Advisories » MGASA-2017-0140

Updated radicale package fixes security vulnerability

Publication date: 19 May 2017
Modification date: 19 May 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-8342

Description

Radicale before 1.1.2 is prone to timing oracles and simple brute-force
attacks when using the htpasswd authentication method (CVE-2017-8342).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=20759
• http://openwall.com/lists/oss-security/2017/04/30/5
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8342

SRPMS

5/core

• radicale-1.1.1-1.2.mga5