group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1833143] Re: CVE-2019-12816

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Brian Murray <1833143@xxxxxxxxxxxxxxxxxx>
Date: Fri, 26 Jul 2024 16:50:59 -0000
Reply-to: Bug 1833143 <1833143@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Ubuntu 18.10 (Cosmic Cuttlefish) has reached end of life, so this bug
will not be fixed for that specific release.

** Changed in: znc (Ubuntu Cosmic)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1833143

Title:
  CVE-2019-12816

Status in znc package in Ubuntu:
  Fix Released
Status in znc source package in Xenial:
  Confirmed
Status in znc source package in Bionic:
  Confirmed
Status in znc source package in Cosmic:
  Won't Fix
Status in znc source package in Disco:
  Won't Fix
Status in znc source package in Eoan:
  Fix Released

Bug description:
  CVE-2019-12816 addresses a remote code execution and privilege
  escalation vulnerability.  To trigger this, need to have a user
  already.

  Details on the exploit are not included here, however Upstream has a
  fix.

  Eoan has a fix in proposed (autosync).

  Note that this will require a No Changes Rebuild in Security for znc-backlog to go along with this, otherwise znc-backlog is not installable. 
   Unit193 uploaded a no change rebuild for znc-backlog in Eoan.  Disco is where this conflict will happen.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1833143/+subscriptions