A deficiency was found: [1] http://code.google.com/p/memcached/issues/detail?id=102 in the way memcached processed received TCP data. A remote attacker could use this flaw to cause denial of service (excessive use of memory, server hang or crash). Upstream patches: [3] http://github.com/memcached/memcached/commit/75cc83685e103bc8ba380a57468c8f04413033f9 [4] http://github.com/memcached/memcached/commit/d9cd01ede97f4145af9781d448c62a3318952719 References: [4] http://secunia.com/advisories/39306/
This issue affects the versions of memcached package, as shipped with Fedora release of 11. Please fix.
I'm a bit busy at the moment, I won't be able to spin off a 1.4.5 release for F-11 for a little while. That said this is a very minor issue as security issues go...
closed, 1.4.10 is latest release.