Package: memcached Version: 1.2.8-2 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for memcached.
CVE-2009-2415[0]: | Ronald Volgers discovered that memcached, a high-performance memory object | caching system, is vulnerable to several heap-based buffer overflows due | to integer conversions when parsing certain length attributes. An | attacker can use this to execute arbitrary code on the system running | memcached (on etch with root privileges). If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://lists.debian.org/debian-security-announce/2009/msg00169.html http://security-tracker.debian.net/tracker/CVE-2009-2415 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgp9duGM21anb.pgp
Description: PGP signature
