Advisories ยป MGASA-2014-0323

Updated apache-mod_wsgi package fixes security vulnerability

Publication date: 08 Aug 2014
Type: security
Affected Mageia releases : 3 , 4

Description

apache-mod_wsgi before 4.2.4 contained an off-by-one error in applying a
limit to the number of supplementary groups allowed for a daemon process
group. The result could be that if more groups than the operating system
allowed were specified to the option supplementary-groups, then memory
corruption or a process crash could occur.
                

References

SRPMS

4/core

3/core