MGASA-2020-0016 Updated memcached packages fix security vulnerability

Updated memcached packages fix security vulnerability: memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conntostr in memcached.c. CVE-2019-15026 This update adds the ability to recover the cache from disk...

@forgerock/openam-agent-cache-memcached (=2.0.0), @mapbox/tilelive-memcached (=1.0.1) +74 more potentially affected by CVE-2018-3767 via memjs (>=0.10.2 <=0.9.1)

memjs NPM version =0.10.2, =1.0.0, =0.0.0, =0.12.1, =0.0.1, =0.8.0, =0.1.0, =1.1.0, =1.1.1 and more Source cves: CVE-2018-3767 Source advisory: OSV:GHSA-CX8M-8XMX-Q8V3...

MGASA-2018-0165 Updated memcached packages disable UDP by default

Updated memcached packages fix security vulnerabilities: Memcached enabled UDP by default, which could be exploited to denial of service via network flood CVE-2018-1000115. By default this UPD is now closed. With this release some overflow and deadlock situations get fixed too...

MGASA-2016-0381 Updated memcached packages fix security vulnerability

Aleksandar Nikolic discovered that Memcached incorrectly handled certain malformed commands. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2016-8704, CVE-2016-8705, CVE-2016-8706...