-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : gsoap Version : 2.8.7-2+deb7u1 CVE ID : CVE-2017-9765
A vulnerability was discovered in gsoap, a library for the development of SOAP web services and clients, that may be exposed with a large and specific XML message over 2 GB in size. After receiving this 2 GB message, a buffer overflow can cause an open unsecured server to crash. Clients communicating with HTTPS with trusted servers are not affected. For Debian 7 "Wheezy", these problems have been fixed in version 2.8.7-2+deb7u1. We recommend that you upgrade your gsoap packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAll2SDRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTn5RAApK9Yl6Zo6+cZuEVGwh926FvJBoCXNUnziaIx5JB/OJ+9mag/fDVlQPXz Zm4bYCy1v+nnxoEDlUf1mATIc8BR+vwKZlB1D2II8K3Fmetj57Gad8QIMj8x2RLk kqWvJByJ6ztggNTJpeHYDFhY/P12v8HwcETDlBnKzPWqEm0pnRLFyiPZJM/HAFx+ NV8rY0Qz7s2wfaLgU6jpb5Hbh4B4AYHJgpsuJ3okxXAv+gc4S0KAEgdQM6/w4yGU DS7sZMJiwPT7Qv8mFzH112HrSXfI6IXM2nA0IBtb1ySPybWqAzaY9aRtRcvD31uD qrT6LHpzVcHCmqNP8q9hBpCp+VcIZ1zsayQEamdZ3AXRrzR7pfBZeiJQUp7qOW95 MVNTDqhKI+fmuMiJWaZza4Ecn8SJeyRPkkw6NRh+0ByfSLNWxNUrR3IaNJUi8nK+ 3XENZz/EGApAdZYItvqZX0AOdgkl1sfTesyVlxzXUdGFCiLrljxhiXyUGw1pDbVF ExxDnXcxFdnPGA18fzIiaOSJrjT4wZnbdde+tFbDNnQgrjdws/xfRy9l2ttygmVI hknH+qPhLgiTb46uLVPd17TcQbcIVwI2DRgwqlgZhDf+3on8rNzIWaTJhD2Ol/Rw iVKkZCydphEmROyXg9yz4ctH2+8/Gq6yMu6yoHY7gdtEQhjBBVM= =gvoM -----END PGP SIGNATURE-----
