Debian Security Advisory
DLA-137-1 libevent -- LTS security update
- Date Reported:
- 26 Jan 2015
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 774645.
In Mitre's CVE dictionary: CVE-2014-6272.
- More information:
The libevent library was vulnerable to a potential heap overflow in the buffer/bufferevent APIs.
For Debian 6
Squeeze, these issues have been fixed in libevent version 1.4.13-stable-1+deb6u1
This update was prepared by Nguyen Cong who used the upstream-provided patch. Thanks to them!