Mailinglist Archive: opensuse-updates (46 mails)

< Previous Next >
openSUSE-SU-2014:0951-1: moderate: memcached: Update fixes fixe security issues
openSUSE Security Update: memcached: Update fixes fixe security issues

Announcement ID: openSUSE-SU-2014:0951-1
Rating: moderate
References: #798458 #817781 #857188 #858676 #858677
Cross-References: CVE-2011-4971 CVE-2013-0179 CVE-2013-7239
CVE-2013-7290 CVE-2013-7291
Affected Products:
openSUSE 11.4

An update that fixes 5 vulnerabilities is now available.


memcached was updated to version 1.4.20 to fix five security issues.

These security issues were fixed:

- DoS when printing out keys to be deleted in verbose mode
- Remote DoS (crash) via a request that triggers "unbounded key print"
- Remote DoS (segmentation fault) via a request to delete a key
- SASL authentication allows wrong credentials to access memcache
- Remote DoS (CVE-2011-4971)

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch 2014-

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE 11.4 (i586 x86_64):



< Previous Next >
This Thread
  • No further messages