Integer overflow vulnerability occurs when comparing int and size_t variable types triggered by receiving messages larger than 4GB. This can cause buffer overflow that could lead to code execution. Product bug: https://bugzilla.redhat.com/show_bug.cgi?id=1315247
This is now public: https://lists.cypherpunks.ca/pipermail/otr-users/2016-March/002581.html
Created libotr tracking bugs for this issue: Affects: fedora-all [bug 1316261] Affects: epel-all [bug 1316263]
Created libotr3 tracking bugs for this issue: Affects: fedora-all [bug 1316262] Affects: epel-all [bug 1316264]
External references: http://seclists.org/oss-sec/2016/q1/568
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.