drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in ant
Name: |
Ausführen beliebiger Kommandos in ant |
|
ID: |
FEDORA-2018-4943b0505b |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 27 |
|
Datum: |
Do, 5. Juli 2018, 22:55 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10886 |
|
Applikationen: |
Apache Ant |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2018-4943b0505b 2018-07-05 15:16:30.995001 ------------------------------------------------------------------------------- -
Name : ant Product : Fedora 27 Version : 1.10.1 Release : 10.fc27 URL : http://ant.apache.org/ Summary : Java build tool Description : Apache Ant is a Java library and command-line tool whose mission is to drive processes described in build files as targets and extension points dependent upon each other. The main known usage of Ant is the build of Java applications. Ant supplies a number of built-in tasks allowing to compile, assemble, test and run Java applications. Ant can also be used effectively to build non Java applications, for instance C or C++ applications. More generally, Ant can be used to pilot any type of process which can be described in terms of targets and tasks.
------------------------------------------------------------------------------- - Update Information:
Backport fix for arbitrary file write vulnerability ------------------------------------------------------------------------------- - ChangeLog:
* Tue Jun 26 2018 Michael Simacek <msimacek@redhat.com> - 0:1.10.1-10 - Backport fix for arbitrary file write vulnerability - Resolves: rhbz#1584407 * Wed Feb 7 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0:1.10.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Mon Sep 4 2017 Michael Simacek <msimacek@redhat.com> - 0:1.10.1-8 - Fix directory ownership ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1584407 - CVE-2018-10886 ant: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file https://bugzilla.redhat.com/show_bug.cgi?id=1584407 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-4943b0505b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MJSDI2TW7X4FEWJFVX2EP73YOGW767GP/
|
|
|
|