memcached-1.4.4-3.AXS4.1
エラータID: AXSA:2016-960:01
リリース日:
2016/11/28 Monday - 11:01
題名:
memcached-1.4.4-3.AXS4.1
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2016-8704, CVE-2016-8705 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-8704
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
CVE-2016-8705
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
追加情報:
N/A
ダウンロード:
SRPMS
- memcached-1.4.4-3.AXS4.1.src.rpm
MD5: 1b63a0edecfacc5ea348f5a1343ddbec
SHA-256: c455051e777622197fad2f4f7a28b96cb95989bae3cb191aa7ff1f2afd8d6fcd
Size: 300.46 kB
Asianux Server 4 for x86
- memcached-1.4.4-3.AXS4.1.i686.rpm
MD5: db497cf9d8e733a57d890947f3c224b5
SHA-256: 328668c0ade1d42fcac7089f022a34b5f7e8dd25d8c2683da8279f3dec290a07
Size: 66.65 kB
Asianux Server 4 for x86_64
- memcached-1.4.4-3.AXS4.1.x86_64.rpm
MD5: 6f15bde4b48e221f38fad65e9a8c3c53
SHA-256: 5fa114053646f5edb014388bea3ee1ae6a8505ddce88925f29d733f287e91224
Size: 67.28 kB