User: Password:
|
|
Subscribe / Log in / New account

Mageia alert MGASA-2014-0244 (mono)

From:  Mageia Updates <buildsystem-daemon@mageia.org>
To:  updates-announce@ml.mageia.org
Subject:  [updates-announce] MGASA-2014-0244: Updated mono packages fix security vulnerability
Date:  Thu, 29 May 2014 09:07:50 +0200
Message-ID:  <20140529070750.6A0905C7B3@valstar.mageia.org>

MGASA-2014-0244 - Updated mono packages fix security vulnerability Publication date: 29 May 2014 URL: http://advisories.mageia.org/MGASA-2014-0244.html Type: security Affected Mageia releases: 3 CVE: CVE-2012-3543 Description: Mono 2.10.9 does not properly randomize hash functions for form posts to protect against hash collision attacks. A remote attacker could send specially crafted parameters, possibly resulting in a Denial of Service condition (CVE-2012-3543). References: - https://bugs.mageia.org/show_bug.cgi?id=13413 - http://www.gentoo.org/security/en/glsa/glsa-201405-16.xml - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543 SRPMS: - 3/core/mono-2.10.9-4.1.mga3


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds