Advisories » MGASA-2018-0485

Updated netty & jctools packages fix security vulnerability

Publication date: 20 Dec 2018
Modification date: 20 Dec 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2016-4970

Description

handler/ssl/OpenSslEngine.java in Netty before 4.0.37.Final allows remote
attackers to cause a denial of service (infinite loop) (CVE-2016-4970).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23974
• https://nvd.nist.gov/vuln/detail/CVE-2016-4970
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4970

SRPMS

6/core

• netty-4.0.42-1.mga6
• jctools-1.2.1-1.mga6