Mailinglist Archive: opensuse-updates (46 mails)

< Previous Next >
openSUSE-SU-2014:0867-1: moderate: memcached: Update fixes fixe security issues
openSUSE Security Update: memcached: Update fixes fixe security issues

Announcement ID: openSUSE-SU-2014:0867-1
Rating: moderate
References: #798458 #817781 #857188 #858676 #858677
Cross-References: CVE-2011-4971 CVE-2013-0179 CVE-2013-7239
CVE-2013-7290 CVE-2013-7291
Affected Products:
openSUSE 13.1
openSUSE 12.3

An update that fixes 5 vulnerabilities is now available.


memcached was updated to version 1.4.20 to fix five security issues.

These security issues were fixed:

- DoS when printing out keys to be deleted in verbose mode (CVE-2013-0179)
- Remote DoS (crash) via a request that triggers "unbounded key print"
- Remote DoS (segmentation fault) via a request to delete a key
- SASL authentication allows wrong credentials to access memcache
- Remote DoS (CVE-2011-4971)

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2014-454

- openSUSE 12.3:

zypper in -t patch openSUSE-2014-454

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE 13.1 (i586 x86_64):


- openSUSE 12.3 (i586 x86_64):



< Previous Next >
This Thread
  • No further messages