Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Debian 8: DLA-2120-1 Moderate: Rake OS Command Injection Fix

debian lts
Calendar Grey February 26, 2020
Dist Debian Esm H88
Package : rake Version : 10.3.2-2+deb8u1 CVE ID : CVE-2020-8130 There is an OS command injection vul
There is an OS command injection vulnerability in Rake (a ruby make-like utility) < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`

Summary

For Debian 8 "Jessie", this problem has been fixed in version
10.3.2-2+deb8u1.

We recommend that you upgrade your rake packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Package: rake
Version: 10.3.2-2+deb8u1
CVE ID: CVE-2020-8130

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here