Login
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in python-notebook
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in python-notebook
ID: FEDORA-2018-1fdcb294e3
Distribution: Fedora
Plattformen: Fedora 28
Datum: Fr, 30. März 2018, 21:55
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8768
Applikationen: python-notebook

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-1fdcb294e3
2018-03-30 12:38:03.488114
-------------------------------------------------------------------------------
-

Name : python-notebook
Product : Fedora 28
Version : 5.4.0
Release : 2.fc28
URL : http://jupyter.org
Summary : A web-based notebook environment for interactive computing
Description :
The Jupyter Notebook is a web application that allows you to create and
share documents that contain live code, equations, visualizations, and
explanatory text. The Notebook has support for multiple programming
languages, sharing, and interactive widgets.

-------------------------------------------------------------------------------
-
Update Information:

Security fix for CVE-2018-8768
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1558781 - CVE-2018-8768 python-notebook: Input sanitization bypass
allows for execution of JavaScript via crafted notebook file
https://bugzilla.redhat.com/show_bug.cgi?id=1558781
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade python-notebook' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Unterstützer werden
Neue Nachrichten
Werbung