Advisories » MGASA-2013-0339

Updated memcached packages fix CVE-2011-4971

Publication date: 22 Nov 2013
Modification date: 22 Nov 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2011-4971

Description

Updated memcached packages fix security vulnerability:

Memcached is vulnerable to a denial of service as it can be made to crash when
it receives a specially crafted packet over the network (CVE-2011-4971).

The updated packages have been upgraded to the 1.4.15 version and patched to
resolve this flaw.
                

References

• http://www.openwall.com/lists/oss-security/2013/04/30/3
• https://bugzilla.redhat.com/show_bug.cgi?id=957964
• https://bugs.mageia.org/show_bug.cgi?id=9928
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971

SRPMS

2/core

• memcached-1.4.15-1.mga2

3/core

• memcached-1.4.15-1.mga3