Updated apache-mod_wsgi package fixes security vulnerability
Publication date: 05 Dec 2014Modification date: 05 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8583
Description
It was discovered that mod_wsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode (CVE-2014-8583).
References
SRPMS
4/core
- apache-mod_wsgi-3.5-1.2.mga4