MGASA-2020-0354 - Updated fossil package fixes security vulnerability Publication date: 30 Aug 2020 URL: https://advisories.mageia.org/MGASA-2020-0354.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-24614 Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository (CVE-2020-24614). The fossil package has been updated to version 2.10.2, containing fixes for this issue, fixes for other bugs and security issues, and additional enhancements. See the changes list for details. References: - https://bugs.mageia.org/show_bug.cgi?id=27153 - https://www.openwall.com/lists/oss-security/2020/08/25/1 - https://fossil-scm.org/fossil/doc/trunk/www/changes.wiki - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24614 SRPMS: - 7/core/fossil-2.10.2-1.mga7
Mageia 2020-0354: fossil security update
Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code
Summary
Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows
remote authenticated users to execute arbitrary code. An attacker must have
check-in privileges on the repository (CVE-2020-24614).
The fossil package has been updated to version 2.10.2, containing fixes for
this issue, fixes for other bugs and security issues, and additional
enhancements. See the changes list for details.
References
- https://bugs.mageia.org/show_bug.cgi?id=27153
- https://www.openwall.com/lists/oss-security/2020/08/25/1
- https://fossil-scm.org/fossil/doc/trunk/www/changes.wiki
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24614
Resolution
MGASA-2020-0354 - Updated fossil package fixes security vulnerability
SRPMS
- 7/core/fossil-2.10.2-1.mga7
Severity
Publication date: 30 Aug 2020
URL: https://advisories.mageia.org/MGASA-2020-0354.html
Type: security
CVE: CVE-2020-24614
News
HOWTOs
About Us
Powered By
