unoconv-0.6-8.el7
エラータID: AXSA:2020-729:01
Release date:
Wednesday, October 14, 2020 - 14:44
Subject:
unoconv-0.6-8.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
High
Description:
document format that LibreOffice can import to any document format that
LibreOffice can export. It makes use of the LibreOffice's UNO bindings for
non-interactive conversion of documents.
Security Fix(es):
unoconv: mishandling of pathname leads to SSRF and local file inclusion
(CVE-2019-17400)
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
Solution:
Update packages.
CVEs:
CVE-2019-17400
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
Additional Info:
N/A
Download:
SRPMS
- unoconv-0.6-8.el7.src.rpm
MD5: d3d4357896af6b31bd015c5fa0de25f7
SHA-256: 249d760f1c6dc840572b327a22d07a87c7d70ef825251b603093d19f5d2f27f8
Size: 141.03 kB
Asianux Server 7 for x86_64
- unoconv-0.6-8.el7.noarch.rpm
MD5: cf00d8e1f19d1ae5e25d82cd08068c06
SHA-256: bdd3fac8f2bf19fa18aef221e0b48885e32c43b1552839a6df899ee69ed20d51
Size: 93.10 kB