CVE-2020-4042 and CVE-2020-11061
Closed this issue · 1 comments
westphaldp commented
Bareos has released new versions to patch authentication bypass and heap overflow issues. The barcus/bareos*
containers should be regenerated to incorporate the fixes.
GHSA-vqpj-2vhj-h752 / CVE-2020-4042: Authentication bypass in director when allowing client and director initiated connections (https://bugs.bareos.org/view.php?id=1250)
GHSA-mm45-cg35-54j4 / CVE-2020-11061: Heap overflow in director when running a verify job against a malicious filedaemon (https://bugs.bareos.org/view.php?id=1210)
barcus commented
Images have been regenerated. Thank you @westphaldp