You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa Memcached

Sigurnosni nedostatak programskog paketa Memcached

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3963-1
May 01, 2019

memcached vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04
– Ubuntu 18.10
– Ubuntu 18.04 LTS

Summary:

Memcached could be made to crash if it received specially crafted network
traffic.

Software Description:
– memcached: high-performance memory object caching system

Details:

It was discovered that Memcached incorrectly handled certain lru command
messages. A remote attacker could possibly use this issue to cause
Memcached to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
memcached 1.5.10-0ubuntu1.19.04.1

Ubuntu 18.10:
memcached 1.5.10-0ubuntu1.18.10.1

Ubuntu 18.04 LTS:
memcached 1.5.6-0ubuntu1.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3963-1
CVE-2019-11596

Package Information:
https://launchpad.net/ubuntu/+source/memcached/1.5.10-0ubuntu1.19.04.1
https://launchpad.net/ubuntu/+source/memcached/1.5.10-0ubuntu1.18.10.1
https://launchpad.net/ubuntu/+source/memcached/1.5.6-0ubuntu1.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlzJomkACgkQZWnYVadE
vpNEvxAAgjwMBFVyLxSYlWwa3Jorpj6910KWdbCVpUrGn43FhTQZpQNVatKKAMXM
ev+7xXOtBrZmxtEqwPWMTVfaDpD06UhBnJQfIcRX6+zmjNqdMIw637MkFEMhc+YU
snzTkTQkH04TOnocXp7Wh7ILeAZy/eULCmH9ohdc2YhP9i+wdt6HAi0S6vxYUmZ+
u+AhlEadahdWRotCOd9SFUGHXeHSox7GgXnkd2r4rhu5hP5O7JmiP3uQO6SKTV3x
1dA/ywcvNPfRYhtGkCxkOABEZU+G6wHW2va2x8OLMz1zb/NtOk69vTUqQ0f9ubz+
U1nlrc+Tu0liBZCp2RDVEVMAGnyBreBEczoR92JX7YELw9gKWjL1JHCL8tNknAAt
I/CzWbwOArgS+/nkB1U2bMQNHWdxDRmt5EK6wY5rHAW3vqDqHfZ80vpJbRAk8Rui
tUo7hm4tozvA14tPHl+sNvvvF8TWzp1efd3TDFu7+RbbOAhp/KPpOYif+MS4fcKZ
lOeZFdYCbTiKVpWOXiZzrtlTwMcrBv++5GWj1MuBjvMMTHgojZsbXEcb4HheUpIO
8rj+VuFxcauTq9TEHRf8vpHdl2FbimZtf0RR+CMqSGoVyBEvQ+vrUmeO2kSwtD7U
a+a/Z/WqZaDV00Iubbw+GmhRxicQvCjUTtUSZWExBXUaxz3VNPY=
=mjkn
—–END PGP SIGNATURE—–

AutorJosip Papratovic
Cert idNCERT-REF-2019-05-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libmediainfo

Otkriven je sigurnosni nedostatak programske biblioteke libmediainfo za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje...

Close