4 matches found
Fedora 30 : pacman (2020-096fbcc91f)
Update to latest version. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
CVE-2019-18183
pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the applydeltas function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted...
CVE-2019-18183
CVE-2019-18183 affects pacman and its libalpm/sync.c apply_deltas() in the delta processing path. The vulnerability exists when unsigned databases are used and the non-default delta feature is enabled, allowing an attacker-controlled crafted database and delta file to inject arbitrary commands. T...
[ASA-201910-13] pacman: arbitrary command execution
Arch Linux Security Advisory ASA-201910-13 ========================================== Severity: High Date : 2019-10-23 CVE-ID : CVE-2019-18182 CVE-2019-18183 Package : pacman Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-1049 Summary ======= The package...