Ausführen beliebiger Kommandos in PyYAML
ID: | FEDORA-2020-40c35d7b37 |
Distribution: | Fedora |
Plattformen: | Fedora 30 |
Datum: | Fr, 27. März 2020, 11:56 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1747 |
Applikationen: | PyYAML |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-40c35d7b37 2020-03-27 10:40:40.187069 -------------------------------------------------------------------------------- Name : PyYAML Product : Fedora 30 Version : 5.3.1 Release : 1.fc30 URL : https://github.com/yaml/pyyaml Summary : YAML parser and emitter for Python Description : YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python. PyYAML features a complete YAML 1.1 parser, Unicode support, pickle support, capable extension API, and sensible error messages. PyYAML supports standard YAML tags and provides Python-specific tags that allow to represent an arbitrary Python object. PyYAML is applicable for a broad range of tasks from complex configuration files to object serialization and persistence. -------------------------------------------------------------------------------- Update Information: * New upstream release 5.3.1 (rhbz#1814882) * Fixes CVE-2020-1747 (rhbz#1807367,1809011) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 19 2020 John Eckersberg |