(RHSA-2007:0208) Low: w3c-libwww security and bug fix update

2007-05-01T04:00:00
ID RHSA-2007:0208
Type redhat
Reporter RedHat
Modified 2017-09-08T11:56:13

Description

w3c-libwww is a general-purpose web library.

Several buffer overflow flaws in w3c-libwww were found. If a client application that uses w3c-libwww connected to a malicious HTTP server, it could trigger an out of bounds memory access, causing the client application to crash (CVE-2005-3183).

This updated version of w3c-libwww also fixes an issue when computing MD5 sums on a 64 bit machine.

Users of w3c-libwww should upgrade to these updated packages, which contain backported patches to correct these issues.