Login
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in augeas
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in augeas
ID: FEDORA-2017-7dacb3c21c
Distribution: Fedora
Plattformen: Fedora 25
Datum: Do, 14. September 2017, 07:32
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7555
Applikationen: Augeas

Originalnachricht

--------------------------------------------------------------------------------

Fedora Update Notification
FEDORA-2017-7dacb3c21c
2017-09-13 19:51:51.197446
--------------------------------------------------------------------------------


Name : augeas
Product : Fedora 25
Version : 1.8.1
Release : 1.fc25
URL : http://augeas.net/
Summary : A library for changing configuration files
Description :
A library for programmatically editing configuration files. Augeas parses
configuration files into a tree structure, which it exposes through its
public API. Changes made through the API are written back to the initially
read files.

The transformation works very hard to preserve comments and formatting
details. It is controlled by ``lens'' definitions that describe the
file
format and the transformation into a tree.

--------------------------------------------------------------------------------

Update Information:

New upstream version 1.8.1. Fixes CVE-2017-7555 (RHBZ#1482340).
--------------------------------------------------------------------------------

References:

[ 1 ] Bug #1482340 - CVE-2017-7555 augeas: Improper handling of escaped
strings leading to memory corruption [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1482340
--------------------------------------------------------------------------------


This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade augeas' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung