Debian Security Advisory 5260-1

Debian Security Advisory 5260-1: Posted Oct 24, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5260-1 - Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, used exec() on input passed to the server component.; tags | advisory; systems | linux, debian; advisories | CVE-2022-42902; SHA-256 | 8d7af12785c3d0a89415518ecb456a32bb0666b172393a6eaaa1cb90b13d69d5; Download | Favorite | View

Debian Security Advisory 5260-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5260-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
October 23, 2022                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : lava
CVE ID         : CVE-2022-42902
Debian Bug     : 1021737

Igor Ponomarev discovered that LAVA, a continuous integration system for
deploying operating systems onto physical and virtual hardware for
running tests, used exec() on input passed to the server component.

For the stable distribution (bullseye), this problem has been fixed in
version 2020.12-5+deb11u1.

We recommend that you upgrade your lava packages.

For the detailed security status of lava please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/lava

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNViSgACgkQEMKTtsN8
TjbTZQ/+PZMyV4LA6box8yB3VGBSBfh4NSDKqtc0YqmsBhMFbiXAtSqNfxr93GEI
d+e6cHdGJQn73g0gLj/N70922Qz7k+nC7+kjDBul19S84M2gp5O9OWaOgXwZVBS2
BFJQkdGz4yG1bp94GxX/S66q1podS+NWFP6M87OD3eB/XnBUIPYj9K+ItUiSwr3X
NiXvqF1ocItc4yGjtJDM8Dh7avYL0mVLJ+VEZV3x2JVGR2ytTDOQOT9MOiNl5aG+
PziP8nzxUN4XcS5vSjFQjCNrfEJ43vCR5n20KBFMgTA8NlRGqKhElHuel2MC2R4U
reOnw7l6/6b05aaUfXJhi94KZx8/4ZEniL7MF6WyGmCnXp2oRlEM07U+nefTOo2q
PbPfEm4fFYajFVSO7Spq4GbSYdDku1/83zoa1BFOw3UU2YQhYfNFhmcR6cLoqdVw
vjitSbIfysdtvWWXef0q1cdmI5M1GWfiuIOstUQsleOQCBDxqMyGtxoZzvwwDyAt
eZe8dV8iBwgDPYwuii40l0/0npSVEsmwMUCz6K6D0b0AxmGmAf487c64WErQhlRF
9dl/VYzwLtPJNweEUC3y3CwhrdFu1J3w/4Blj0+ynnMgqUENwMFvCTJlitbMy74o
DUY3qu3tGE52FGCODrct5ksPShI9KBAyE7DDlnsapJjV0yuvxZQ=
=b+Kz
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 343 files
Ubuntu 57 files
Gentoo 32 files
Debian 22 files
Apple 9 files
malvuln 6 files
Jann Horn 5 files
Google Security Research 5 files
nu11secur1ty 5 files
Adam Gowdiak 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,044)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,776)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,910)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,514)
UNIX (9,404)
UnixWare (187)
Windows (6,660)
Other

Debian Security Advisory 5260-1

Debian Security Advisory 5260-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5260-1

Share This

Debian Security Advisory 5260-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems