RHSA-2015:2237-03 -- Redhat restID: oval:org.secpod.oval:def:501679 | Date: (C)2015-11-25 (M)2023-02-20 |
Class: PATCH | Family: unix |
The rest library was designed to make it easier to access web services that claim to be RESTful. A RESTful service should have URLs that represent remote objects, which methods can then be called on. It was found that the OAuth implementation in librest, a helper library for RESTful services, incorrectly truncated the pointer returned by the rest_proxy_call_get_url call. An attacker could use this flaw to crash an application using the librest library. All users of rest are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, all applications using librest must be restarted for the update to take effect.
Platform: |
Red Hat Enterprise Linux 7 |