Information on source package memcached

Available versions

ReleaseVersion
wheezy1.4.13-0.2+deb7u1
wheezy (security)1.4.13-0.2+deb7u3
jessie (security)1.4.21-1.1+deb8u1
stretch1.4.33-1
buster1.4.33-1
sid1.4.33-1

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-9951fixedvulnerablevulnerablevulnerablevulnerableThe try_read_command function in memcached.c in memcached before 1.4.39 ...

Resolved issues

BugDescription
CVE-2016-8706An integer overflow in process_bin_sasl_auth function in Memcached, ...
CVE-2016-8705Multiple integer overflows in process_bin_update function in ...
CVE-2016-8704An integer overflow in the process_bin_append_prepend function in ...
CVE-2013-7291memcached before 1.4.17, when running in verbose mode, allows remote ...
CVE-2013-7290The do_item_get function in items.c in memcached 1.4.4 and other ...
CVE-2013-7239memcached before 1.4.17 allows remote attackers to bypass ...
CVE-2013-0179The process_bin_delete function in memcached.c in memcached 1.4.4 and ...
CVE-2011-4971Multiple integer signedness errors in the (1) process_bin_sasl_auth, ...
CVE-2010-1152memcached.c in memcached before 1.4.3 allows remote attackers to cause ...
CVE-2009-2415Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote ...
CVE-2009-1494The process_stat function in Memcached 1.2.8 discloses ...
CVE-2009-1255The process_stat function in (1) Memcached before 1.2.8 and (2) ...

Security announcements

DSA / DLADescription
DLA-1033-1memcached - security update
DLA-701-1memcached - security update
DSA-3704-1memcached - security update
DSA-2832-1memcached - several
DSA-2832-1memcached - several
DSA-1853-1memcached - arbitrary code execution
DSA-1853-1memcached - arbitrary code execution

Search for package or bug name: Reporting problems