Advisories » MGASA-2019-0319

Updated freetds packages fix security vulnerability

Publication date: 07 Nov 2019
Modification date: 07 Nov 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-13508

Description

Updated freetds packages fix security vulnerability:

Felix Wilhelm discovered that FreeTDS incorrectly handled certain types
after a protocol downgrade. A remote attacker could use this issue to
cause FreeTDS to crash, resulting in a denial of service, or possibly
execute arbitrary code (CVE-2019-13508).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25653
• https://usn.ubuntu.com/4173-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13508

SRPMS

7/core

• freetds-1.00.83-2.1.mga7