From Mageia wiki
Jump to: navigation, search

MGASA-2012-0150

Date: July 10th, 2012
Affected releases: 1, 2


Description:
Updated links packages fix security vulnerability:

A security issue has been discovered in Links, which can be exploited
by malicious people to conduct spoofing attacks. The problem is that
the certificate presented by a server at the beginning of an SSL
session is not verified. This can be exploited to spoof valid servers
via a man-in-the-middle attack (SA33391).


Updated Packages:
Mageia 1:
links-2.2-10.1.mga1
links-common-2.2-10.1.mga1
links-graphic-2.2-10.1.mga1

Mageia 2:
links-2.6-1.1.mga2
links-common-2.6-1.1.mga2
links-graphic-2.6-1.1.mga2


References:
http://secunia.com/Advisories/33391/
https://bugs.mageia.org/show_bug.cgi?id=6593

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2012-0150&oldid=9053"