Описание
Security update for rsyslog
This update for rsyslog fixes the following security issue:
- CVE-2015-3243: Prevent weak permissions for generated log files, which allowed local users to obtain sensitive information (bsc#935393).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
rsyslog-8.33.1-3.3.1
SUSE Linux Enterprise Module for Server Applications 15
rsyslog-module-gssapi-8.33.1-3.3.1
rsyslog-module-mysql-8.33.1-3.3.1
rsyslog-module-pgsql-8.33.1-3.3.1
rsyslog-module-relp-8.33.1-3.3.1
rsyslog-module-snmp-8.33.1-3.3.1
rsyslog-module-udpspoof-8.33.1-3.3.1
Ссылки
- Link for SUSE-SU-2018:1937-2
- E-Mail link for SUSE-SU-2018:1937-2
- SUSE Security Ratings
- SUSE Bug 935393
- SUSE CVE CVE-2015-3243 page
Описание
rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:rsyslog-8.33.1-3.3.1
SUSE Linux Enterprise Module for Server Applications 15:rsyslog-module-gssapi-8.33.1-3.3.1
SUSE Linux Enterprise Module for Server Applications 15:rsyslog-module-mysql-8.33.1-3.3.1
SUSE Linux Enterprise Module for Server Applications 15:rsyslog-module-pgsql-8.33.1-3.3.1
Ссылки
- CVE-2015-3243
- SUSE Bug 1098851
- SUSE Bug 1126233
- SUSE Bug 935393