CVE-2017-8829

Metadata

medium
6.8
lintian
CVE-2017-8829
cve.mitre.org, ubuntu.com, bugs.debian.org
2017-05-08
2017-06-16 19:23
CVE-2017-8829 lintian
2017-06-15 02:36
2017-06-06 17:03
2017-06-05 20:03
2017-05-16 15:03
2017-05-10 23:55
2017-05-09 03:03

Description

Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code execution by requesting a review of a source package with a crafted YAML file.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
devel lintian 2.5.50.4
upstream lintian 2.5.50.4
xenial lintian 2.5.43ubuntu0.1
yakkety lintian 2.5.48ubuntu0.1
zesty lintian 2.5.50.1ubuntu0.1

Unaffected

Release Package Reason
precise lintian not-affected
precise/esm lintian not-affected
trusty lintian not-affected
vivid/stable-phone-overlay lintian DNE
vivid/ubuntu-core lintian DNE