SUSE-SU-2018:0839-1

Details

This update for memcached fixes the following issues:

CVE-2017-9951: Fixed heap-based buffer over-read in try_read_command function which allowed remote attackers to cause a denial of service attack (bsc#1056865).

Affected Packages

memcached

SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server 12 SP3SUSE Linux Enterprise Server for Raspberry Pi 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP2SUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

1.4.39-4.3.1

memcached-devel

SUSE Linux Enterprise Software Development Kit 12 SP2

Fixed in:

1.4.39-4.3.1

References

REPORT

https://bugzilla.suse.com/1056865

WEB

https://www.suse.com/security/cve/CVE-2017-9951

ADVISORY

https://www.suse.com/support/update/announcement/2018/suse-su-20180839-1/