Updated davfs2 packages fix CVE-2013-4362

2013-10-1121:35:44

Gentoo Foundation

advisories.mageia.org

0.0004 Low

EPSS

Percentile

12.7%

JSON

Updated davfs2 package fixes security vulnerability: Davfs2, a filesystem client for WebDAV, calls the function system() insecurely while is setuid root. This might allow a privilege escalation. (CVE-2013-4362)

OSVersionArchitecturePackageVersionFilename
Mageia2noarchdavfs2< 1.4.6-1.1davfs2-1.4.6-1.1.mga2
Mageia3noarchdavfs2< 1.4.7-3.1davfs2-1.4.7-3.1.mga3

OS	Version	Architecture	Package	Version	Filename
Mageia	2	noarch	davfs2	< 1.4.6-1.1	davfs2-1.4.6-1.1.mga2
Mageia	3	noarch	davfs2	< 1.4.7-3.1	davfs2-1.4.7-3.1.mga3

References

www.debian.org/security/2013/dsa-2765

bugs.mageia.org/show_bug.cgi?id=11300

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for MGASA-2013-0304