Ubuntu Security Notice 4629-1 - Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions. An attacker could possibly use this issue to execute arbitrary code. Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files. An attacker could possibly use this issue to execute arbitrary code.
6a94bca2d157fa53ce20f3267659c1f8775fc53a3a5bb8aff7b365d10d7a1283=========================================================================
Ubuntu Security Notice USN-4629-1
November 11, 2020
moin vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in MoinMoin.
Software Description:
- moin: Collaborative hypertext environment
Details:
Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-25074)
Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-15275)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
python-moinmoin 1.9.9-1ubuntu1.2
Ubuntu 16.04 LTS:
python-moinmoin 1.9.8-1ubuntu1.16.04.3
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4629-1
CVE-2020-15275, CVE-2020-25074
Package Information:
https://launchpad.net/ubuntu/+source/moin/1.9.9-1ubuntu1.2
https://launchpad.net/ubuntu/+source/moin/1.9.8-1ubuntu1.16.04.3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed