From Mageia wiki
MGASA-2012-0156
Date: | July 10th, 2012 |
Affected releases: | 1, 2 |
Description:
Updated openconnect packages fix security vulnerability:
Heap-based buffer overflow in OpenConnect before 3.18 allows remote
servers to cause a denial of service via a crafted greeting banner
(CVE-2012-3291).
Updated Packages:
Mageia 1:
openconnect-3.02-1.1.mga1
openconnect-static-devel-3.02-1.1.mga1
Mageia 2:
openconnect-3.15-2.1.mga2
lib(64)openconnect1-3.15-2.1.mga2
lib(64)openconnect-devel-3.15-2.1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3291
http://www.infradead.org/openconnect/changelog.html
http://www.debian.org/security/2012/dsa-2495
https://bugs.mageia.org/show_bug.cgi?id=6504