Updated libapreq2 packages fix security vulnerability
Publication date: 14 Nov 2019Modification date: 14 Nov 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-12412
Description
Updated libapreq2 packages fix security vulnerability: Max Kellermann reported a NULL pointer dereference flaw in libapreq2, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested "multipart" body is processed (CVE-2019-12412).
References
SRPMS
7/core
- libapreq2-2.130.0-28.1.mga7