Upstream information

CVE-2020-35573 at MITRE

Description

srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in an SRS address.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1180251 [NEW]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
  • postsrsd >= 1.11-bp152.4.3.1
Patchnames:
openSUSE-2021-669
openSUSE Leap 15.2
  • postsrsd >= 1.11-lp152.4.3.1
  • postsrsd-debuginfo >= 1.11-lp152.4.3.1
  • postsrsd-debugsource >= 1.11-lp152.4.3.1
Patchnames:
openSUSE-2021-646