漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
It was discovered that lintian incorrectly handled deserializing certain YAML files.
漏洞危害
If a user or automated system were tricked into running lintian on a specially crafted package, a remote attacker could possibly use this issue to execute arbitrary code.
解决方案
Refer to Ubuntu advisory USN-3310-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3310-1: 16.04 (Xenial) on src (lintian)
0daybank
文章评论