[Group.of.nepali.translators] [Bug 1833143] Re: CVE-2019-12816
** Changed in: znc (Ubuntu Disco) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1833143 Title: CVE-2019-12816 Status in znc package in Ubuntu: Fix Released Status in znc source package in Xenial: Confirmed Status in znc source package in Bionic: Confirmed Status in znc source package in Cosmic: Confirmed Status in znc source package in Disco: Won't Fix Status in znc source package in Eoan: Fix Released Bug description: CVE-2019-12816 addresses a remote code execution and privilege escalation vulnerability. To trigger this, need to have a user already. Details on the exploit are not included here, however Upstream has a fix. Eoan has a fix in proposed (autosync). Note that this will require a No Changes Rebuild in Security for znc-backlog to go along with this, otherwise znc-backlog is not installable. Unit193 uploaded a no change rebuild for znc-backlog in Eoan. Disco is where this conflict will happen. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1833143/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1833143] Re: CVE-2019-12816
1.7.2-3 with the fix landed in release. ** Changed in: znc (Ubuntu Eoan) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1833143 Title: CVE-2019-12816 Status in znc package in Ubuntu: Fix Released Status in znc source package in Xenial: Confirmed Status in znc source package in Bionic: Confirmed Status in znc source package in Cosmic: Confirmed Status in znc source package in Disco: Confirmed Status in znc source package in Eoan: Fix Released Bug description: CVE-2019-12816 addresses a remote code execution and privilege escalation vulnerability. To trigger this, need to have a user already. Details on the exploit are not included here, however Upstream has a fix. Eoan has a fix in proposed (autosync). Note that this will require a No Changes Rebuild in Security for znc-backlog to go along with this, otherwise znc-backlog is not installable. Unit193 uploaded a no change rebuild for znc-backlog in Eoan. Disco is where this conflict will happen. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1833143/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp