SUSE Package Hub - openSUSE-2020-816

Update Info

openSUSE-2020-816

Security update for libntlm

Type: security

Severity: moderate

Issued: 2020-06-13

Description:

This update for libntlm fixes the following issues:

Update to release 1.6:

* CVE-2019-17455: Fixed a buffer overflow in buildSmbNtlmAuth* function.  (boo#1153669)


This update was imported from the openSUSE:Leap:15.1:Update update project.

References

CVE: CVE-2019-17455
Bugzilla: 1153669 VUL-1: CVE-2019-17455: libntml: stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.

Packages

libntlm-1.6-bp151.4.3.1