drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen von Code mit höheren Privilegien in python-mitogen
| Name: |
Ausführen von Code mit höheren Privilegien in python-mitogen |
|
| ID: |
FEDORA-2019-1f17485159 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 29 |
|
| Datum: |
Mi, 4. September 2019, 07:13 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15149 |
|
| Applikationen: |
python-mitogen |
|
Originalnachricht |
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2019-1f17485159
2019-09-04 04:05:05.596660
-------------------------------------------------------------------------------
-
Name : python-mitogen
Product : Fedora 29
Version : 0.2.8
Release : 1.fc29
URL : https://github.com/dw/mitogen
Summary : Distributed self-replicating programs in Python
Description :
Mitogen is a Python library for writing distributed self-replicating programs.
There is no requirement for installing packages, copying files around, writing
shell snippets, upfront configuration, or providing any secondary link to a
remote machine aside from an SSH connection. Due to its origins for use in
managing potentially damaged infrastructure, the remote machine need not even
have free disk space or a writeable filesystem.
It is not intended as a generic RPC framework; the goal is to provide a robust
and efficient low-level API on which tools like Salt, Ansible, or Fabric can be
built, and while the API is quite friendly and comparable to Fabric, ultimately
it is not intended for direct use by consumer software.
The focus is to centralize and perfect the intricate dance required to run
Python code safely and efficiently on a remote machine, while avoiding
temporary files or large chunks of error-prone shell scripts, and supporting
common privilege escalation techniques like sudo, potentially in combination
with exotic connection methods such as WMI, telnet, or console-over-IPMI.
-------------------------------------------------------------------------------
-
Update Information:
Latest upstream 0.2.8
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1743124 - CVE-2019-15149 python-mitogen: mitogen: security bypass
in core.py [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1743124
-------------------------------------------------------------------------------
-
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-1f17485159' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
|
|
|
|
