grunt vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 18.04 LTS

Summary

Grunt could be made to run programs if it received specially
crafted input.

Software Description

* grunt - JavaScript task runner/build system/maintainer tool

Details

It was discovered that Grunt did not properly load yaml files. An
attacker could possibly use this to execute arbitrary code.
(CVE-2020-7729)

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 18.04 LTS
grunt - 1.0.1-8ubuntu0.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary
changes.

References

* CVE-2020-7729

--- Mystic BBS v1.12 A46 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)