Mehrere Probleme in libmicrodns
ID: | 202005-10 |
Distribution: | Gentoo |
Plattformen: | Keine Angabe |
Datum: | Fr, 15. Mai 2020, 07:18 |
Referenzen: | https://nvd.nist.gov/vuln/detail/CVE-2020-6071
https://nvd.nist.gov/vuln/detail/CVE-2020-6078 https://www.videolan.org/security/sb-vlc309.html https://nvd.nist.gov/vuln/detail/CVE-2020-6080 https://nvd.nist.gov/vuln/detail/CVE-2020-6077 https://nvd.nist.gov/vuln/detail/CVE-2020-6073 https://nvd.nist.gov/vuln/detail/CVE-2020-6079 https://nvd.nist.gov/vuln/detail/CVE-2020-6072 |
Applikationen: | libmicrodns |
Originalnachricht |
|
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --xRN5yXCilV4OZ6fIGi0EeJfVXV651LDCm Content-Type: multipart/mixed; boundary="rYNHMPfnflHtUjq1jGP8feo4j8QEFupZ5" --rYNHMPfnflHtUjq1jGP8feo4j8QEFupZ5 Content-Type: text/plain; charset=utf-8 Content-Language: en-U Content-Transfer-Encoding: quoted-printable - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202005-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libmicrodns: Multiple vulnerabilities Date: May 14, 2020 Bugs: #714606 ID: 202005-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in libmicrodns, the worst of which could result in the arbitrary execution of code. Background ========== libmicrodns is an mDNS library, focused on being simple and cross-platform. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/libmicrodns < 0.1.2 >= 0.1.2 Description =========== Multiple vulnerabilities have been discovered in libmicrodns. Please review the CVE identifiers and the upstream advisory referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All libmicrodns users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/libmicrodns-0.1.2" References ========== [ 1 ] CVE-2020-6071 https://nvd.nist.gov/vuln/detail/CVE-2020-6071 [ 2 ] CVE-2020-6072 https://nvd.nist.gov/vuln/detail/CVE-2020-6072 [ 3 ] CVE-2020-6073 https://nvd.nist.gov/vuln/detail/CVE-2020-6073 [ 4 ] CVE-2020-6077 https://nvd.nist.gov/vuln/detail/CVE-2020-6077 [ 5 ] CVE-2020-6078 https://nvd.nist.gov/vuln/detail/CVE-2020-6078 [ 6 ] CVE-2020-6079 https://nvd.nist.gov/vuln/detail/CVE-2020-6079 [ 7 ] CVE-2020-6080 https://nvd.nist.gov/vuln/detail/CVE-2020-6080 [ 8 ] VideoLAN-SB-VLC-309 https://www.videolan.org/security/sb-vlc309.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202005-10 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 --rYNHMPfnflHtUjq1jGP8feo4j8QEFupZ5-- --xRN5yXCilV4OZ6fIGi0EeJfVXV651LDCm Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQGTBAEBCgB9FiEEExKRzo+LDXJgXHuURObr3Jv2BVkFAl69xKNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDEz MTI5MUNFOEY4QjBENzI2MDVDN0I5NDQ0RTZFQkRDOUJGNjA1NTkACgkQRObr3Jv2 BVla6Af+JP6NW1WD8Hq4MZ0ZgCAViOjdEunfLJazOSdnd6Gt8EPMVaDm23tj1phS cVspACCs8ZYR9WNS2pqIwdPP2RmTd7ObuvDLyvZqM8w/tWARbZ1n3rcdPCwW5dbu jwBST8kpDHCagvRYpJqxnW+5/HI16k+LC3byFcxoBCu2W0DaJXHraQBqccW/+P5j rofRN+PeKKsZ2NHMg78l9SXDQKRfeMnXjNtr2jkp7K0yHy8VBbDQ8N9LQ7TAILhk 5klZFJDsdJHz0ous6DrCIrdLIGlHA25nmW2j9T97i/J7WZQ4GJEg9HSS7iDaat75 5+TNNSJOxU2I5ZNxzbSzZLPQEUyHnA== =e0Up -----END PGP SIGNATURE----- --xRN5yXCilV4OZ6fIGi0EeJfVXV651LDCm-- |