc0a3a9f89
SHA-256: 8f6c2783c75aaa96594232ee4e88c90bee430e25e4b3a07dfa21f37e4a3e4f72
Size: 318.13 kB
日本語