Advisories ยป MGASA-2014-0437

Updated konversation package fixes security vulnerability

Publication date: 29 Oct 2014
Modification date: 29 Oct 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-8483

Description

Due to and out-of-bounds read issue in Konversation in The ECB Blowfish
decryption function, a malicious client can cause either denial of service or
disclosure of information from process memory by using an improperly formed
message (CVE-2014-8483).
                

References

SRPMS

3/core

4/core