File _patchinfo of Package patchinfo.4662

<patchinfo incident="4662">
  <issue id="1034574" tracker="bnc">VUL-0: CVE-2016-10324: libosip2: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap bufferoverflow in the osi...</issue>
  <issue id="1034571" tracker="bnc">VUL-0: CVE-2016-10326: libosip2: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap bufferoverflow in the osi...</issue>
  <issue id="1034570" tracker="bnc">VUL-0: CVE-2017-7853: libosip2: In libosip2 in GNU oSIP 5.0.0, a malformed SIP message can lead to a heap bufferoverflow in the msg...</issue>
  <issue id="1034572" tracker="bnc">VUL-0: CVE-2016-10325: libosip2: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap bufferoverflow in the _os...</issue>
  <issue id="2016-10326" tracker="cve" />
  <issue id="2016-10324" tracker="cve" />
  <issue id="2016-10325" tracker="cve" />
  <issue id="2017-7853" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>oertel</packager>
  <description>
This update for libosip2 fixes several issues.

These security issues were fixed:

- CVE-2017-7853: In libosip2  a malformed SIP message could have lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS (bsc#1034570).
- CVE-2016-10326: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS (bsc#1034571).
- CVE-2016-10325: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS (bsc#1034572).
- CVE-2016-10324: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c (bsc#1034574).
</description>
  <summary>Security update for libosip2</summary>
</patchinfo>