Updated python-nltk packages fix security vulnerability
Publication date: 05 Apr 2020Modification date: 05 Apr 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-14751
Description
Updated python-ntlk package fixes security vulnerability:
A vulnerability was found in NLTK Downloader before 3.4.5 is vulnerable
to a directory traversal, allowing attackers to write arbitrary files via
a ../ in an NLTK package (ZIP archive) that is mishandled during extraction
(CVE-2019-14751).
References
SRPMS
7/core
- python-nltk-3.4.5-1.1.mga7