Scientific Linux Security Update : libsoup on SL4.x, SL5.x i386/x86_64
High Nessus Plugin ID 60547
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionAn integer overflow flaw which caused a heap-based buffer overflow was discovered in libsoup's Base64 encoding routine. An attacker could use this flaw to crash, or, possibly, execute arbitrary code. This arbitrary code would execute with the privileges of the application using libsoup's Base64 routine to encode large, untrusted inputs.
All running applications using the affected library function (such as Evolution configured to connect to the GroupWise back-end) must be restarted for the update to take effect.
SolutionUpdate the affected packages.