6 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-15709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1esm1, printed a PPA personal package archive description to the...
USN-4457-1: Software Properties vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacke...
CVE-2020-15709
Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1esm1, printed a PPA personal package archive description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpected ways...
CVE-2020-15709
CVE-2020-15709 affects add-apt-repository prior to versions 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1~esm1. The issue arises because the PPA description is printed to the terminal as-is, allowing PPA owners to inject ANSI terminal escapes that can modify terminal contents in uni...
CVE-2020-15709 add-apt-repository print ASNI terminal codes
Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1esm1, printed a PPA personal package archive description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpected ways...
[SECURITY] [DLA 2339-1] software-properties security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2339-1 [email protected] https://www.debian.org/lts/security/ August 22, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...