DLA 2120-1: rake security update

Debian 9924 Published 2020-02-27 07:05 by Philipp Esselbach

News

A rake security update has been released for Debian GNU/Linux 8 LTS to address an injection vulnerability in Rake.

Package : rake
Version : 10.3.2-2+deb8u1
CVE ID : CVE-2020-8130

There is an OS command injection vulnerability in Rake (a ruby make-like
utility) < 12.3.3 in Rake::FileList when supplying a filename that
begins with the pipe character `|`.

For Debian 8 "Jessie", this problem has been fixed in version
10.3.2-2+deb8u1.

We recommend that you upgrade your rake packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

CESA-2020:0574 Important CentOS 6 thunderbird Security Update

macOS Catalina 10.15.4 Beta 3 released

Community

dhamu
Hello Phil, I have a Linux Tutorial website that curre ...
StephanX
Hi friends, i am new in the Linux universe but i try to ...
Philipp
I would try the XanMod kernel: https://xanmod.org I ...

Windows

Linux

macOS

Community