{"id":"MGASA-2016-0026","summary":"Updated encfs packages fix security vulnerability","details":"A local attacker can utilize a possible buffer overflow in the encodeName\nmethod of StreamNameIO and BlockNameIO to execute arbitrary code or cause\na Denial of Service. Also multiple weak cryptographics practices have been\nfound in encfs (CVE-2014-3462)\n","modified":"2026-01-31T07:15:33.037866Z","published":"2016-01-20T17:53:26Z","related":["CVE-2014-3462"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0026.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17424"},{"type":"REPORT","url":"https://security.gentoo.org/glsa/201512-09"}],"affected":[{"package":{"name":"encfs","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/encfs?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.5-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0026.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}