Debian-LTS has issued an advisory on September 18: http://lwn.net/Alerts/701123/ I'm not sure which versions are affected.
Done for mga5 and Cauldron!
Thanks David! Advisory: ======================== Updated zookeeper packages fix security vulnerability: Lyon Yang discovered that the C client shells cli_st and cli_mt of Apache Zookeeper were affected by a buffer overflow vulnerability associated with parsing of the input command when using the "cmd:" batch mode syntax. If the command string exceeds 1024 characters a buffer overflow will occur (CVE-2016-5017). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5017 http://lwn.net/Alerts/701123/ ======================== Updated packages in core/updates_testing: ======================== zookeeper-3.4.5-25.1.mga5 libzookeeper2-3.4.5-25.1.mga5 libzookeeper-devel-3.4.5-25.1.mga5 zookeeper-lib-doc-3.4.5-25.1.mga5 zookeeper-java-3.4.5-25.1.mga5 zookeeper-javadoc-3.4.5-25.1.mga5 python-ZooKeeper-3.4.5-25.1.mga5 zookeeper-server-3.4.5-25.1.mga5 from zookeeper-3.4.5-25.1.mga5.src.rpm
Version: Cauldron => 5Assignee: geiger.david68210 => qa-bugs
x86_64 test From Wikipedia: Zookeeper is essentially a distributed hierarchical key-value store, which is used to provide a distributed configuration service, synchronization service, and naming registry for large distributed systems. Which leaves me scratching my head. Installed the packages pre-update. Only one problem: installing zookeeper-server-3.4.5-25.mga5.noarch.rpm 1/1: zookeeper-server ############################################# Failed to open 'zookeeper.conf', ignoring: No such file or directory The package installed though. $ sudo systemctl start zookeeper-server Failed to start zookeeper-server.service: Unit zookeeper-server.service failed to load: No such file or directory. Ignored that and proceeded to install the updates. Note that two cli interfaces are provided and that the upstream reports recommend using the java one. This update concerns the C interface. The updates installed cleanly. This is about all we can do for this one unless there is somebody in QA who knows how to exercise zookeeper and the java cli. A tentative OK.
CC: (none) => tarazed25
Whiteboard: (none) => MGA5-64-OK
Keywords: (none) => validated_updateWhiteboard: MGA5-64-OK => MGA5-64-OK advisoryCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0328.html
Status: NEW => RESOLVEDResolution: (none) => FIXED