Fedora 27: 2018-8ff86925c3 Critical: Disable UDP Port for memcached

memcached is a high-performance, distributed memory object caching

system, generic in nature, but intended for use in speeding up dynamic

web applications by alleviating database load.

This is an update to the latest upstream release, which disables the UDP port by

default (CVE-2018-1000115).

* Thu Mar 29 2018 Miroslav Lichvar - 0:1.5.7-1

- update to 1.5.7

- use https URLs in spec

* Thu Mar 1 2018 Miroslav Lichvar - 0:1.5.6-1

- update to 1.5.6 (UDP port disabled by default)

- add gcc to build requirements

* Thu Feb 15 2018 Miroslav Lichvar - 0:1.5.5-2

- rebuild for new libevent

* Tue Feb 13 2018 Miroslav Lichvar - 0:1.5.5-1

- update to 1.5.5

* Thu Feb 8 2018 Fedora Release Engineering - 0:1.5.4-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Tue Jan 30 2018 Miroslav Lichvar - 0:1.5.4-2

- fix building with new gcc

- use macro for systemd scriptlet dependencies

* Thu Jan 4 2018 Miroslav Lichvar - 0:1.5.4-1

- update to 1.5.4

* Mon Nov 6 2017 Miroslav Lichvar - 0:1.5.3-1

- update to 1.5.3

- add build condition for seccomp support

* Mon Oct 2 2017 Miroslav Lichvar - 0:1.5.2-1

- update to 1.5.2

[ 1 ] Bug #1551182 - CVE-2018-1000115 memcached: UDP server support allows spoofed traffic amplification DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1551182

su -c 'dnf upgrade --advisory FEDORA-2018-8ff86925c3' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org