Mageia 2020-0155: python-yaml security update

    Date 02 Apr 2020
    591
    Posted By LinuxSecurity Advisories
    Updated python-yaml packages fix security vulnerability: A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader.
    MGASA-2020-0155 - Updated python-yaml packages fix security vulnerability
    
    Publication date: 02 Apr 2020
    URL: https://advisories.mageia.org/MGASA-2020-0155.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2020-1747
    
    Updated python-yaml packages fix security vulnerability:
    
    A vulnerability was discovered in the PyYAML library, where it is
    susceptible to arbitrary code execution when it processes untrusted
    YAML files through the full_load method or with the FullLoader loader.
    Applications that use the library to process untrusted input may be
    vulnerable to this flaw. An attacker could use this flaw to execute
    arbitrary code on the system by abusing the python/object/new
    constructor (CVE-2020-1747).
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=26405
    - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1747
    
    SRPMS:
    - 7/core/python-yaml-5.3.1-1.mga7
    

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"94","type":"x","order":"1","pct":79.66,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"18","type":"x","order":"2","pct":15.25,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"6","type":"x","order":"3","pct":5.08,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.