MGASA-2016-0013 Updated mono packages fix security vulnerability

It was found that float-parsing code used in Mono before 4.2 is derived from code vulnerable to CVE-2009-0689. The issue concerns the 'freelist' array, which is a global array of 16 pointers to 'Bigint'. This array is part of a memory allocation and reuse system which attempts to reduce the numbe...

MGASA-2015-0156 Updated mono packages fix security vulnerabilities

A TLS impersonation attack was discovered in Mono's TLS stack by researchers at Inria CVE-2015-2318. During checks on the TLS stack, they have discovered two further issues which have been fixed, a vulnerability to a protocol downgrade attack CVE-2015-2319 and SSLv2 support still being available...

MGASA-2014-0244 Updated mono packages fix security vulnerability

Mono 2.10.9 does not properly randomize hash functions for form posts to protect against hash collision attacks. A remote attacker could send specially crafted parameters, possibly resulting in a Denial of Service condition CVE-2012-3543...