Описание
Security update for shotwell
This update for shotwell fixes the following issues:
Security issue fixed:
- CVE-2017-1000024: Use HTTPS encryption all over the publishing plugins (bsc#1054311).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
shotwell-0.22.0+git.20160103-15.6.1
shotwell-lang-0.22.0+git.20160103-15.6.1
SUSE Linux Enterprise Desktop 12 SP3
shotwell-0.22.0+git.20160103-15.6.1
shotwell-lang-0.22.0+git.20160103-15.6.1
SUSE Linux Enterprise Workstation Extension 12 SP2
shotwell-0.22.0+git.20160103-15.6.1
shotwell-lang-0.22.0+git.20160103-15.6.1
SUSE Linux Enterprise Workstation Extension 12 SP3
shotwell-0.22.0+git.20160103-15.6.1
shotwell-lang-0.22.0+git.20160103-15.6.1
Ссылки
- Link for SUSE-SU-2018:0637-1
- E-Mail link for SUSE-SU-2018:0637-1
- SUSE Security Ratings
- SUSE Bug 1054311
- SUSE CVE CVE-2017-1000024 page
Описание
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:shotwell-0.22.0+git.20160103-15.6.1
SUSE Linux Enterprise Desktop 12 SP2:shotwell-lang-0.22.0+git.20160103-15.6.1
SUSE Linux Enterprise Desktop 12 SP3:shotwell-0.22.0+git.20160103-15.6.1
SUSE Linux Enterprise Desktop 12 SP3:shotwell-lang-0.22.0+git.20160103-15.6.1
Ссылки
- CVE-2017-1000024
- SUSE Bug 1054311