========================================================================== Ubuntu Security Notice USN-4123-1 September 05, 2019 npm/fstream vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS Summary: npm/fstream could be made to overwrite files. Software Description: - node-fstream: Advanced filesystem streaming tools for Node.js Details: It was discovered that npm/fstream incorrectly handled certain crafted tarballs. An attacker could use this vulnerability to write aritrary files to the filesystem. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: node-fstream 1.0.10-1ubuntu0.19.04.2 Ubuntu 18.04 LTS: node-fstream 1.0.10-1ubuntu0.18.04.1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4123-1 CVE-2019-13173 Package Information: https://launchpad.net/ubuntu/+source/node-fstream/1.0.10-1ubuntu0.19.04.2 https://launchpad.net/ubuntu/+source/node-fstream/1.0.10-1ubuntu0.18.04.1