Debian Security Advisory 3445-1

Debian Security Advisory 3445-1: Posted Jan 14, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3445-1 - Javantea discovered that pygments, a generic syntax highlighter, is prone to a shell injection vulnerability allowing a remote attacker to execute arbitrary code via shell metacharacters in a font name.; tags | advisory, remote, arbitrary, shell; systems | linux, debian; advisories | CVE-2015-8557; SHA-256 | be20283f27cd754080667c6aa5832f53b7aa71a80cf88dd6308d581511d9b578; Download | Favorite | View

Debian Security Advisory 3445-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3445-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
January 13, 2016                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : pygments
CVE ID         : CVE-2015-8557
Debian Bug     : 802828

Javantea discovered that pygments, a generic syntax highlighter, is
prone to a shell injection vulnerability allowing a remote attacker to
execute arbitrary code via shell metacharacters in a font name.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1.5+dfsg-1+deb7u1.

For the stable distribution (jessie), this problem has been fixed in
version 2.0.1+dfsg-1.1+deb8u1.

For the testing distribution (stretch), this problem has been fixed
in version 2.0.1+dfsg-2.

For the unstable distribution (sid), this problem has been fixed in
version 2.0.1+dfsg-2.

We recommend that you upgrade your pygments packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWlspWAAoJEAVMuPMTQ89EXQ8P/A+1hk6GVwctyMkYk2RtctVV
In2tcwA0DvobNr9NIYXdKICaZ5O2Cn30UItVprq/2s8TIKMimKaqZzf0UdWd+0yM
aclsQi9vKKELC/i37YhE7SA3HIPurrQY45HlqbLlMl2OdawuYeoB99S11HK6G5Ym
0f28wubG9idzqWPihhYZCJYIxxEW1YUwgyPhw0VBvSzZE4VOKPstWrmNV2SA7fBP
nigSxLvYfphP0vjObrtsSBotqbu7QkpCnSCV3qQbXn2MOaaqcXWwXvaYHxU9zyc+
NESVUD+p80uD3ZfSxWkjjujpT4TVcJ6ayjGVeQHOBE+/VAEZT8Ktsz4W5F8bwAOZ
87TKDrMN9LS7FDBBl3+LNdp9fhIAOvVZl60SnRIoR5Cb81szzxd+UBI5dcaDlrIu
nQGEfJLfhnu3bK4J9JQsaEDYpBgvldE9AAktgeWWb5ry3+FVaH9rgzFDk1ZWHGTN
6OXlBDHMxt5URlVLO1vyarUtVqO4hyOGJwXpQHVj+wnWPbmXkLitufvhVb3P0B+3
9LOoaAR32i3MxkT5B5z8bRIyfPqbLz1nP7kFDb6jwJe026nkNOmm5+Gu4XITqtrp
1UUyFh7CeuYpMkCE1MCb9PW/HqFJPl9AMmuX6LclI1rrS18FTd8dITvJF80Twkjq
Q99idgKlc5VF4NPjwaj/
=mGYo
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,298)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,550)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,453)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Debian Security Advisory 3445-1

Debian Security Advisory 3445-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 3445-1

Share This

Debian Security Advisory 3445-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems