Debian Security Advisory 5036-1

Debian Security Advisory 5036-1: Posted Jan 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5036-1 - It was discovered that sphinxsearch, a fast standalone full-text SQL search engine, could allow arbitrary files to be read by abusing a configuration option.; tags | advisory, arbitrary; systems | linux, debian; advisories | CVE-2020-29050; SHA-256 | f6ca287511afa80a759cca94970f295545542cf2b9cd3186543025a1d1fa3633; Download | Favorite | View

Debian Security Advisory 5036-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5036-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
January 06, 2022                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : sphinxsearch
CVE ID         : CVE-2020-29050

It was discovered that sphinxsearch, a fast standalone full-text SQL
search engine, could allow arbitrary files to be read by abusing a
configuration option.

For the oldstable distribution (buster), this problem has been fixed
in version 2.2.11-2+deb10u1.

We recommend that you upgrade your sphinxsearch packages.

For the detailed security status of sphinxsearch please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/sphinxsearch

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmHXNlpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0SXNg//e9BBJyizvCyPwCutL0A7pHVzu7jxZOo3wuUc+e3EHy2gvQgDpVIXTOfR
tK7L898ydkqNy+Ds0mwHeArnOo+hhsR4/Xy+lkMSoslFpNcmWtxy7HHgluck2ppG
6fobzUx5xwjmBBYDSQMXr2GZnYWTY7rqIKMVB9bO+40mKiCC41+GzzAGZD0IDkzx
clcrS3c3wDVbrUYQf6rFPgOTd0epvd4vCC/2Fh7OorZSWGInlmhwBXDdBKVJKcMa
FxBhLHVN1lasY82YP3ZlNKhLOUW8ULhOtYcpQlI6Ggw6yXAkLh7kQGcLo41nNNd8
OeDaugNtR1CxpudbnKBdPUOf58Xv6YiwOnnF/fTYgWQbYNC8OWcXa/HFylgtiJSx
+wVnIcHEF3n9Zd3YHXmbOO916KeZvetWrNqDuYA7YxRcrLbi07k2hW7UeF7+GOzD
fuS6fhONWW/REpsoRb3KQq1QPdvU+iiDuasUMrL8myHfzPRUF/WUkSdNj/zW3w4U
CUyenZzySZTzZGrsO4xFM6YKI/ZMA+T7ytMQCVA2UWuUEgdvQ3N1R6iLUkHohni7
heWiYX3CPaC6rikjDpVi3FH6R/9kecqPM/NsD+bxdvnQfxJ6ZCZdt22+59ckSYmg
60aJNgFJLvBm14gf9Wer2elUHElt4qbBV+gIGrGxPFTKpoONKi8=
=eHD6
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 119 files
Ubuntu 103 files
Debian 15 files
Rafael Pedrero 11 files
Apple 9 files
Google Security Research 9 files
Abdulhakim Oner 8 files
nu11secur1ty 8 files
Hubert Wojciechowski 6 files
Ivan Fratric 5 files

File Archives

Systems

AIX (426)
Apple (1,960)
BSD (372)
CentOS (56)
Cisco (1,919)
Debian (6,715)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,288)
HPUX (878)
iOS (340)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,153)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,930)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,462)
UNIX (9,208)
UnixWare (185)
Windows (6,533)
Other

Debian Security Advisory 5036-1

Debian Security Advisory 5036-1

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5036-1

Share This

Debian Security Advisory 5036-1

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems