Lucene search

K
osvGoogleOSV:DSA-3013-1
HistoryAug 27, 2014 - 12:00 a.m.

s3ql - security update

2014-08-2700:00:00
Google
osv.dev
8

EPSS

0.037

Percentile

91.9%

Nikolaus Rath discovered that s3ql, a file system for online data
storage, used the pickle functionality of the Python programming
language in an unsafe way. As a result, a malicious storage backend
or man-in-the-middle attacker was able execute arbitrary code.

For the stable distribution (wheezy), this problem has been fixed in
version 1.11.1-3+deb7u1.

We recommend that you upgrade your s3ql packages.