Hi,

I made an official version which includes the fix.
http://ftp.gnu.org/gnu/osip/libosip2-5.3.1.tar.gz

Best Regards,
Aymeric

Le mer. 12 oct. 2022 à 17:39, Salvatore Bonaccorso <car...@debian.org> a
écrit :

> Source: libosip2
> Version: 5.3.0-2
> Severity: important
> Tags: security upstream
> Forwarded: https://savannah.gnu.org/bugs/?63103
> X-Debbugs-Cc: car...@debian.org, Debian Security Team <
> t...@security.debian.org>
>
> Hi,
>
> The following vulnerability was published for libosip2.
>
> CVE-2022-41550[0]:
> | GNU oSIP v5.3.0 was discovered to contain an integer overflow via the
> | component osip_body_parse_header.
>
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2022-41550
>     https://www.cve.org/CVERecord?id=CVE-2022-41550
> [1] https://savannah.gnu.org/bugs/?63103
>
> Please adjust the affected versions in the BTS as needed.
>
> Regards,
> Salvatore
>
>

-- 
Antisip - http://www.antisip.com

Reply via email to