CESA-2017:2788 -- centos 7 augeasID: oval:org.secpod.oval:def:204561 | Date: (C)2017-09-27 (M)2022-10-10 |
Class: PATCH | Family: unix |
Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. Security Fix: * A vulnerability was discovered in augeas affecting the handling of escaped strings. An attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution. This issue was discovered by Han Han .