Overview

File _patchinfo of Package patchinfo.2150

<patchinfo incident="2150">
  <issue id="969785" tracker="bnc">VUL-0: EMBARGOED: CVE-2016-2851: libotr,libotr2: Integer overflow vulnerability</issue>
  <issue id="CVE-2016-2851" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>vitezslav_cizek</packager>
  <description>
This update for libotr fixes the following issue:

- Apply "libotr-CVE-2016-2851.patch" to fix integer overflows that
  used to occur on 64-bit architectures when receiving 4GB messages.
  This flaw could potentially have been exploited by an attacker to
  remotely execute arbitrary code on the user's machine
  * (CVE-2016-2851, bsc#969785)
</description>
  <summary>Security update for libotr</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places