Advisories ยป MGASA-2020-0354

Updated fossil package fixes security vulnerability

Publication date: 30 Aug 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-24614


Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows
remote authenticated users to execute arbitrary code. An attacker must have
check-in privileges on the repository (CVE-2020-24614).

The fossil package has been updated to version 2.10.2, containing fixes for
this issue, fixes for other bugs and security issues, and additional
enhancements.  See the changes list for details.