SUSE-SU-2017:1335-1

Опубликовано: 18 мая 2017

Источник: suse-cvrf

Описание

Security update for kdelibs4

This update for kdelibs4 fixes the following issues:

CVE-2017-8422: This update fixes problem in the DBUS authentication of the kauth framework that could be used to escalate privileges depending on bugs or misimplemented dbus services. (boo#1036244)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1

libkde4-4.12.0-10.1

libkde4-32bit-4.12.0-10.1

libkdecore4-4.12.0-10.1

libkdecore4-32bit-4.12.0-10.1

libksuseinstall1-4.12.0-10.1

libksuseinstall1-32bit-4.12.0-10.1

SUSE Linux Enterprise Desktop 12 SP2

libkde4-4.12.0-10.1

libkde4-32bit-4.12.0-10.1

libkdecore4-4.12.0-10.1

libkdecore4-32bit-4.12.0-10.1

libksuseinstall1-4.12.0-10.1

libksuseinstall1-32bit-4.12.0-10.1

SUSE Linux Enterprise Server 12 SP1

libkde4-4.12.0-10.1

libkde4-32bit-4.12.0-10.1

libkdecore4-4.12.0-10.1

libkdecore4-32bit-4.12.0-10.1

libksuseinstall1-4.12.0-10.1

libksuseinstall1-32bit-4.12.0-10.1

SUSE Linux Enterprise Server 12 SP2

libkde4-4.12.0-10.1

libkde4-32bit-4.12.0-10.1

libkdecore4-4.12.0-10.1

libkdecore4-32bit-4.12.0-10.1

libksuseinstall1-4.12.0-10.1

libksuseinstall1-32bit-4.12.0-10.1

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

libkde4-4.12.0-10.1

libkdecore4-4.12.0-10.1

libksuseinstall1-4.12.0-10.1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

libkde4-4.12.0-10.1

libkde4-32bit-4.12.0-10.1

libkdecore4-4.12.0-10.1

libkdecore4-32bit-4.12.0-10.1

libksuseinstall1-4.12.0-10.1

libksuseinstall1-32bit-4.12.0-10.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

libkde4-4.12.0-10.1

libkde4-32bit-4.12.0-10.1

libkdecore4-4.12.0-10.1

libkdecore4-32bit-4.12.0-10.1

libksuseinstall1-4.12.0-10.1

libksuseinstall1-32bit-4.12.0-10.1

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20171335-1/
Link for SUSE-SU-2017:1335-1
https://lists.suse.com/pipermail/sle-security-updates/2017-May/002894.html
E-Mail link for SUSE-SU-2017:1335-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1036244
SUSE Bug 1036244
https://www.suse.com/security/cve/CVE-2017-8422/
SUSE CVE CVE-2017-8422 page

Описание

KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:libkde4-32bit-4.12.0-10.1

SUSE Linux Enterprise Desktop 12 SP1:libkde4-4.12.0-10.1

SUSE Linux Enterprise Desktop 12 SP1:libkdecore4-32bit-4.12.0-10.1

SUSE Linux Enterprise Desktop 12 SP1:libkdecore4-4.12.0-10.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-8422.html
CVE-2017-8422
https://bugzilla.suse.com/1033300
SUSE Bug 1033300
https://bugzilla.suse.com/1036244
SUSE Bug 1036244
https://bugzilla.suse.com/1041511
SUSE Bug 1041511
https://bugzilla.suse.com/749065
SUSE Bug 749065
https://bugzilla.suse.com/869959
SUSE Bug 869959

SUSE-SU-2017:1335-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1

SUSE Linux Enterprise Desktop 12 SP2

SUSE Linux Enterprise Server 12 SP1

SUSE Linux Enterprise Server 12 SP2

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

Ссылки

Уязвимость: CVE-2017-8422

Описание

Затронутые продукты

Ссылки