drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in nodejs-handlebars
Name: |
Ausführen beliebiger Kommandos in nodejs-handlebars |
|
ID: |
FEDORA-2015-8b6882339c |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 22 |
|
Datum: |
Di, 29. Dezember 2015, 13:52 |
|
Referenzen: |
https://bugzilla.redhat.com/show_bug.cgi?id=1291742 |
|
Applikationen: |
nodejs-handlebars |
|
Originalnachricht |
Name : nodejs-handlebars Product : Fedora 22 Version : 4.0.5 Release : 1.fc22 URL : http://handlebarsjs.com/ Summary : Mustache extension for Node.js Description : Handlebars.js is an extension to the Mustache templating language created by Chris Wanstrath. Handlebars.js and Mustache are both logicless templating languages that keep the view and the code separated like we all know they should be.
------------------------------------------------------------------------------- - Update Information:
Security fix for nodejs-handlebars: mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection ---- New upstream release. ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1291742 - mustache: handlebars: Quoteless Attributes in Templates can lead to Content Injection https://bugzilla.redhat.com/show_bug.cgi?id=1291742 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update nodejs-handlebars' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|