You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa moin

Sigurnosni nedostaci programskog paketa moin

==========================================================================
Ubuntu Security Notice USN-4629-1
November 11, 2020

moin vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in MoinMoin.

Software Description:
– moin: Collaborative hypertext environment

Details:

Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-25074)

Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-15275)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
python-moinmoin 1.9.9-1ubuntu1.2

Ubuntu 16.04 LTS:
python-moinmoin 1.9.8-1ubuntu1.16.04.3

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4629-1
CVE-2020-15275, CVE-2020-25074

Package Information:
https://launchpad.net/ubuntu/+source/moin/1.9.9-1ubuntu1.2
https://launchpad.net/ubuntu/+source/moin/1.9.8-1ubuntu1.16.04.3
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl+sAc8ACgkQRbznW4QL
H2lrohAAl2aXvLsFWywDUlB8aueku8ORG7Q2tum53SiWT76P4RZ5KmcQpZiGEU3/
uwhE6AiS0JN26TFvOX+iA3BlkAawmouOLKYzKlNG+SkCcVT6X/iNmDGIVAz6T/6C
Ryx+vy369MIJgNiTHJ00R2woQakU+UEvGSXvX3FygsRY1PsgDQXam48CF5wTrE4y
ml9XsEL1m0vwQwuuv8l7rk+E5mqfn6+d7+VoxDJ07gPhLVWYIRgjMX9qrRtKg7LE
Rvq/M+bo+XIw97Zf8JYbkLhth2ypllwRl20/H++UdBE9otxCZx0Qk45rRZFehW69
K4xlEaR3Ivlxz8vS+Uw6A49+ckpkT4ycheTL74rkEjwOGU0QMVH3dFEkMGxX8Z6h
fhlWLZar3gUSOq7Ifs8PLozCCcIfJYyNuBpHWq2uU5jy50cKGP/n4uDlGYBkif5m
4d1/71YNW7FkEg2pa7gmioOUgGKAFdPXqPp9iWxHWhUJc8yPkw2nkI4+6WOX76q4
LACDOoHhIvIQjcbk8IZfNp7VlZalA+AISFuHwgy9UCoX6Q32xlLBd90Smac6ZMeA
TMznDmk7G2L0fRqtFh6q64Y5mgPN3tCaYpUBRI4mrVUK3vdi2oWT6OxthbpLQM4Z
pUuF1YFcj00Oz6Ax2by7qNpMMpYrz0Yh51wLHbbSsSgEBv6n+wQ=
=VmJD
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa nodejs12

Otkriveni su sigurnosni nedostaci u programskom paketu nodejs12 za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja,...

Close