Login
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in numpy
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in numpy
ID: FEDORA-2019-1dfe95a864
Distribution: Fedora
Plattformen: Fedora 30
Datum: So, 28. April 2019, 08:56
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6446
https://bugzilla.redhat.com/show_bug.cgi?id=1701803
Applikationen: Numpy

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2019-1dfe95a864
2019-04-27 21:22:10.074897
-------------------------------------------------------------------------------
-

Name : numpy
Product : Fedora 30
Version : 1.16.3
Release : 1.fc30
URL : http://www.numpy.org/
Summary : A fast multidimensional array facility for Python
Description :
NumPy is a general-purpose array-processing package designed to
efficiently manipulate large multi-dimensional arrays of arbitrary
records without sacrificing too much speed for small multi-dimensional
arrays. NumPy is built on the Numeric code base and adds features
introduced by numarray as well as an extended C-API and the ability to
create arrays of arbitrary type.

There are also basic facilities for discrete fourier transform,
basic linear algebra and random number generation. Also included in
this package is a version of f2py that works properly with NumPy.

-------------------------------------------------------------------------------
-
Update Information:

1.16.3, fix for CVE-2019-6446
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Apr 22 2019 Gwyn Ciesla <gwync@protonmail.com> - 1:1.16.3-1
- 1.16.3.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1667955 - CVE-2019-6446 numpy: crafted serialized object passed in
numpy.load() in pickle python module allows arbitrary code execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667955
[ 2 ] Bug #1701803 - numpy-1.16.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1701803
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-1dfe95a864' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung