duplicate port description, system name, or system description TLV
and trigger a memory leak. The vulnerability does not allow
arbitrary code execution. This bug is present since the initial
- release. It has been fixed in commit [a8d3c90f][] and in version
- 1.0.8.
+ release. It has been fixed in commits [a8d3c90f][] (1.0.8), and
+ [7d60bf30][] (1.0.9)
* [CVE-2015-8011][]: buffer overflow when handling management address
TLV for LLDP. When a remote device was advertising a too large
[dd4f16e7]: https://github.com/lldpd/lldpd/commit/dd4f16e7e816f2165fba76e3d162cd8d2978dcb2
[793526f8]: https://github.com/lldpd/lldpd/commit/793526f8884455f43daecd0a2c46772388417a00
[a8d3c90f]: https://github.com/lldpd/lldpd/commit/a8d3c90feca548fc0656d95b5d278713db86ff61
+[7d60bf30]: https://github.com/lldpd/lldpd/commit/7d60bf30effc4c88f17f3d58ecaa72479f16d4be
{# Local Variables: #}
{# mode: markdown #}