latest security vulnerbilities 09 April 2019, 12:29:34 https://resources.whitesourcesoftware.com/blog-whitesource/top-5-new-open-source-security-vulnerabilities-in-march-2019?utm_source=twitter&utm_medium=channel&utm_term=blog-whitesource/top-5-new-open-source-security-vulnerabilities-in-march-2019&utm_content=top5-vulnerabilities-marchpat-li libssh2 JS-YAML Linux kernel among others..
Re: latest security vulnerbilities Reply #1 – 09 April 2019, 16:10:37 The js-yaml version in the AUR is vulnerable:$ yay -Ss js-yamlaur/nodejs-js-yaml 3.10.0-1 (+1 0.00%) YAML 1.2 parser and writerhttps://aur.archlinux.org/packages/nodejs-js-yamlFirst Submitted: 2017-09-16 10:20Last Updated: 2017-09-16 10:21#3 JS-YAMLAffected versions: All versions prior to 3.13.0safer-eval is not a package unless it's there under a different name and the others are OK at their current versions. Last Edit: 09 April 2019, 16:18:45 by #######
Re: latest security vulnerbilities Reply #3 – 10 April 2019, 10:56:07 Quote from: mrbrklyn – on 10 April 2019, 04:04:25what is yaml?gnu-yamlGNU NOT UNIXYAML AINT MARKUP LANGUAGEUNIX NOT IBM X-operating-system
Re: latest security vulnerbilities Reply #4 – 15 April 2019, 02:28:35 It's been updated to a secure version:Package Details: nodejs-js-yaml 3.13.1-1If you git clone artix pkgbuild's there are yaml files in a hidden directory:openrc/.artixlinux/agent.yamlContents of this file:%YAML 1.2---label: masterMysterious secret yaml agents? What do they do?
Topic: latest security vulnerbilities (Read 1432 times)
previous topic - next topic
Topic: latest security vulnerbilities (Read 1432 times)
previous topic - next topic