安全公告详情

NS-SA-2025-0236

2025-11-18 16:49:52

简介

moderate: audit security update

严重级别

moderate

主题

An update for audit is now available for NewStart CGSL MAIN 6.06.
NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

audit:


Security Fix(es):
audit: Audit before 2.4.4 in Linux does not sanitize escape characters in filenames.(CVE-2015-5186)
audit: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 6.06.02B5.

影响组件

  • audit

影响产品

  • CGSL MAIN 6.06

更新包

{"fix":[{"product":"CGSL MAIN 6.06","pkgs":[{"binary":["python3-audit-3.0.7-2.zncgsl6.2.x86_64.rpm","audit-libs-3.0.7-2.zncgsl6.2.x86_64.rpm","audit-libs-devel-3.0.7-2.zncgsl6.2.x86_64.rpm","audit-3.0.7-2.zncgsl6.2.x86_64.rpm"],"source":"audit-3.0.7-2.zncgsl6.2.src.rpm"}]}]}

CVE

参考