Mageia Advisory: MGASA-2017-0095 - Updated deluge packages fix security vulnerability

Updated deluge packages fix security vulnerability

Publication date: 31 Mar 2017
Modification date: 31 Mar 2017
Type: security
Affected Mageia releases : 5

Description

Updated deluge package fixes a CSRF (Cross-site request forgery)
vulnerability using upstream patch. Cross-Site Request Forgery (CSRF) is
an attack that forces an end user to execute unwanted actions on a web
application in which they're currently authenticated. CSRF attacks
specifically target state-changing requests, not theft of data, since the
attacker has no way to see the response to the forged request.[*]

References

https://bugs.mageia.org/show_bug.cgi?id=20475
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
https://bugzilla.redhat.com/show_bug.cgi?id=1429449

SRPMS

5/core

deluge-1.3.11-1.1.mga5

Advisories » MGASA-2017-0095

Updated deluge packages fix security vulnerability

Description

References

SRPMS

5/core