AVG-1049 log

Package pacman
Status Fixed
Severity High
Type arbitrary command execution
Affected 5.1.3-1
Fixed 5.2.0-1
Current 7.0.0.r6.gc685ae6-1 [core]
Ticket None
Created Thu Oct 17 14:54:51 2019
Issue Severity Remote Type Description
CVE-2019-18183 High Yes Arbitrary command execution
pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. This can be exploited when unsigned...
CVE-2019-18182 High Yes Arbitrary command execution
pacman before 5.2 is vulnerable to arbitrary command injection in src/pacman/conf.c in the download_with_xfercommand() function. This can be exploited when...
Date Advisory Package Type
23 Oct 2019 ASA-201910-13 pacman arbitrary command execution