** Description changed:
CVE-2019-12816 addresses a remote code execution and privilege
escalation vulnerability. To trigger this, need to have a user already.
Details on the exploit are not included here, however Upstream has a
fix.
Eoan has a fix in proposed (autosync).
+
+ Note that this will require a No Changes Rebuild in Security for znc-backlog
to go along with this, otherwise znc-backlog is not installable.
+ Unit193 uploaded a no change rebuild for znc-backlog in Eoan. Disco is
where this conflict will happen.
** Also affects: znc (Ubuntu Eoan)
Importance: Undecided
Assignee: Thomas Ward (teward)
Status: Confirmed
** Also affects: znc (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: znc (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Also affects: znc (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: znc (Ubuntu Disco)
Importance: Undecided
Status: New
** Changed in: znc (Ubuntu Disco)
Status: New => Confirmed
** Changed in: znc (Ubuntu Cosmic)
Status: New => Confirmed
** Changed in: znc (Ubuntu Bionic)
Status: New => Confirmed
** Changed in: znc (Ubuntu Xenial)
Status: New => Confirmed
** Changed in: znc (Ubuntu Disco)
Assignee: (unassigned) => Thomas Ward (teward)
** Changed in: znc (Ubuntu Cosmic)
Assignee: (unassigned) => Thomas Ward (teward)
** Changed in: znc (Ubuntu Eoan)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1833143
Title:
CVE-2019-12816
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1833143/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs