Lucene search
DebianDEBIAN:DLA-2025-1:D045EHistoryDec 08, 2019 - 12:51 p.m.
[SECURITY] [DLA 2025-1] openslp-dfsg security update
2019-12-0812:51:22
lists.debian.org
133
Package : openslp-dfsg
Version : 1.2.1-10+deb8u2
CVE IDs : CVE-2017-17833 CVE-2019-5544
The OpenSLP package had two open security issues:
CVE-2017-17833
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related
memory corruption issue which may manifest itself as a denial-of-service
or a remote code-execution vulnerability.
CVE-2019-5544
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap
overwrite issue. VMware has evaluated the severity of this issue to be in
the critical severity range.
For Debian 8 "Jessie", these problems have been fixed in version
1.2.1-10+deb8u2. This upload was prepared by Utkarsh Gupta
<[email protected]>.
We recommend that you upgrade your openslp-dfsg packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Regards,
,''`.
: :' : Chris Lamb
`. `'` [email protected] / chris-lamb.co.uk
`-
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 8 | amd64 | slptool | < 1.2.1-10+deb8u2 | slptool_1.2.1-10+deb8u2_amd64.deb |
| Debian | 8 | armel | libslp-dev | < 1.2.1-10+deb8u2 | libslp-dev_1.2.1-10+deb8u2_armel.deb |
| Debian | 8 | i386 | slpd | < 1.2.1-10+deb8u2 | slpd_1.2.1-10+deb8u2_i386.deb |
| Debian | 8 | i386 | slptool | < 1.2.1-10+deb8u2 | slptool_1.2.1-10+deb8u2_i386.deb |
| Debian | 8 | armhf | slpd | < 1.2.1-10+deb8u2 | slpd_1.2.1-10+deb8u2_armhf.deb |
| Debian | 8 | armel | libslp1 | < 1.2.1-10+deb8u2 | libslp1_1.2.1-10+deb8u2_armel.deb |
| Debian | 8 | all | openslp-dfsg | < 1.2.1-10+deb8u2 | openslp-dfsg_1.2.1-10+deb8u2_all.deb |
| Debian | 8 | amd64 | libslp-dev | < 1.2.1-10+deb8u2 | libslp-dev_1.2.1-10+deb8u2_amd64.deb |
| Debian | 8 | amd64 | slpd | < 1.2.1-10+deb8u2 | slpd_1.2.1-10+deb8u2_amd64.deb |
| Debian | 8 | armel | slpd | < 1.2.1-10+deb8u2 | slpd_1.2.1-10+deb8u2_armel.deb |
Related
nessus
nessus
Debian DLA-2025-1 : openslp-dfsg security update
2019-12-09 00:00:00
GLSA-202005-12 : OpenSLP: Multiple vulnerabilities
2020-05-15 00:00:00
Scientific Linux Security Update : openslp on SL7.x x86_64 (20180723)
2018-07-24 00:00:00
osv
osv
openslp-dfsg - security update
2019-12-08 00:00:00
openslp-dfsg - security update
2018-04-25 00:00:00
openslp-dfsg vulnerability
2021-04-19 19:28:33
gentoo
gentoo
OpenSLP: Multiple vulnerabilities
2020-05-14 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2025-1)
2019-12-09 00:00:00
Debian: Security Advisory (DLA-1364-1)
2018-04-26 00:00:00
Fedora Update for openslp FEDORA-2018-05acd3c734
2018-07-20 00:00:00
ibm
ibm
Security Bulletin: IBM NeXtScale Fan Power Controller (FPC) is affected by OpenSLP vulnerability (CVE-2017-17833)
2019-01-31 02:40:01
Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerability in OpenSLP (CVE-2017-17833)
2023-04-14 14:32:25
Security Bulletin: A vulnerability in OpenSLP affects PowerKVM
2018-12-17 14:25:02
centos
centos
openslp security update
2018-08-09 15:08:57
openslp security update
2018-07-25 16:10:16
openslp security update
2020-01-28 21:23:29
prion
prion
Remote code execution
2018-04-23 18:29:00
Heap overflow
2019-12-06 16:15:00
fedora
fedora
[SECURITY] Fedora 28 Update: openslp-2.0.0-18.fc28
2018-07-19 18:06:13
[SECURITY] Fedora 30 Update: openslp-2.0.0-22.fc30
2019-12-18 15:17:11
[SECURITY] Fedora 31 Update: openslp-2.0.0-23.fc31
2019-12-18 01:55:51
cve
cve
lenovo
lenovo
OpenSLP Heap Memory Corruption - Lenovo Support US
2019-01-12 21:23:09
OpenSLP Heap Memory Corruption - US
2018-04-26 15:03:00
oraclelinux
oraclelinux
openslp security update
2018-07-31 00:00:00
openslp security update
2018-07-23 00:00:00
openslp security update
2020-01-22 00:00:00
f5
f5
K13314257 : slpd vulnerability CVE-2017-17833
2018-09-26 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 09:24:30
Remote Code Execution (RCE)
2019-12-17 00:16:18
suse
suse
Security update for openslp (important)
2018-07-14 03:08:08
Security update for openslp (important)
2018-09-24 12:11:41
redhatcve
redhatcve
ubuntucve
ubuntucve
CVE-2017-17833
2018-04-23 00:00:00
CVE-2019-5544
2019-12-06 00:00:00
redhat
redhat
(RHSA-2018:2308) Important: openslp security update
2018-07-31 17:16:30
(RHSA-2018:2240) Important: openslp security update
2018-07-23 13:12:36
(RHSA-2019:4240) Critical: openslp security update
2019-12-16 09:01:28
amazon
amazon
Important: openslp
2018-08-21 17:11:00
Critical: openslp
2019-12-16 18:45:00
debian
debian
[SECURITY] [DLA 1364-1] openslp-dfsg security update
2018-04-25 20:20:59
mageia
mageia
Updated openslp packages fix security vulnerability
2018-08-18 01:27:23
Updated openslp packages fix security vulnerability
2020-02-09 22:13:40
cbl_mariner
cbl_mariner
CVE-2019-5544 affecting package openslp 2.0.0-26
2024-04-03 00:40:51
CVE-2019-5544 affecting package openslp 2.0.0-25
2022-12-09 01:51:00
cisa_kev
cisa_kev
vmware
vmware
attackerkb
attackerkb
CVE-2019-5544 — ESXi OpenSLP remote code execution vulnerability
2019-12-06 00:00:00
CVE-2020-3992 — ESXi OpenSLP remote code execution vulnerability
2020-10-20 00:00:00
ubuntu
ubuntu
OpenSLP vulnerability
2021-04-19 00:00:00
OpenSLP vulnerabilities
2018-07-09 00:00:00
symantec
symantec
OpenSLP CVE-2019-5544 Heap Memory Corruption Vulnerability
2019-12-06 00:00:00
checkpoint_advisories
checkpoint_advisories
VMWare OpenSLP Heap Buffer Overflow (CVE-2019-5544; CVE-2021-21974)
2020-02-26 00:00:00
rapid7blog
rapid7blog
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Vmware Horizon Daas
2020-12-01 13:49:26
Exploit for Out-of-bounds Write in Vmware Horizon Daas
2021-02-04 15:15:22
qualysblog
qualysblog
DarkSide Ransomware
2021-06-09 15:00:00
securelist
securelist
Cyberthreats to financial organizations in 2022
2021-11-23 10:00:13
IT threat evolution Q1 2021
2021-05-31 10:00:37
Related for DEBIAN:DLA-2025-1:D045E