|
|
Log in / Subscribe / Register

Scientific Linux alert SLSA-2016:2820-1 (memcached)



From:
    	      Pat Riehecky <riehecky@fnal.gov> 


To:
    	      <scientific-linux-errata@listserv.fnal.gov> 


Subject:
    	      Security ERRATA Important: memcached on SL6.x i386/x86_64 


Date:
    	      Wed, 23 Nov 2016 14:48:28 +0000


Message-ID:
    	      <20161123144828.31596.93954@slpackages.fnal.gov>


Synopsis:          Important: memcached security update
Advisory ID:       SLSA-2016:2820-1
Issue Date:        2016-11-23
CVE Numbers:       CVE-2016-8704
                   CVE-2016-8705
--

Security Fix(es):

* Two integer overflow flaws, leading to heap-based buffer overflows, were
found in the memcached binary protocol. An attacker could create a
specially crafted message that would cause the memcached server to crash
or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705)
--

SL6
  x86_64
    memcached-1.4.4-3.el6_8.1.x86_64.rpm
    memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm
    memcached-debuginfo-1.4.4-3.el6_8.1.x86_64.rpm
    memcached-devel-1.4.4-3.el6_8.1.i686.rpm
    memcached-devel-1.4.4-3.el6_8.1.x86_64.rpm
  i386
    memcached-1.4.4-3.el6_8.1.i686.rpm
    memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm
    memcached-devel-1.4.4-3.el6_8.1.i686.rpm

- Scientific Linux Development Team
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds