A flaw was found in the way GNUstep's gdomap (GNUstep Distributed Objects nameserver) handled logging. A remote attacker could send a crafted request to gdomap that would cause gdomap to abort. This issue affects version 1.24.6 and earlier versions. Upstream bug: https://savannah.gnu.org/bugs/?41751 Upstream patch: http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/Tools/gdomap.c?r1=37756&r2=37755&pathrev=37756 References: http://seclists.org/oss-sec/2014/q2/143
Created gnustep-base tracking bugs for this issue: Affects: fedora-all [bug 1089858] Affects: epel-6 [bug 1089859]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.