exploitDog

SUSE-SU-2018:0072-1

Опубликовано: 12 янв. 2018

Источник: suse-cvrf

Описание

Security update for gwenhywfar

This update for gwenhywfar fixes the following issues:

Security issue fixed:

CVE-2015-7542: Make use of the system's default trusted CAs. Also remove the upstream provided ca-bundle.crt file and require ca-certificates so the /etc/ssl/certs directory is populated (bsc#958331).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

gwenhywfar-lang-4.9.0beta-3.3.1

gwenhywfar-tools-4.9.0beta-3.3.1

libgwengui-gtk2-0-4.9.0beta-3.3.1

libgwenhywfar60-4.9.0beta-3.3.1

libgwenhywfar60-plugins-4.9.0beta-3.3.1

SUSE Linux Enterprise Desktop 12 SP3

gwenhywfar-lang-4.9.0beta-3.3.1

gwenhywfar-tools-4.9.0beta-3.3.1

libgwengui-gtk2-0-4.9.0beta-3.3.1

libgwenhywfar60-4.9.0beta-3.3.1

libgwenhywfar60-plugins-4.9.0beta-3.3.1

SUSE Linux Enterprise Software Development Kit 12 SP2

gwenhywfar-devel-4.9.0beta-3.3.1

libgwengui-gtk2-0-4.9.0beta-3.3.1

libgwengui-qt4-0-4.9.0beta-3.3.1

libgwenhywfar60-4.9.0beta-3.3.1

SUSE Linux Enterprise Software Development Kit 12 SP3

gwenhywfar-devel-4.9.0beta-3.3.1

libgwengui-gtk2-0-4.9.0beta-3.3.1

libgwengui-qt4-0-4.9.0beta-3.3.1

libgwenhywfar60-4.9.0beta-3.3.1

SUSE Linux Enterprise Workstation Extension 12 SP2

gwenhywfar-lang-4.9.0beta-3.3.1

gwenhywfar-tools-4.9.0beta-3.3.1

libgwengui-gtk2-0-4.9.0beta-3.3.1

libgwenhywfar60-4.9.0beta-3.3.1

libgwenhywfar60-plugins-4.9.0beta-3.3.1

SUSE Linux Enterprise Workstation Extension 12 SP3

gwenhywfar-lang-4.9.0beta-3.3.1

gwenhywfar-tools-4.9.0beta-3.3.1

libgwengui-gtk2-0-4.9.0beta-3.3.1

libgwenhywfar60-4.9.0beta-3.3.1

libgwenhywfar60-plugins-4.9.0beta-3.3.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20180072-1/
Link for SUSE-SU-2018:0072-1
https://lists.suse.com/pipermail/sle-security-updates/2018-January/003590.html
E-Mail link for SUSE-SU-2018:0072-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/958331
SUSE Bug 958331
https://www.suse.com/security/cve/CVE-2015-7542/
SUSE CVE CVE-2015-7542 page

Описание

A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP2:gwenhywfar-lang-4.9.0beta-3.3.1

SUSE Linux Enterprise Desktop 12 SP2:gwenhywfar-tools-4.9.0beta-3.3.1

SUSE Linux Enterprise Desktop 12 SP2:libgwengui-gtk2-0-4.9.0beta-3.3.1

SUSE Linux Enterprise Desktop 12 SP2:libgwenhywfar60-4.9.0beta-3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-7542.html
CVE-2015-7542
https://bugzilla.suse.com/958331
SUSE Bug 958331