/[advisories]/24579.adv
ViewVC logotype

Contents of /24579.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 8518 - (show annotations) (download)
Sun May 12 08:59:36 2019 UTC (4 years, 10 months ago) by tmb
File size: 811 byte(s)
MGASA-2019-0157: cronie-1.5.4-1.mga6
1 type: security
2 subject: Updated cronie packages fix security vulnerabilities
3 CVE:
4 - CVE-2019-9704
5 - CVE-2019-9705
6 src:
7 6:
8 core:
9 - cronie-1.5.4-1.mga6
10 description: |
11 Updated cronie packages fix security vulnerabilities:
12
13 Cronie before 1.5.3 allows local users to cause a denial of service
14 (daemon crash) via a large crontab file because the calloc return value
15 is not checked (CVE-2019-9704).
16
17 Cronie before 1.5.3 allows local users to cause a denial of service
18 (memory consumption) via a large crontab file because an unlimited number
19 of lines is accepted (CVE-2019-9705).
20 references:
21 - https://bugs.mageia.org/show_bug.cgi?id=24579
22 - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6DU7HAUAQR4E4AEBPYLUV6FZ4PHKH6A2/
23 ID: MGASA-2019-0157

  ViewVC Help
Powered by ViewVC 1.1.30