Advisories ยป MGASA-2020-0011

Updated cyrus-sasl packages fix security vulnerability

Publication date: 05 Jan 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-XXXX

Description

Updated cyrus-sasl packages fix security vulnerability:

Stephan Zeisberg reported an out-of-bounds write vulnerability in the
_sasl_add_string() function in cyrus-sasl2, a library implementing the
Simple Authentication and Security Layer. A remote attacker can take
advantage of this issue to cause denial-of-service conditions for
applications using the library (CVE-2019-19906).
                

References

SRPMS

7/core