Updated mono packages fix security vulnerabilities
Publication date: 15 Apr 2015Modification date: 15 Apr 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-2318 , CVE-2015-2319 , CVE-2015-2320
Description
A TLS impersonation attack was discovered in Mono's TLS stack by researchers at Inria (CVE-2015-2318). During checks on the TLS stack, they have discovered two further issues which have been fixed, a vulnerability to a protocol downgrade attack (CVE-2015-2319) and SSLv2 support still being available (CVE-2013-2320).
References
SRPMS
4/core
- mono-3.2.3-5.2.mga4