Advisories ยป MGASA-2015-0156

Updated mono packages fix security vulnerabilities

Publication date: 15 Apr 2015
Modification date: 15 Apr 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-2318 , CVE-2015-2319 , CVE-2015-2320

Description

A TLS impersonation attack was discovered in Mono's TLS stack by researchers
at Inria (CVE-2015-2318). During checks on the TLS stack, they have discovered
two further issues which have been fixed, a vulnerability to a protocol
downgrade attack (CVE-2015-2319) and SSLv2 support still being available
(CVE-2013-2320).
                

References

SRPMS

4/core