CVE-2017-17833

Published: 23 April 2018

OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
openslp-dfsg
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 ESM (Xenial Xerus)
Released (1.2.1-11ubuntu0.16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.2.1-9ubuntu0.3)
Patches:
Upstream: https://sourceforge.net/p/openslp/mercurial/ci/151f07745901cbdba6e00e4889561b4083250da1/