Advisories » MGASA-2015-0375

Updated ganglia-web packages fix CVE-2015-6816

Publication date: 17 Sep 2015
Modification date: 17 Sep 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-6816

Description

An issue with the use of unserialize() in ganglia-web allows
authentication  to be bypassed (CVE-2015-6816).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=16715
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6816
• http://openwall.com/lists/oss-security/2015/09/05/6
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6816

SRPMS

4/core

• ganglia-web-3.5.10-3.1.mga4

5/core

• ganglia-web-3.6.2-4.2.mga5