drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in influxdb
Name: |
Mangelnde Rechteprüfung in influxdb |
|
ID: |
DSA-4823-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian buster |
|
Datum: |
Fr, 1. Januar 2021, 22:29 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20933 |
|
Applikationen: |
InfluxDB |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4823-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 01, 2021 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : influxdb CVE ID : CVE-2019-20933
It was discovered that incorrect validation of JWT tokens in InfluxDB, a time series, metrics, and analytics database, could result in authentication bypass.
For the stable distribution (buster), this problem has been fixed in version 1.6.4-1+deb10u1.
We recommend that you upgrade your influxdb packages.
For the detailed security status of influxdb please refer to its security tracker page at: https://security-tracker.debian.org/tracker/influxdb
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl/vbN4ACgkQEMKTtsN8 TjaxRw//e2Garai/wwzfO25MIwHl7+/dmd/4cJXF1fOUA97gwvkK3qd1UIq4vb4g FBUQnhDtV3J94DVVK+EzZOnhtMNLoNES/RGrFpBCJZq0+UrtAEdEBXjo0xkipY+i OzwWIO6TEPebWQ0BYdS5hPVRTsbpvoVG1wP2X9/vPxCR6aNQJxllbnGfoFBU8XxS U9YSHJZJZTY71NyegdI3vUbIrRPlFvqxHNdGgKUwAxyIXpmJynIH8P//qgkCyuOG hQ+xV2jUU4azVqk+5YvSX6nQ9mlZWAxv9VWqzoy87X5ee4kBZDHboEkyBo6nrzCH TQeFJ8U3RDWJSXub4irS7Jrduq41tYSdDSSR89tjoTKnmSGpHLMr092L0z38a7i6 RqCN5TB9/xZoA1+01oIQ2s4SyweXwYuFZrJ+yKH/lH7hACpbxUWGbqCMgKrT0XXn /SXk3TD6qkkXV7dUJVy1SNSTJZ3RYN2tdeRFBy1ekmkAKy6gc0izMsiTvFZ4+2WU TkV7eYeH40r86Cvx3D2vmGLKxigGoNqzMtDVrqEQ2r4GWDgVIj4m6fMhHBLQHTY2 Qs088piCTYtATVcwOfc1QnpcDoB5glF2vBh9s5xbax0DgzN//VqBoezgzcuU2sxL w4rC2Qfby0lVde1x3pjrt3xvXiu71xmow5FYCCk6F5KGkG/zQUk= =nGsx -----END PGP SIGNATURE-----
|
|
|
|