UbuntuUpdates.org

Package "memcached"

Name: memcached

Description:

High-performance in-memory object caching system

Latest version: 1.6.14-1ubuntu0.1
Release: jammy (22.04)
Level: security
Repository: main
Homepage: https://memcached.org/

Links


Download "memcached"


Other versions of "memcached" in Jammy

Repository Area Version
base main 1.6.14-1
updates main 1.6.14-1ubuntu0.1

Changelog

Version: 1.6.14-1ubuntu0.1 2023-11-13 17:07:00 UTC

  memcached (1.6.14-1ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: buffer overflow via multiget requests in proxy mode
    - debian/patches/CVE-2023-46852.patch: fix buffer overflow with
      multiget syntax in proto_proxy.c.
    - CVE-2023-46852
  * SECURITY UPDATE: off-by-one error via proxy requests in proxy mode
    - debian/patches/CVE-2023-46853.patch: fix off-by-one if \r is missing
      in proto_proxy.c, t/proxy.t.
    - CVE-2023-46853

 -- Marc Deslauriers <email address hidden> Wed, 01 Nov 2023 10:19:02 -0400

CVE-2023-46852 In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substr
CVE-2023-46853 In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.



About   -   Send Feedback to @ubuntu_updates