Mandriva Linux Security Advisory : apache-commons-fileupload (MDVSA-2014:056)
Medium Nessus Plugin ID 73003
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated apache-commons-fileupload packages fix security vulnerability :
It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition (CVE-2014-0050).
Tomcat 7 includes an embedded copy of the Apache Commons FileUpload package, and was affected as well.
Additionally a build problem with maven was discovered, fixed maven packages is also being provided with this advisory.
SolutionUpdate the affected packages.