112
htmlunit vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 16.04 LTS

Summary

HtmlUnit could be made to crash or run programs as an
administrator if it opened a specially crafted file.

Software Description

* htmlunit - headless web browser written in Java

Details

It was discovered that HtmlUnit incorrectly initialized Rhino
engine. An Attacker could possibly use this issue to execute
arbitrary Java code.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 16.04 LTS
libhtmlunit-java - 2.8-1ubuntu2.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary
changes.

References

* CVE-2020-5529

--- Mystic BBS v1.12 A46 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)