Updated db53 packages fix a security vulnerability
Publication date: 29 Jan 2021Modification date: 29 Jan 2021
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-2708
Description
Vulnerability in the Data Store component of Oracle Berkeley DB. Easily
exploitable vulnerability allows low privileged attacker having Local Logon
privilege with logon to the infrastructure where Data Store executes to
compromise Data Store. Successful attacks of this vulnerability can result in
unauthorized ability to cause a partial denial of service (partial DOS) of Data
Store (CVE-2019-2708).
References
- https://bugs.mageia.org/show_bug.cgi?id=27960
- http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OQFKX6NKU2DCW5CTCHQSOJJDFVRVTPO6/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2708
SRPMS
7/core
- db53-5.3.28-17.1.mga7