drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in devscripts
Name: |
Ausführen beliebiger Kommandos in devscripts |
|
ID: |
FEDORA-2014-13063 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
Di, 28. Oktober 2014, 12:53 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1833 |
|
Applikationen: |
devscripts |
|
Originalnachricht |
Name : devscripts Product : Fedora 20 Version : 2.14.10 Release : 1.fc20 URL : https://packages.debian.org/sid/devscripts Summary : Scripts for Debian Package maintainers Description : Scripts to make the life of a Debian Package maintainer easier.
------------------------------------------------------------------------------- - Update Information:
Update to version 2.14.10, see http://metadata.ftp-master.debian.org/changelogsfor details. Update to version 2.14.9, see http://metadata.ftp-master.debian.org/changelogsfor details. Update to version 2.14.8, see http://metadata.ftp-master.debian.org/changelogsfor details. Fixes CVE-2014-1833. Update to version 2.14.9, see http://metadata.ftp-master.debian.org/changelogsfor details. Update to version 2.14.8, see http://metadata.ftp-master.debian.org/changelogsfor details. Fixes CVE-2014-1833. ------------------------------------------------------------------------------- - ChangeLog:
* Wed Oct 15 2014 Sandro Mani <manisandro@gmail.com> - 2.14.10-1 - Update to 2.14.10 * Mon Oct 13 2014 Sandro Mani <manisandro@gmail.com> - 2.14.9-1 - Update to 2.14.9 * Sat Oct 11 2014 Sandro Mani <manisandro@gmail.com> - 2.14.8-1 - Update to 2.14.8, fixes CVE-2014-1833 (#1059947) * Fri Sep 26 2014 Sandro Mani <manisandro@gmail.com> - 2.14.7-1 - Update to 2.14.7 * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Mon Aug 11 2014 Sandro Mani <manisandro@gmail.com> - 2.14.6-2 - Remove /usr/bin/archpath from package (#1128503) * Wed Aug 6 2014 Sandro Mani <manisandro@gmail.com> - 2.14.6-1 - Update to 2.14.6 * Wed Jun 11 2014 Sandro Mani <manisandro@gmail.com> - 2.14.5-1 - Update to 2.14.5 * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.14.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Mon Jun 2 2014 Sandro Mani <manisandro@gmail.com> - 2.14.4-1 - Update to 2.14.4 * Thu May 29 2014 Sandro Mani <manisandro@gmail.com> - 2.14.3-1 - Update to 2.14.3 * Wed May 28 2014 Kalev Lember <kalevlember@gmail.com> - 2.14.2-2 - Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 * Mon May 12 2014 Sandro Mani <manisandro@gmail.com> - 2.14.2-1 - Update to 2.14.2 * Thu Feb 27 2014 Sandro Mani <manisandro@gmail.com> - 2.14.1-2 - Require sensible-utils (rhbz#1067869) * Sun Jan 26 2014 Sandro Mani <manisandro@gmail.com> - 2.14.1-1 - Update to 2.14.1 * Wed Dec 25 2013 Sandro Mani <manisandro@gmail.com> - 2.13.9-1 - Update to 2.13.9 - Fixes CVE-2013-7085 (rhbz#1040949) * Wed Dec 11 2013 Sandro Mani <manisandro@gmail.com> - 2.13.8-1 - Update to 2.13.8 * Wed Dec 11 2013 Sandro Mani <manisandro@gmail.com> - 2.13.5-2 - Add upstream patch to fix arbitrary command execution when using USCAN_EXCLUSION (rhbz#1040266, debian#731849) * Thu Dec 5 2013 Sandro Mani <manisandro@gmail.com> - 2.13.5-1 - Update to 2.13.5 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1059947 - CVE-2014-1833 devscripts: directory traversal flaw in uupdate https://bugzilla.redhat.com/show_bug.cgi?id=1059947 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update devscripts' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|