[3.3] libotr: Integer overflow when receiving messages bigger than 4GB (CVE-2016-2851)
Versions 4.1.0 and earlier of libotr in 64-bit builds contain an
integer
overflow security flaw. This flaw could potentially be exploited by a
remote attacker to cause a heap buffer overflow and subsequently for
arbitrary code to be executed on the user’s machine.
Upgrade to libotr 4.1.1
References:
https://lists.cypherpunks.ca/pipermail/otr-users/2016-March/002581.html
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2016-2851
(from redmine: issue id 5256, created on 2016-03-10, closed on 2016-06-15)
- Relations:
- parent #5255 (closed)
- Changesets:
- Revision 6a1dcabc on 2016-03-11T14:15:39Z:
main/libotr: upgrade version to 4.1.1 due to CVE-2016-2851
fixes #5256
(cherry picked from commit 719fd59bc6e33da1a3fb549e6c4fa24848c34e91)