Mailinglist Archive: opensuse-bugs (3349 mails)

< Previous Next >
[Bug 978170] VUL-0: CVE-2016-4478: atheme: security fixes
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Tue, 03 May 2016 08:13:07 +0000
  • Message-id: <>

--- Comment #2 from Sebastian Krahmer <krahmer@xxxxxxxx> ---
Multiple security issues were found in Atheme, an IRC services package

Description: A remote attacker could change Atheme's behavior by
registering/dropping certain accounts/nicks.

Use CVE-2014-9773. We don't completely understand issues/397. We think
"This is rejected for Atheme, please consider reporting it to a
downstream fork instead" means that the vulnerability report was
originally rejected, but that decision was reconsidered many months

Description: Under certain circumstances, a remote attacker could cause
denial of service due to a buffer overflow in the XMLRPC response
encoding code.

Use CVE-2016-4478.

You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >