[SECURITY] [DLA 430-1] libfcgi security update

2016-02-2510:23:27

lists.debian.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.027 Low

EPSS

Percentile

90.3%

JSON

Package : libfcgi
Version : 2.4.0-8+deb6u1
CVE ID : CVE-2012-6687
Debian Bug : 681591

It was discovered that there was a remote denial of service in
libfcgi, a library for implementing the FastCGI web server protocol.

For Debian 6 Squeeze, this issue has been fixed in libfcgi version
2.4.0-8+deb6u1.

Regards,

  ,&#x27;&#x27;`.
 : :&#x27;  :     Chris Lamb
 `. `&#x27;`      [email protected] / chris-lamb.co.uk
   `-

OSVersionArchitecturePackageVersionFilename
Debian6alllibfcgi-dev< 2.4.0-8+deb6u1libfcgi-dev_2.4.0-8+deb6u1_all.deb
Debian6alllibfcgi< 2.4.0-8+deb6u1libfcgi_2.4.0-8+deb6u1_all.deb
Debian6alllibfcgi0ldbl< 2.4.0-8+deb6u1libfcgi0ldbl_2.4.0-8+deb6u1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	6	all	libfcgi-dev	< 2.4.0-8+deb6u1	libfcgi-dev_2.4.0-8+deb6u1_all.deb
Debian	6	all	libfcgi	< 2.4.0-8+deb6u1	libfcgi_2.4.0-8+deb6u1_all.deb
Debian	6	all	libfcgi0ldbl	< 2.4.0-8+deb6u1	libfcgi0ldbl_2.4.0-8+deb6u1_all.deb