VDB

GCVE-110-MAGEIA-2014-442

GCVE-110-MAGEIA-2014-442
Advisory Published
Vulnetix · Advisory published November 12, 2014
The Google Security Team discovered a buffer overflow vulnerability in the HTTP transport code in apt-get. An attacker able to man-in-the-middle a HTTP request to an apt repository can trigger the buffer overflow, leading to a crash of the "http" apt method binary, or potentially to arbitrary code execution (CVE-2014-6273). Also fixed is parsing of Mageia package index "synthesis" files with lines longer than 64k characters. This is necessary for upgrading to the "cauldron" development distro that will become Mageia 5. Note however that upgrading from Mageia 3 to Mageia 5 will not be supported.

Affected Products

VendorProductVersionsPlatforms
Mageiaapt0 (affected), 0.5.15lorg3.94-11.2.mga4 (unaffected)
Mageiaapt0.5.15lorg3.94-9.2.mga3 (unaffected), 0 (affected)

Browse GCVE Records

73,118 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›