memcached 1.4.13-0ubuntu2.1 source package in Ubuntu


memcached (1.4.13-0ubuntu2.1) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via large body length
    - debian/patches/CVE-2011-4971.patch: check length in memcached.c,
      added test to t/issue_192.t.
    - CVE-2011-4971
  * SECURITY UPDATE: denial of service when using -vv
    - debian/patches/CVE-2013-0179.patch: properly format key in items.c,
    - CVE-2013-0179
  * SECURITY UPDATE: SASL authentication bypass
    - debian/patches/CVE-2013-7239.patch: explicitly record sasl auth
      states in memcached.*, added test to t/binary-sasl.t.
    - CVE-2013-7239
 -- Marc Deslauriers <email address hidden>   Tue, 07 Jan 2014 09:15:30 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2014-01-07
Uploaded to:
Original maintainer:
Ubuntu Developers
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates on 2014-01-13 main web
Precise security on 2014-01-13 main web


File Size MD5 Checksum
memcached_1.4.13.orig.tar.gz 313.2 KiB 6d18c6d25da945442fcc1187b3b63b7f
memcached_1.4.13-0ubuntu2.1.diff.gz 15.0 KiB 55c7e426308b9480f0e11f52195906d1
memcached_1.4.13-0ubuntu2.1.dsc 1.8 KiB 6843338e1e02e93720469441609624a6

View changes file

Binary packages built by this source

memcached: A high-performance memory object caching system

 Danga Interactive developed memcached to enhance the speed of,
 a site which was already doing 20 million+ dynamic page views per day for 1
 million users with a bunch of webservers and a bunch of database servers.
 memcached dropped the database load to almost nothing, yielding faster page
 load times for users, better resource utilization, and faster access to the
 databases on a memcache miss.
 memcached optimizes specific high-load serving applications that are designed
 to take advantage of its versatile no-locking memory access system. Clients
 are available in several different programming languages, to suit the needs
 of the specific application. Traditionally this has been used in mod_perl
 apps to avoid storing large chunks of data in Apache memory, and to share
 this burden across several machines.