Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2019.0177
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2019-0177)
Zusammenfassung:	The remote host is missing an update for the 'python-jinja2' package(s) announced via the MGASA-2019-0177 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'python-jinja2' package(s) announced via the MGASA-2019-0177 advisory. Vulnerability Insight: Sandbox escape due to information disclosure via str.format (CVE-2016-10745). str.format_map allows sandbox escape (CVE-2019-10906). Affected Software/OS: 'python-jinja2' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-10745 https://github.com/pallets/jinja/commit/9b53045c34e61013dc8f09b7e52a555fa16bed16 https://palletsprojects.com/blog/jinja-281-released/ RedHat Security Advisories: RHSA-2019:1022 https://access.redhat.com/errata/RHSA-2019:1022 RedHat Security Advisories: RHSA-2019:1237 https://access.redhat.com/errata/RHSA-2019:1237 RedHat Security Advisories: RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:1260 RedHat Security Advisories: RHSA-2019:3964 https://access.redhat.com/errata/RHSA-2019:3964 RedHat Security Advisories: RHSA-2019:4062 https://access.redhat.com/errata/RHSA-2019:4062 SuSE Security Announcement: openSUSE-SU-2019:1395 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html SuSE Security Announcement: openSUSE-SU-2019:1614 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html https://usn.ubuntu.com/4011-1/ https://usn.ubuntu.com/4011-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-10906 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TS7IVZAJBWOHNRDMFJDIZVFCMRP6YIUQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCDYIS254EJMBNWOG4S5QY6AOTOR4TZU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSW3QZMFVVR7YE3UT4YRQA272TYAL5AF/ https://palletsprojects.com/blog/jinja-2-10-1-released https://lists.apache.org/thread.html/f0c4a03418bcfe70c539c5dbaf99c04c98da13bfa1d3266f08564316@%3Ccommits.airflow.apache.org%3E https://lists.apache.org/thread.html/b2380d147b508bbcb90d2cad443c159e63e12555966ab4f320ee22da@%3Ccommits.airflow.apache.org%3E https://lists.apache.org/thread.html/57673a78c4d5c870d3f21465c7e2946b9f8285c7c57e54c2ae552f02@%3Ccommits.airflow.apache.org%3E https://lists.apache.org/thread.html/7f39f01392d320dfb48e4901db68daeece62fd60ef20955966739993@%3Ccommits.airflow.apache.org%3E https://lists.apache.org/thread.html/320441dccbd9a545320f5f07306d711d4bbd31ba43dc9eebcfc602df@%3Cdevnull.infra.apache.org%3E https://lists.apache.org/thread.html/46c055e173b52d599c648a98199972dbd6a89d2b4c4647b0500f2284@%3Cdevnull.infra.apache.org%3E https://lists.apache.org/thread.html/09fc842ff444cd43d9d4c510756fec625ef8eb1175f14fd21de2605f@%3Cdevnull.infra.apache.org%3E https://lists.apache.org/thread.html/2b52b9c8b9d6366a4f1b407a8bde6af28d9fc73fdb3b37695fd0d9ac@%3Cdevnull.infra.apache.org%3E RedHat Security Advisories: RHSA-2019:1152 https://access.redhat.com/errata/RHSA-2019:1152 RedHat Security Advisories: RHSA-2019:1329 https://access.redhat.com/errata/RHSA-2019:1329
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.