[ MDVSA-2015:040 ] zarafa

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:040
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : zarafa
 Date    : February 10, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated zarafa packages fix security vulnerability:
 
 Robert Scheck discovered a flaw in Zarafa WebAccess >= 7.0.0 and
 Zarafa WebApp that could allow a remote unauthenticated attacker to
 exhaust the disk space of /tmp (CVE-2014-9465).
 
 This update also adds some patches from Robert Scheck which correct
 some packaging issues with zarafa-webaccess.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9465
 http://advisories.mageia.

Leave a Reply