Red Hat Bugzilla – Bug 1316640
Please update to 4.1.1 to fix an security bug.
Last modified: 2016-03-11 07:13:52 EST
Description of problem:
Security update: libotr version 4.1.1
Versions 4.1.0 and earlier of libotr in 64-bit builds contain an integer overflow security flaw. This flaw could potentially be exploited by a remote attacker to cause a heap buffer overflow and subsequently for arbitrary code to be executed on the user's machine.
CVE-2016-2851 has been assigned to this issue.
Please upgrade to libotr version 4.1.1 immediately.
Users of libotr packages in Linux and *BSD distributions should see updated packages shortly.
This security release includes the following updates:
Fix an integer overflow bug that can cause a heap buffer overflow (and from there remote code execution) on 64-bit platforms
Fix possible free() of an uninitialized pointer
Be stricter about parsing v3 fragments
Add a testsuite ("make check" to run it), but only on Linux for now, since it uses Linux-specific features such as epoll
Fix a memory leak when reading a malformed instance tag file
Protocol documentation clarifications
Version-Release number of selected component (if applicable):
All packages were already pushed before this email was created :)
*** This bug has been marked as a duplicate of bug 1315247 ***