Advisories » MGASA-2014-0112

Updated zarafa packages fix security vulnerabilities

Publication date: 01 Mar 2014
Modification date: 01 Mar 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-0037 , CVE-2014-0079

Description

Robert Scheck discovered multiple vulnerabilities in Zarafa that could
allow a remote unauthenticated attacker to crash the zarafa-server
daemon, preventing access to any other legitimate Zarafa users
(CVE-2014-0037, CVE-2014-0079).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=12813
• https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128409.html
• http://www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014:044/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0037
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0079

SRPMS

3/core

• zarafa-7.1.8-1.1.mga3

4/core

• zarafa-7.1.8-1.1.mga4