Описание
Security update for memcached
This update for memcached fixes the following security issues:
- CVE-2016-8704: Server append/prepend remote code execution (boo#1007871)
- CVE-2016-8705: Server update remote code execution (boo#1007870)
- CVE-2016-8706: Server ASL authentication remote code execution (boo#1007869)
In addition, memcached was updated to 1.4.33 to include all upstream improvements and bugfixes.
Список пакетов
openSUSE Leap 42.2
Ссылки
- E-Mail link for openSUSE-SU-2016:2839-1
- SUSE Security Ratings
Описание
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Затронутые продукты
Ссылки
- CVE-2016-8704
- SUSE Bug 1007719
- SUSE Bug 1007866
- SUSE Bug 1007871
Описание
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Затронутые продукты
Ссылки
- CVE-2016-8705
- SUSE Bug 1007866
- SUSE Bug 1007870
- SUSE Bug 1056865
Описание
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Затронутые продукты
Ссылки
- CVE-2016-8706
- SUSE Bug 1007866
- SUSE Bug 1007869