MGASA-2017-0140

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2017-0140.html
Import Source
https://advisories.mageia.org/MGASA-2017-0140.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2017-0140
Upstream
Published
2017-05-19T08:57:57Z
Modified
2026-04-16T06:25:30.614201006Z
Summary
Updated radicale package fixes security vulnerability
Details

Radicale before 1.1.2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method (CVE-2017-8342).

References
Credits

Affected packages

Mageia:5 / radicale

Package

Name
radicale
Purl
pkg:rpm/mageia/radicale?arch=source&distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.1-1.2.mga5

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2017-0140.json"