Mandriva Linux Security Advisory - A vulnerability was found in the SILC toolkit before version 1.1.5 that allowed a remote attacker to cause a denial of service (crash), or possibly execute arbitrary code via long input data. A vulnerability was found in the SILC toolkit before version 1.1.7 that allowed a remote attacker to execute arbitrary code via a crafted PKCS#2 message. The updated packages have been patched to correct these issues.
a6246e638af0f7a654428976717fba9322b2f95dd97b095178a6710a2f14b6cb
Gentoo Linux Security Advisory GLSA 200804-27 - Nathan G. Grennan reported a boundary error in SILC Toolkit within the silc_fingerprint() function in the file lib/silcutil/silcutil.c when passing overly long data, resulting in a stack-based buffer overflow. Versions less than 1.1.7 are affected.
c557c30f29c0f4d1061cf1d2c155c8d080bd5855a83bc9d1cbe8d1d1f91c09da