Issued:: 2020-12-16
Updated:: 2020-12-16

RHSA-2020:5583 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: memcached security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for memcached is now available for Red Hat OpenStack Platform 13
(Queens).

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

Description

memcached is a high-performance, distributed memory object caching system,
generic in nature, but intended for use in speeding up dynamic web
applications
by alleviating database load.

Security Fix(es):

null-pointer dereference in "lru mode" and "lru temp_ttl" causing denial

of service (CVE-2019-11596)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

Solution

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat OpenStack for IBM Power 13 ppc64le
Red Hat OpenStack 13 x86_64

Fixes

BZ - 1706001 - CVE-2019-11596 memcached: null-pointer dereference in "lru mode" and "lru temp_ttl" causing denial of service

CVEs

CVE-2019-11596

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack for IBM Power 13

SRPM
memcached-1.4.39-3.el7ost.src.rpm	SHA-256: 7e751e6f7ffa257aa73b1e7a34a20820072cb55fba50c6bb14e08c63fe4a03fc
ppc64le
memcached-1.4.39-3.el7ost.ppc64le.rpm	SHA-256: e373761dd7db40c9cba4edd95c2e84a14dc37a38e2e2111ee17ac7503d36e3db
memcached-debuginfo-1.4.39-3.el7ost.ppc64le.rpm	SHA-256: 81b1b5c4425f866a4cb3b6fbd705f1db63684d211b988e0183c2123d77a90a97

Red Hat OpenStack 13

SRPM
memcached-1.4.39-3.el7ost.src.rpm	SHA-256: 7e751e6f7ffa257aa73b1e7a34a20820072cb55fba50c6bb14e08c63fe4a03fc
x86_64
memcached-1.4.39-3.el7ost.x86_64.rpm	SHA-256: cedcc10c0fbbe28b9afb70378c6161c3d7a0d23b72662e1898afe580481d12df
memcached-debuginfo-1.4.39-3.el7ost.x86_64.rpm	SHA-256: cd8ddeeb6fa26d61aadd39382892ffad86ca5201bfaaa85a6aac76439e66637d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation