Source: couchdb Version: 1.2.0-1 Severity: important Tags: security upstream
Hi, the following vulnerability was published for couchdb. Reporting this as well to the BTS. CVE-2014-2668[0]: | Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a | denial of service (CPU and memory consumption) via the count parameter | to /_uuids. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2014-2668 [1] http://git-wip-us.apache.org/repos/asf?p=couchdb.git;a=commitdiff_plain;h=0fb5aa9e67bd291ca2638dba961f4ddd3f6ccb3e;hp=198bea3479dfecac13ab1a3e95f902b8eba02f7d Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
