Mageia 6 MGASA-2019-0007 Critical: Units Remote Code Execution Risk
mageia
January 5, 2019
A flaw was found in units
Summary
A flaw was found in units. units_cur doesn't sanitize downloaded data. This allows a maliciously intended server to execute arbitrary code remotely on the client (rhbz#1598913). References:
References
- https://bugs.mageia.org/show_bug.cgi?id=23455
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NGM5T2F2STAUWF76LMEA7NCLE3STBAQI/
Topics Covered
Resolution
SRPMS
- 6/core/units-2.18-1.mga6
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 05 Jan 2019
URL: https://advisories.mageia.org/MGASA-2019-0007.html
Type: security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!