tracker-miners-2.1.5-2.el8_9.1
エラータID: AXSA:2024-7359:01
Release date:
Thursday, January 11, 2024 - 04:59
Subject:
tracker-miners-2.1.5-2.el8_9.1
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
Tracker is a powerful desktop-neutral first class object database, tag/metadata
database and search tool. This package contains various miners and metadata
extractors for tracker.
Security Fix(es):
tracker-miners: sandbox escape (CVE-2023-5557)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE(s):
CVE-2023-5557
Solution:
Update packages.
CVEs:
CVE-2023-5557
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.
Additional Info:
N/A
Download:
SRPMS
- tracker-miners-2.1.5-2.el8_9.1.src.rpm
MD5: dc396488382c955ea7474a9a14732ec5
SHA-256: eb815471abe0923784a59d9c3112e39a01d4bfbb341c3faaa4b5612ece20f808
Size: 3.34 MB
Asianux Server 8 for x86_64
- tracker-miners-2.1.5-2.el8_9.1.i686.rpm
MD5: a82bc79e64e88f4e292a4ddc627a3af6
SHA-256: 414339edd2ab70dc96ce093f2e338be859b2f3c39231acb4f0c47185c6869f4d
Size: 773.13 kB - tracker-miners-2.1.5-2.el8_9.1.x86_64.rpm
MD5: cef39029195f31d9931f5c3e14506092
SHA-256: c8f1a44fd356acea2e45a034539a002671b5a8b133420d129ab9a0e653b0eca6
Size: 750.70 kB