openSUSE-SU-2021:0025-1

Опубликовано: 07 янв. 2021

Источник: suse-cvrf

Описание

Security update for kitty

This update for kitty fixes the following issue:

CVE-2020-35605: Fixed an RCE due to filenames containing special characters contained in error messages (boo#1180298).

Список пакетов

openSUSE Leap 15.2

kitty-0.16.0-lp152.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/23NJIZKNYFEV7VIUDT44MXRZWG23MTXX/
E-Mail link for openSUSE-SU-2021:0025-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1180298
SUSE Bug 1180298
https://www.suse.com/security/cve/CVE-2020-35605/
SUSE CVE CVE-2020-35605 page

Описание

The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message.

Затронутые продукты

openSUSE Leap 15.2:kitty-0.16.0-lp152.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-35605.html
CVE-2020-35605
https://bugzilla.suse.com/1180298
SUSE Bug 1180298

openSUSE-SU-2021:0025-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2020-35605

Описание

Затронутые продукты

Ссылки