You are here
Home > Preporuke > Sigurnosni nedostatakl programske biblioteke python-mitogen

Sigurnosni nedostatakl programske biblioteke python-mitogen

——————————————————————————–
Fedora Update Notification
FEDORA-2019-b25dd670a4
2019-09-04 03:10:52.819337
——————————————————————————–

Name : python-mitogen
Product : Fedora 30
Version : 0.2.8
Release : 1.fc30
URL : https://github.com/dw/mitogen
Summary : Distributed self-replicating programs in Python
Description :
Mitogen is a Python library for writing distributed self-replicating programs.

There is no requirement for installing packages, copying files around, writing
shell snippets, upfront configuration, or providing any secondary link to a
remote machine aside from an SSH connection. Due to its origins for use in
managing potentially damaged infrastructure, the remote machine need not even
have free disk space or a writeable filesystem.

It is not intended as a generic RPC framework; the goal is to provide a robust
and efficient low-level API on which tools like Salt, Ansible, or Fabric can be
built, and while the API is quite friendly and comparable to Fabric, ultimately
it is not intended for direct use by consumer software.

The focus is to centralize and perfect the intricate dance required to run
Python code safely and efficiently on a remote machine, while avoiding
temporary files or large chunks of error-prone shell scripts, and supporting
common privilege escalation techniques like sudo, potentially in combination
with exotic connection methods such as WMI, telnet, or console-over-IPMI.

——————————————————————————–
Update Information:

Latest upstream 0.2.8
——————————————————————————–
References:

[ 1 ] Bug #1743124 – CVE-2019-15149 python-mitogen: mitogen: security bypass in core.py [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1743124
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-b25dd670a4’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2019-1f17485159
2019-09-04 04:05:05.596660
——————————————————————————–

Name : python-mitogen
Product : Fedora 29
Version : 0.2.8
Release : 1.fc29
URL : https://github.com/dw/mitogen
Summary : Distributed self-replicating programs in Python
Description :
Mitogen is a Python library for writing distributed self-replicating programs.

There is no requirement for installing packages, copying files around, writing
shell snippets, upfront configuration, or providing any secondary link to a
remote machine aside from an SSH connection. Due to its origins for use in
managing potentially damaged infrastructure, the remote machine need not even
have free disk space or a writeable filesystem.

It is not intended as a generic RPC framework; the goal is to provide a robust
and efficient low-level API on which tools like Salt, Ansible, or Fabric can be
built, and while the API is quite friendly and comparable to Fabric, ultimately
it is not intended for direct use by consumer software.

The focus is to centralize and perfect the intricate dance required to run
Python code safely and efficiently on a remote machine, while avoiding
temporary files or large chunks of error-prone shell scripts, and supporting
common privilege escalation techniques like sudo, potentially in combination
with exotic connection methods such as WMI, telnet, or console-over-IPMI.

——————————————————————————–
Update Information:

Latest upstream 0.2.8
——————————————————————————–
References:

[ 1 ] Bug #1743124 – CVE-2019-15149 python-mitogen: mitogen: security bypass in core.py [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1743124
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-1f17485159’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava RHEL. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izazivanje DoS stanja, izvršavanje proizvoljnog programskog...

Close