[3.7] gsoap: Stack-based buffer overflow when receieving XML message with size larger than 2GB (CVE-2017-9765)
A buffer overflow can cause an open unsecured server to crash after 2GB
(greater than 2147483711 bytes
to trigger the software bug)) XML message is received.
Fixed In Version:
gsoap 2.8.48
References:
https://www.genivia.com/advisory.html
http://openwall.com/lists/oss-security/2017/07/19/7
(from redmine: issue id 7569, created on 2017-07-20, closed on 2017-08-04)
- Relations:
- parent #7568 (closed)
- Changesets:
- Revision 5ff3c059 by Natanael Copa on 2017-07-24T13:13:37Z:
community/gsoap: security upgrade to 2.8.50 (CVE-2017-9765)
fixes #7569