Updated libmms packages fix security vulnerability: The libmms library before 0.6.4 is vulnerable to a buffer overflow in get_answer() in src/mmsh.c. It may be triggered via an overly long line of a MMSH (MMS over HTTP) server response, effectively overflowing the buffer which has a static size (CVE-2014-2892).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | libmms | < 0.6.2-3.1 | libmms-0.6.2-3.1.mga3 |
Mageia | 4 | noarch | libmms | < 0.6.2-4.1 | libmms-0.6.2-4.1.mga4 |