Updated cxxtols package fixes security issue
Publication date: 16 Feb 2014Modification date: 16 Feb 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2013-7298
Description
A flaw in cxxtools version 2.2 allows remote attackers to cause a denial of service (infinite recursion and crash) via an HTTP query that contains %% (double percent) characters (CVE-2013-7298). This update fixes the vulnerability.
References
SRPMS
4/core
- cxxtools-2.2-2.1.mga4