Not a user yet?
Log in Register for free Suggest a product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

USN-6991-1: AIOHTTP vulnerability

Ubuntu DesktopUbuntu Desktop
Canonical
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

USN-6991-1: AIOHTTP vulnerability
5 September 2024

python-aiohttp would allow unintended access to files over the network.

Releases
Ubuntu 24.04 LTS Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM

Packages
python-aiohttp - http client/server for asyncio

Details
It was discovered that AIOHTTP did not properly restrict file access when
the ‘follow_symlinks’ option was set to True. A remote attacker could
possibly use this issue to access unauthorized files on the system.

Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Update instructions
The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.04
python-aiohttp-doc - 3.9.1-1ubuntu0.1

More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Canonical Ubuntu Desktop updates

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad