Mandriva Linux Security Advisory : zarafa (MDVSA-2015:040)
Medium Nessus Plugin ID 81281
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated zarafa packages fix security vulnerability :
Robert Scheck discovered a flaw in Zarafa WebAccess >= 7.0.0 and Zarafa WebApp that could allow a remote unauthenticated attacker to exhaust the disk space of /tmp (CVE-2014-9465).
This update also adds some patches from Robert Scheck which correct some packaging issues with zarafa-webaccess.
SolutionUpdate the affected packages.