Login
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in devscripts
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in devscripts
ID: FEDORA-2013-23192
Distribution: Fedora
Plattformen: Fedora 20
Datum: So, 22. Dezember 2013, 20:19
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7050
Applikationen: devscripts

Originalnachricht

Name        : devscripts
Product : Fedora 20
Version : 2.13.5
Release : 2.fc20
URL : http://packages.debian.org/unstable/admin/devscripts
Summary : Scripts for Debian Package maintainers
Description :
Scripts to make the life of a Debian Package maintainer easier.

-------------------------------------------------------------------------------
-
Update Information:

Fix code execution flaw in uscan, CVE request: 4
Update to release 2.13.5, see http://ftp-master.metadata.debian.org/changelogsfor details.
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Dec 11 2013 Sandro Mani <manisandro@gmail.com> - 2.13.5-2
- Add upstream patch to fix arbitrary command execution when using
USCAN_EXCLUSION (rhbz#1040266, debian#731849)
* Thu Dec 5 2013 Sandro Mani <manisandro@gmail.com> - 2.13.5-1
- Update to 2.13.5
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1040266 - CVE-2013-7050 devscripts: code execution flaw in uscan
https://bugzilla.redhat.com/show_bug.cgi?id=1040266
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update devscripts' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung