MGASA-2018-0445

Source
https://advisories.mageia.org/MGASA-2018-0445.html
Import Source
https://advisories.mageia.org/MGASA-2018-0445.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2018-0445
Related
Published
2018-11-11T21:39:12Z
Modified
2018-11-11T21:14:38Z
Summary
Updated python-dulwich packages fix security vulnerability
Details

Dulwich, when an SSH subprocess is used, allowed remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname (CVE-2017-16228).

References
Credits

Affected packages

Mageia:6 / python-dulwich

Package

Name
python-dulwich
Purl
pkg:rpm/mageia/python-dulwich?distro=mageia-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.12.0-1.2.mga6

Ecosystem specific

{
    "section": "core"
}