Package "memcached"

  memcached (1.4.13-0ubuntu2.2) precise-security; urgency=medium

  * SECURITY UPDATE: multiple integer overflow vulnerabilities
    - debian/patches/CVE-2016-870x.patch: check nbytes and nkey in items.c,
      properly handle lengths in memcached.c.
    - CVE-2016-8704
    - CVE-2016-8705
    - CVE-2016-8706

 -- Marc Deslauriers <email address hidden> Wed, 02 Nov 2016 08:18:39 -0400

  memcached (1.4.13-0ubuntu2.1) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via large body length
    - debian/patches/CVE-2011-4971.patch: check length in memcached.c,
      added test to t/issue_192.t.
    - CVE-2011-4971
  * SECURITY UPDATE: denial of service when using -vv
    - debian/patches/CVE-2013-0179.patch: properly format key in items.c,
      memcached.c.
    - CVE-2013-0179
  * SECURITY UPDATE: SASL authentication bypass
    - debian/patches/CVE-2013-7239.patch: explicitly record sasl auth
      states in memcached.*, added test to t/binary-sasl.t.
    - CVE-2013-7239
 -- Marc Deslauriers <email address hidden> Tue, 07 Jan 2014 09:15:30 -0500