Updated db53 packages fix a security vulnerability
Publication date: 29 Jan 2021Modification date: 29 Jan 2021
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-2708
Description
Vulnerability in the Data Store component of Oracle Berkeley DB. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data Store (CVE-2019-2708).
References
- https://bugs.mageia.org/show_bug.cgi?id=27960
- http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OQFKX6NKU2DCW5CTCHQSOJJDFVRVTPO6/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2708
SRPMS
7/core
- db53-5.3.28-17.1.mga7