Updated erlang packages fix security vulnerabilitiesPublication date: 26 Dec 2014
Affected Mageia releases : 4
Updated erlang packages fixes security vulnerability: An FTP command injection flaw was found in Erlang's FTP module. Several functions in the FTP module do not properly sanitize the input before passing it into a control socket. A local attacker can use this flaw to execute arbitrary FTP commands on a system that uses this module (CVE-2014-1693). This update also disables SSLv3 by default to mitigate the POODLE issue.