ALT-PU-2016-3248-1
Package supervisor updated to version 3.3.1-alt1 for branch sisyphus in task 174007.
Closed vulnerabilities
Published: 2017-08-07
BDU:2017-02043
Уязвимость компонента XML-RPC веб-сервера Supervisor и операционных систем Fedora, Debian GNU/Linux , позволяющая нарушителю выполнить произвольные команды
Severity: CRITICAL (9.0)
References:
Published: 2017-08-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-11610
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups.
Severity: HIGH (8.8)
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- DSA-3942
- DSA-3942
- RHSA-2017:3005
- RHSA-2017:3005
- https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt
- https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt
- https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt
- https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt
- https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt
- https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt
- https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt
- https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt
- https://github.com/Supervisor/supervisor/issues/964
- https://github.com/Supervisor/supervisor/issues/964
- FEDORA-2017-307eab89e1
- FEDORA-2017-307eab89e1
- FEDORA-2017-85eb9f7a36
- FEDORA-2017-85eb9f7a36
- FEDORA-2017-713430fb15
- FEDORA-2017-713430fb15
- GLSA-201709-06
- GLSA-201709-06
- 42779
- 42779