Advisories » MGASA-2019-0237

Updated webmin packages fix security vulnerability

Publication date: 31 Aug 2019
Modification date: 31 Aug 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-15107

Description

Updated webmin package fixes security vulnerability:

Webmin before 1.930 allows remote exploits if the option to change expired
passwords is enabled (CVE-2019-15107).

Note that it is only vulnerable if changing of expired passwords is enabled,
which is not the case by default.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25331
• http://www.webmin.com/security.html
• http://www.webmin.com/changes.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15107

SRPMS

7/core

• webmin-1.930-1.mga7