Advisories ยป MGASA-2017-0380

Updated db48 and db53 packages fix security vulnerability

Publication date: 19 Oct 2017
Modification date: 19 Oct 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-10140

Description

It was found that Berkeley DB reads the DB_CONFIG configuration file from the
current working directory by default. This happens when calling db_create()
with dbenv=NULL; or using the dbm_open() function (CVE-2017-10140).
                

References

SRPMS

5/core

6/core