SUSE-SU-2015:2054-1

Опубликовано: 20 нояб. 2015

Источник: suse-cvrf

Описание

Security update for xscreensaver

The xscreensaver package was updated to fix the following security and non security issues:

CVE-2015-8025: Fixed a crash when hot-swapping monitors while locked (bsc#952062).
Added xscreensaver-in_signal_handler_p.patch needed for fix of signal handling.
Refresh xscreensaver-stars.patch.

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3

xscreensaver-5.07-6.36.1

SUSE Linux Enterprise Desktop 11 SP4

xscreensaver-5.07-6.36.1

SUSE Linux Enterprise Server 11 SP3

xscreensaver-5.07-6.36.1

SUSE Linux Enterprise Server 11 SP3-TERADATA

xscreensaver-5.07-6.36.1

SUSE Linux Enterprise Server 11 SP4

xscreensaver-5.07-6.36.1

SUSE Linux Enterprise Server for SAP Applications 11 SP3

xscreensaver-5.07-6.36.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

xscreensaver-5.07-6.36.1

Ссылки

https://www.suse.com/support/update/announcement/2015/suse-su-20152054-1/
Link for SUSE-SU-2015:2054-1
https://lists.suse.com/pipermail/sle-security-updates/2015-November/001686.html
E-Mail link for SUSE-SU-2015:2054-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/952062
SUSE Bug 952062
https://www.suse.com/security/cve/CVE-2015-8025/
SUSE CVE CVE-2015-8025 page

Описание

driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors.

Затронутые продукты

SUSE Linux Enterprise Desktop 11 SP3:xscreensaver-5.07-6.36.1

SUSE Linux Enterprise Desktop 11 SP4:xscreensaver-5.07-6.36.1

SUSE Linux Enterprise Server 11 SP3-TERADATA:xscreensaver-5.07-6.36.1

SUSE Linux Enterprise Server 11 SP3:xscreensaver-5.07-6.36.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-8025.html
CVE-2015-8025
https://bugzilla.suse.com/952062
SUSE Bug 952062
https://bugzilla.suse.com/970335
SUSE Bug 970335

SUSE-SU-2015:2054-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3

SUSE Linux Enterprise Desktop 11 SP4

SUSE Linux Enterprise Server 11 SP3

SUSE Linux Enterprise Server 11 SP3-TERADATA

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP3

SUSE Linux Enterprise Server for SAP Applications 11 SP4

Ссылки

Уязвимость: CVE-2015-8025

Описание

Затронутые продукты

Ссылки