| Revision Date: | 2018-03-22 | Version: | 1 |
| Title: | Security update for memcached (Important) |
| Description: |
This update for memcached fixes the following issues:
Security issues fixed:
- CVE-2011-4971: remote DoS (bsc#817781). - CVE-2013-0179: DoS when printing out keys to be deleted in verbose mode (bsc#798458). - CVE-2013-7239: SASL authentication allows wrong credentials to access memcache (bsc#857188). - CVE-2013-7290: remote DoS (segmentation fault) via a request to delete a key (bsc#858677). - CVE-2013-7291: remote DoS (crash) via a request that triggers 'unbounded key print' (bsc#858676). - CVE-2016-8704: Server append/prepend remote code execution (bsc#1007871). - CVE-2016-8705: Server update remote code execution (bsc#1007870). - CVE-2016-8706: Server ASL authentication remote code execution (bsc#1007869). - CVE-2017-9951: Heap-based buffer over-read in try_read_command function (incomplete fix for CVE-2016-8705) (bsc#1056865).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1007869
1007870
1007871
1056865
798458
817781
857188
858676
858677
CVE-2011-4971
CVE-2013-0179
CVE-2013-7239
CVE-2013-7290
CVE-2013-7291
CVE-2016-8704
CVE-2016-8705
CVE-2016-8706
CVE-2017-9951
SUSE-SU-2018:0778-1
|
| Platform(s): | SUSE OpenStack Cloud 7
| Product(s): | |
| Definition Synopsis |
| SUSE OpenStack Cloud 7 is installed AND memcached-1.4.39-3.3.2 is installed
|