Advisories ยป MGASA-2014-0203

Updated couchdb packages fix CVE-2014-2668

Publication date: 03 May 2014
Modification date: 03 May 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-2668

Description

Updated couchdb packages fix security vulnerability:

Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial
of service (CPU and memory consumption) via the count parameter to /_uuids
(CVE-2014-2668).
                

References

SRPMS

4/core

3/core