MGASA-2018-0445

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0445.html

Import Source

https://advisories.mageia.org/MGASA-2018-0445.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2018-0445

Related

CVE-2017-16228

Published

2018-11-11T21:39:12Z

Modified

2018-11-11T21:14:38Z

Summary

Updated python-dulwich packages fix security vulnerability

Details

Dulwich, when an SSH subprocess is used, allowed remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname (CVE-2017-16228).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:6 / python-dulwich

Package

Name: python-dulwich
Purl: pkg:rpm/mageia/python-dulwich?distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.12.0-1.2.mga6

Ecosystem specific

{
    "section": "core"
}