Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2016:2820 - Security Advisory
Issued:
2016-11-23
Updated:
2016-11-23

RHSA-2016:2820 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: memcached security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for memcached is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.

Security Fix(es):

  • Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

  • BZ - 1390510 - CVE-2016-8704 memcached: Server append/prepend remote code execution
  • BZ - 1390511 - CVE-2016-8705 memcached: Server update remote code execution

CVEs

  • CVE-2016-8704
  • CVE-2016-8705

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
memcached-1.4.4-3.el6_8.1.src.rpm SHA-256: 72bfdc81f71f422cb9f33ff0ccdb11f3adb74380a3ff4bd56a613da99827f899
x86_64
memcached-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 3f065adf2f19596092dbaaf2f8a764c5d0870c4afc85cb8766fd0234c0c78bbc
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-debuginfo-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 457bbf8d1e6c69a02e5f27febe2e8ed88ddf1ed72ccff391f331812f46a73f67
memcached-debuginfo-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 457bbf8d1e6c69a02e5f27febe2e8ed88ddf1ed72ccff391f331812f46a73f67
memcached-devel-1.4.4-3.el6_8.1.i686.rpm SHA-256: b770ca904ffc28707eb7d0d64e9591632cb521128fd17137c0cca7db92a0011c
memcached-devel-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 35be89cb34dff48dd77d62365869c0c341d312fb8ad9c33849f86803986c2c59
i386
memcached-1.4.4-3.el6_8.1.i686.rpm SHA-256: 6eb48e7ef95aa5d4361ef00dc62cc581eba9f460514b16f5d4ef838e0894675a
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-devel-1.4.4-3.el6_8.1.i686.rpm SHA-256: b770ca904ffc28707eb7d0d64e9591632cb521128fd17137c0cca7db92a0011c

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
memcached-1.4.4-3.el6_8.1.src.rpm SHA-256: 72bfdc81f71f422cb9f33ff0ccdb11f3adb74380a3ff4bd56a613da99827f899
x86_64
memcached-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 3f065adf2f19596092dbaaf2f8a764c5d0870c4afc85cb8766fd0234c0c78bbc
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-debuginfo-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 457bbf8d1e6c69a02e5f27febe2e8ed88ddf1ed72ccff391f331812f46a73f67
memcached-debuginfo-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 457bbf8d1e6c69a02e5f27febe2e8ed88ddf1ed72ccff391f331812f46a73f67
memcached-devel-1.4.4-3.el6_8.1.i686.rpm SHA-256: b770ca904ffc28707eb7d0d64e9591632cb521128fd17137c0cca7db92a0011c
memcached-devel-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 35be89cb34dff48dd77d62365869c0c341d312fb8ad9c33849f86803986c2c59
i386
memcached-1.4.4-3.el6_8.1.i686.rpm SHA-256: 6eb48e7ef95aa5d4361ef00dc62cc581eba9f460514b16f5d4ef838e0894675a
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-devel-1.4.4-3.el6_8.1.i686.rpm SHA-256: b770ca904ffc28707eb7d0d64e9591632cb521128fd17137c0cca7db92a0011c

Red Hat Enterprise Linux Workstation 6

SRPM
memcached-1.4.4-3.el6_8.1.src.rpm SHA-256: 72bfdc81f71f422cb9f33ff0ccdb11f3adb74380a3ff4bd56a613da99827f899
x86_64
memcached-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 3f065adf2f19596092dbaaf2f8a764c5d0870c4afc85cb8766fd0234c0c78bbc
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-debuginfo-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 457bbf8d1e6c69a02e5f27febe2e8ed88ddf1ed72ccff391f331812f46a73f67
memcached-debuginfo-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 457bbf8d1e6c69a02e5f27febe2e8ed88ddf1ed72ccff391f331812f46a73f67
memcached-devel-1.4.4-3.el6_8.1.i686.rpm SHA-256: b770ca904ffc28707eb7d0d64e9591632cb521128fd17137c0cca7db92a0011c
memcached-devel-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 35be89cb34dff48dd77d62365869c0c341d312fb8ad9c33849f86803986c2c59
i386
memcached-1.4.4-3.el6_8.1.i686.rpm SHA-256: 6eb48e7ef95aa5d4361ef00dc62cc581eba9f460514b16f5d4ef838e0894675a
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-devel-1.4.4-3.el6_8.1.i686.rpm SHA-256: b770ca904ffc28707eb7d0d64e9591632cb521128fd17137c0cca7db92a0011c

Red Hat Enterprise Linux Desktop 6

SRPM
memcached-1.4.4-3.el6_8.1.src.rpm SHA-256: 72bfdc81f71f422cb9f33ff0ccdb11f3adb74380a3ff4bd56a613da99827f899
x86_64
memcached-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 3f065adf2f19596092dbaaf2f8a764c5d0870c4afc85cb8766fd0234c0c78bbc
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-debuginfo-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 457bbf8d1e6c69a02e5f27febe2e8ed88ddf1ed72ccff391f331812f46a73f67
memcached-devel-1.4.4-3.el6_8.1.i686.rpm SHA-256: b770ca904ffc28707eb7d0d64e9591632cb521128fd17137c0cca7db92a0011c
memcached-devel-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 35be89cb34dff48dd77d62365869c0c341d312fb8ad9c33849f86803986c2c59
i386
memcached-1.4.4-3.el6_8.1.i686.rpm SHA-256: 6eb48e7ef95aa5d4361ef00dc62cc581eba9f460514b16f5d4ef838e0894675a
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-devel-1.4.4-3.el6_8.1.i686.rpm SHA-256: b770ca904ffc28707eb7d0d64e9591632cb521128fd17137c0cca7db92a0011c

