[SECURITY] [DLA 1329-1] memcached security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1329-1] memcached security update
From: Antoine Beaupré <anarcat@debian.org>
Date: Thu, 29 Mar 2018 17:48:25 -0400
Message-id: <[🔎] 20180329214825.dspxgundlzskvjnd@curie.anarc.at>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

Package        : memcached
Version        : 1.4.13-0.2+deb7u4
CVE ID         : CVE-2018-1000127
Debian Bug     : #894404

memcached version prior to 1.4.37 contains an Integer Overflow
vulnerability that can result in data corruption and deadlocks. This
attack is exploitable via network connectivity to the memcached
service.

For Debian 7 "Wheezy", these problems have been fixed in version
1.4.13-0.2+deb7u4.

We recommend that you upgrade your memcached packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: [SECURITY] [DLA 1326-1] php5 security update
Next by Date: [SECURITY] [DLA 1328-1] xerces-c security update
Previous by thread: [SECURITY] [DLA 1326-1] php5 security update
Next by thread: [SECURITY] [DLA 1328-1] xerces-c security update
Index(es):
- Date
- Thread