You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke rdflib

Sigurnosni nedostatak programske biblioteke rdflib

==========================================================================
Ubuntu Security Notice USN-4535-1
September 23, 2020

rdflib vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

RDFLib could be made to made to execute arbitrary code if it were running
in a directory with a specially crafted file.

Software Description:
– rdflib: Pure Python package for working with RDF

Details:

Gabriel Corona discovered that RDFLib did not properly load modules on the
command-line. An attacker could possibly use this issue to cause RDFLib to
execute arbitrary code. (CVE-2019-7653)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
python-rdflib 4.1.2-3+deb8u1build0.16.04.1
python-rdflib-tools 4.1.2-3+deb8u1build0.16.04.1
python3-rdflib 4.1.2-3+deb8u1build0.16.04.1

After a standard system update you need to restart any applications that
make use of RDFLib to make all the necessary changes.

References:
https://usn.ubuntu.com/4535-1
CVE-2019-7653

Package Information:
https://launchpad.net/ubuntu/+source/rdflib/4.1.2-3+deb8u1build0.16.04.1

—–BEGIN PGP SIGNATURE—–

iQEzBAEBCAAdFiEElnO/d49FoUPK9fwytGdj0GOh2+wFAl9riNcACgkQtGdj0GOh
2+zsZQgA04f/ZBrjtYuTXDXp5ATcNLJVzxKdh+DSa4/fjhNCcHuaKEC6kjA9nv/f
V+VWmoi133+0u7n5WzKN4Yr3Q64xvVmhOwC+IqzJmvKN7U4vUUBvrY3lKN4Xqd7O
0mVYbdRiEINNtDss/tv84HZ/J97q1gCV1kZRpPTHD5rSYGbFYcTDrTz2sH5ZcMaF
mLkxNLlmNEX+/aFyChGIXujeyX5sJPiPqO8avckyX/RY4ohXTQJZppEB/+Q/uGog
aVxnUKnGXYaK5dOIMSJ04pEocjHR37h7oJPCTscnZOdirzFSHLis83eGafSGXmns
SfoNSc8hYTNLU4X46W+VWPeEwMPWvw==
=Py/0
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libproxy

Otkriven je sigurnosni nedostatak programske biblioteke libproxy za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje...

Close