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
memcached-1.4.4-3.el6_8.1.src.rpm SHA-256: 72bfdc81f71f422cb9f33ff0ccdb11f3adb74380a3ff4bd56a613da99827f899
s390x
memcached-1.4.4-3.el6_8.1.s390x.rpm SHA-256: f6b0c7445995acd2926186314c90de5c36399f1da0db5244cd92eb80383c17b8
memcached-debuginfo-1.4.4-3.el6_8.1.s390.rpm SHA-256: 74f401b58c769747841d8b15c9d1f7d91f74d1dad0210f6b5464505242b194bd
memcached-debuginfo-1.4.4-3.el6_8.1.s390x.rpm SHA-256: d4153d0f1ea9b13d2efc7d0c995ffd448b06d41a03162bea082cd48745e5696f
memcached-debuginfo-1.4.4-3.el6_8.1.s390x.rpm SHA-256: d4153d0f1ea9b13d2efc7d0c995ffd448b06d41a03162bea082cd48745e5696f
memcached-devel-1.4.4-3.el6_8.1.s390.rpm SHA-256: 43e94587dc41ed96980cc4ccdfc4e190c101016af9e32b8dedf46b6d6ba10596
memcached-devel-1.4.4-3.el6_8.1.s390x.rpm SHA-256: 090e982814cc66a2bab81d45d882e75ed82e56e882549ca862526c776188216e

Red Hat Enterprise Linux for Power, big endian 6

SRPM
memcached-1.4.4-3.el6_8.1.src.rpm SHA-256: 72bfdc81f71f422cb9f33ff0ccdb11f3adb74380a3ff4bd56a613da99827f899
ppc64
memcached-1.4.4-3.el6_8.1.ppc64.rpm SHA-256: c7bf10db1e72d8e85b7fc55598a5ef42da1c85b479549771ce3836d5e3cfed64
memcached-debuginfo-1.4.4-3.el6_8.1.ppc.rpm SHA-256: 023a883cb0456ca03ea27216caba22ba85bbf468a6c3ff98512056074da53121
memcached-debuginfo-1.4.4-3.el6_8.1.ppc64.rpm SHA-256: 6cbd0f263b9994e5d0681514a972380e07c0463ac3f617fde5bd49e7d3670169
memcached-debuginfo-1.4.4-3.el6_8.1.ppc64.rpm SHA-256: 6cbd0f263b9994e5d0681514a972380e07c0463ac3f617fde5bd49e7d3670169
memcached-devel-1.4.4-3.el6_8.1.ppc.rpm SHA-256: ca3b58519c9e3a0af1ffef802280e301734160fce05e7e6ea6d7eb649578d5a1
memcached-devel-1.4.4-3.el6_8.1.ppc64.rpm SHA-256: 1ba5fbe366332c29456ab3b576e8852d06a656f046455566e036579fb2c8794e

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
memcached-1.4.4-3.el6_8.1.src.rpm SHA-256: 72bfdc81f71f422cb9f33ff0ccdb11f3adb74380a3ff4bd56a613da99827f899
x86_64
memcached-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 3f065adf2f19596092dbaaf2f8a764c5d0870c4afc85cb8766fd0234c0c78bbc
memcached-debuginfo-1.4.4-3.el6_8.1.i686.rpm SHA-256: efe00866ceaa19eb7a57bbc690fc496f3e2edfc6feb55a4402cefa9f86d10fb4
memcached-debuginfo-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 457bbf8d1e6c69a02e5f27febe2e8ed88ddf1ed72ccff391f331812f46a73f67
memcached-devel-1.4.4-3.el6_8.1.i686.rpm SHA-256: b770ca904ffc28707eb7d0d64e9591632cb521128fd17137c0cca7db92a0011c
memcached-devel-1.4.4-3.el6_8.1.x86_64.rpm SHA-256: 35be89cb34dff48dd77d62365869c0c341d312fb8ad9c33849f86803986c2c59

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM
memcached-1.4.4-3.el6_8.1.src.rpm SHA-256: 72bfdc81f71f422cb9f33ff0ccdb11f3adb74380a3ff4bd56a613da99827f899
s390x
memcached-1.4.4-3.el6_8.1.s390x.rpm SHA-256: f6b0c7445995acd2926186314c90de5c36399f1da0db5244cd92eb80383c17b8
memcached-debuginfo-1.4.4-3.el6_8.1.s390.rpm SHA-256: 74f401b58c769747841d8b15c9d1f7d91f74d1dad0210f6b5464505242b194bd
memcached-debuginfo-1.4.4-3.el6_8.1.s390x.rpm SHA-256: d4153d0f1ea9b13d2efc7d0c995ffd448b06d41a03162bea082cd48745e5696f
memcached-debuginfo-1.4.4-3.el6_8.1.s390x.rpm SHA-256: d4153d0f1ea9b13d2efc7d0c995ffd448b06d41a03162bea082cd48745e5696f
memcached-devel-1.4.4-3.el6_8.1.s390.rpm SHA-256: 43e94587dc41ed96980cc4ccdfc4e190c101016af9e32b8dedf46b6d6ba10596
memcached-devel-1.4.4-3.el6_8.1.s390x.rpm SHA-256: 090e982814cc66a2bab81d45d882e75ed82e56e882549ca862526c776188216e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter