MGASA-2019-0327 - Updated libapreq2 packages fix security vulnerability Publication date: 14 Nov 2019 URL: https://advisories.mageia.org/MGASA-2019-0327.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-12412 Updated libapreq2 packages fix security vulnerability: Max Kellermann reported a NULL pointer dereference flaw in libapreq2, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested "multipart" body is processed (CVE-2019-12412). References: - https://bugs.mageia.org/show_bug.cgi?id=25638 - https://www.debian.org/security/2019/dsa-4541 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12412 SRPMS: - 7/core/libapreq2-2.130.0-28.1.mga7
Mageia 2019-0327: libapreq2 security update
Updated libapreq2 packages fix security vulnerability: Max Kellermann reported a NULL pointer dereference flaw in libapreq2, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested
