- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-4629-1
November 11, 2020
moin vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in MoinMoin.
Software Description:
– moin: Collaborative hypertext environment
Details:
Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-25074)
Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-15275)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
python-moinmoin 1.9.9-1ubuntu1.2
Ubuntu 16.04 LTS:
python-moinmoin 1.9.8-1ubuntu1.16.04.3
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4629-1
CVE-2020-15275, CVE-2020-25074
Package Information:
https://launchpad.net/ubuntu/+source/moin/1.9.9-1ubuntu1.2
https://launchpad.net/ubuntu/+source/moin/1.9.8-1ubuntu1.16.04.3
—–BEGIN PGP SIGNATURE—–
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl+sAc8ACgkQRbznW4QL
H2lrohAAl2aXvLsFWywDUlB8aueku8ORG7Q2tum53SiWT76P4RZ5KmcQpZiGEU3/
uwhE6AiS0JN26TFvOX+iA3BlkAawmouOLKYzKlNG+SkCcVT6X/iNmDGIVAz6T/6C
Ryx+vy369MIJgNiTHJ00R2woQakU+UEvGSXvX3FygsRY1PsgDQXam48CF5wTrE4y
ml9XsEL1m0vwQwuuv8l7rk+E5mqfn6+d7+VoxDJ07gPhLVWYIRgjMX9qrRtKg7LE
Rvq/M+bo+XIw97Zf8JYbkLhth2ypllwRl20/H++UdBE9otxCZx0Qk45rRZFehW69
K4xlEaR3Ivlxz8vS+Uw6A49+ckpkT4ycheTL74rkEjwOGU0QMVH3dFEkMGxX8Z6h
fhlWLZar3gUSOq7Ifs8PLozCCcIfJYyNuBpHWq2uU5jy50cKGP/n4uDlGYBkif5m
4d1/71YNW7FkEg2pa7gmioOUgGKAFdPXqPp9iWxHWhUJc8yPkw2nkI4+6WOX76q4
LACDOoHhIvIQjcbk8IZfNp7VlZalA+AISFuHwgy9UCoX6Q32xlLBd90Smac6ZMeA
TMznDmk7G2L0fRqtFh6q64Y5mgPN3tCaYpUBRI4mrVUK3vdi2oWT6OxthbpLQM4Z
pUuF1YFcj00Oz6Ax2by7qNpMMpYrz0Yh51wLHbbSsSgEBv6n+wQ=
=VmJD
—–END PGP SIGNATURE—–
—
| Autor | Dona Seruga |
| Cert id | NCERT-REF-2020-11-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
