Upstream information

CVE-2016-4478 at MITRE

Description

Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding.

SUSE information

SUSE Bugzilla entry: 978170 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE Tumbleweed
  • atheme >= 7.2.7-1.1
  • atheme-devel >= 7.2.7-1.1
  • libathemecore1 >= 7.2.7-1.1
Patchnames:
openSUSE Tumbleweed GA atheme-7.2.7-1.1