Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Debian 8 DLA-1404-1 Critical: Lava-Server File Access Concern

debian lts
Calendar Grey June 28, 2018
Dist Debian Esm H88
Enhance your lava-server to resolve significant file permission vulnerabilities in Debian LTS. Safeguard your system's integrity now!
CVE-2018-12564 Using the feature to add URLs in the submit page, a user might be able to read any file on the server that is readable by lavaserver

Summary


For Debian 8 "Jessie", these problems have been fixed in version
2014.09.1-1+deb8u1.

We recommend that you upgrade your lava-server packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Severity
critical
Lowest
Low
Medium
High
Critical

Package: lava-server
Version: 2014.09.1-1+deb8u1
CVE ID: CVE-2018-12564

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here