DSA-1748-1 libsoup -- integer overflow
|ID: oval:org.secpod.oval:def:600350||Date: (C)2011-05-13 (M)2017-11-27|
|Class: PATCH||Family: unix|
It was discovered that libsoup, an HTTP library implementation in C, handles large strings insecurely via its Base64 encoding functions. This could possibly lead to the execution of arbitrary code. For the oldstable distribution , this problem has been fixed in version 2.2.98-2+etch1. The stable distribution is not affected by this issue. The testing distribution and the unstable distribution are not affected by this issue. We recommend that you upgrade your libsoup packages.