Scientific Linux Security Update : patch on SL7.x x86_64
High Nessus Plugin ID 129577
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969)
- patch: OS shell command injection when processing crafted patch files (CVE-2019-13638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
SolutionUpdate the affected patch and / or patch-debuginfo packages.