Copied from
ubuntu trusty in
Primary Archive for Ubuntu
Changelog
memcached (1.4.14-0ubuntu9) trusty; urgency=low
* SECURITY UPDATE: denial of service via large body length
- debian/patches/CVE-2011-4971.patch: check length in memcached.c,
added test to t/issue_192.t.
- CVE-2011-4971
* SECURITY UPDATE: denial of service when using -vv
- debian/patches/CVE-2013-0179.patch: properly format key in items.c,
memcached.c.
- CVE-2013-0179
* SECURITY UPDATE: SASL authentication bypass
- debian/patches/CVE-2013-7239.patch: explicitly record sasl auth
states in memcached.*, added test to t/binary-sasl.t.
- CVE-2013-7239
* debian/memcached.postinst: don't create home directory so we don't end
up with /nonexistent. Thanks to Dustin Lundquist for patch.
(LP: #1255328)
-- Marc Deslauriers <email address hidden> Mon, 13 Jan 2014 15:48:48 -0500