[Bug 1890286] Re: ansi escape sequence injection in add-apt-repository

Launchpad Bug Tracker Wed, 12 Aug 2020 06:56:43 -0700

This bug was fixed in the package software-properties - 0.98.9.2

---------------
software-properties (0.98.9.2) focal-security; urgency=medium


  * SECURITY UPDATE: malicious repo could send ANSI sequences to terminal
    (LP: #1890286)
    - add-apt-repository: strip ANSI sequences from the description.
    - CVE-2020-15709

 -- Marc Deslauriers <[email protected]>  Fri, 07 Aug 2020
09:15:34 -0400

** Changed in: software-properties (Ubuntu)
       Status: New => Fix Released

** Changed in: software-properties (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1890286

Title:
  ansi escape sequence injection in add-apt-repository

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1890286/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1890286] Re: ansi escape sequence injection in add-apt-repository

Reply via email to