Advisories ยป MGASA-2014-0109

Updated apache-commons-fileupload package fixes CVE-2014-0050

Publication date: 28 Feb 2014
Modification date: 28 Feb 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-0050

Description

Updated apache-commons-fileupload packages fix security vulnerability:

It was discovered that the Apache Commons FileUpload package for Java could
enter an infinite loop while processing a multipart request with a crafted
Content-Type, resulting in a denial-of-service condition (CVE-2014-0050).
                

References

SRPMS

4/core

3/core