Ubuntu Security Notice USN-4595-1

Discussion in 'News Aggregator' started by Packet Storm, 22 Oct 2020.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 4595-1 - It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code.

    Continue reading...
     
    #1 Packet Storm, 22 Oct 2020
  2. mike dukes

    mike dukes Member

    Joined:
    20 Oct 2020
    Messages:
    20
    Likes Received:
    1
    A security issue affects these releases of Ubuntu and its derivatives:
    - Ubuntu 18.04 LTS
    Summary:
    Grunt could be made to run programs if it received specially crafted input.
    Software Description:
    - grunt: JavaScript task runner/build system/maintainer tool
    Details:
    It was discovered that Grunt did not properly load yaml files. An
    attacker could possibly use this to execute arbitrary code. (CVE-2020-7729)
    Update instructions:
    The problem can be corrected by updating your system to the following
    package versions:
    Ubuntu 18.04 LTS:
    grunt 1.0.1-8ubuntu0.1
    In general, a standard system update will make all the necessary changes.
    Hope this helps.
     
    #2 mike dukes, 23 Oct 2020
(You must log in or sign up to post here.)

Share This Page

Loading...