SUSE-SU-2016:0343-1

See a problem?
Please try reporting it to the source first.

Source

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2016:0343-1

Related

Published

2016-02-05T09:11:34Z

Modified

2016-02-05T09:11:34Z

Summary

Security update for socat

Details

This update for socat fixes the following issues:

CVE-2013-3571: Fix a file descriptor leak that could have been misused for a denial of service attack against socat running in server mode (bsc#821985)
CVE-2014-0019: PROXY-CONNECT address was vulnerable to a stack buffer overflow (bsc#860991)
Fix a stack overflow in the parser that could have been leveraged to execute arbitrary code (bsc#964844)

References

Affected packages

Name: socat
Purl: purl:rpm/suse/socat&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.7.0.0-1.18.2

{
    "binaries": [
        {
            "socat": "1.7.0.0-1.18.2"
        }
    ]
}

Name: socat
Purl: purl:rpm/suse/socat&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.7.0.0-1.18.2

{
    "binaries": [
        {
            "socat": "1.7.0.0-1.18.2"
        }
    ]
}

Name: socat
Purl: purl:rpm/suse/socat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.7.0.0-1.18.2

{
    "binaries": [
        {
            "socat": "1.7.0.0-1.18.2"
        }
    ]
}