CVE-2019-18634, CVE-2020-7450

Started by mcc85s, February 02, 2020, 06:03:43 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 02, 2020, 06:03:43 PM
Reporting (2) CVE's after upgrading to [20.1]

***GOT REQUEST TO AUDIT SECURITY***
Fetching vuln.xml.bz2: .......... done
sudo-1.8.30 is vulnerable:
sudo -- Potential bypass of Runas user restrictions
CVE: CVE-2019-18634
WWW: https://vuxml.freebsd.org/freebsd/b4e5f782-442d-11ea-9ba9-206a8a720317.html

pkg-1.12.0 is vulnerable:
pkg -- vulnerability in libfetch
CVE: CVE-2020-7450
WWW: https://vuxml.freebsd.org/freebsd/2af10639-4299-11ea-aab1-98fa9bfec35a.html

2 problem(s) in 2 installed package(s) found.
***DONE***
February 02, 2020, 06:06:35 PM #1
...this info is for your personal use, not for posting here ;-)
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
February 02, 2020, 06:30:13 PM #2
Ok, what about for the developers?
February 02, 2020, 06:46:15 PM #3
They are also aware of this :)
February 02, 2020, 08:05:20 PM #4
Quote from: mcc85s on February 02, 2020, 06:30:13 PM
Ok, what about for the developers?

...they also know how to press a button in their software... :-)
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
Print
Go Up Pages1
User actions