Advisories ยป MGASA-2022-0111

Updated cyrus-sasl packages fix security vulnerability

Publication date: 23 Mar 2022
Modification date: 23 Mar 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-24407

Description

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not
escape the password for a SQL INSERT or UPDATE statement. (CVE-2022-24407)
                

References

SRPMS

8/core