This bug was fixed in the package software-properties - 0.96.24.32.14
---------------
software-properties (0.96.24.32.14) bionic-security; urgency=medium
* SECURITY UPDATE: malicious repo could send ANSI sequences to terminal
(LP: #1890286)
- add-apt-repository: strip ANSI sequences from the description.
- CVE-2020-15709
-- Marc Deslauriers <[email protected]> Fri, 07 Aug 2020
10:07:43 -0400
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1890286
Title:
ansi escape sequence injection in add-apt-repository
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1890286/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
