1.7.2-3 with the fix landed in release.
** Changed in: znc (Ubuntu Eoan)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1833143
Title:
CVE-2019-12816
Status in znc package in Ubuntu:
Fix Released
Status in znc source package in Xenial:
Confirmed
Status in znc source package in Bionic:
Confirmed
Status in znc source package in Cosmic:
Confirmed
Status in znc source package in Disco:
Confirmed
Status in znc source package in Eoan:
Fix Released
Bug description:
CVE-2019-12816 addresses a remote code execution and privilege
escalation vulnerability. To trigger this, need to have a user
already.
Details on the exploit are not included here, however Upstream has a
fix.
Eoan has a fix in proposed (autosync).
Note that this will require a No Changes Rebuild in Security for znc-backlog
to go along with this, otherwise znc-backlog is not installable.
Unit193 uploaded a no change rebuild for znc-backlog in Eoan. Disco is
where this conflict will happen.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1833143/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : [email protected]
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
