Updated fcgi packages fix CVE-2012-6687Publication date: 03 May 2015
Affected Mageia releases : 4
Updated fcgi packages fix security vulnerability: FCGI does not perform range checks for file descriptors before use of the FD_SET macro. This FD_SET macro could allow for more than 1024 total file descriptors to be monitored in the closing state. This may allow remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening many socket connections to the host and crashing the service (CVE-2012-6687).