Описание
Security update for libcgroup
This update for libcgroup fixes the following issues:
Security issue fixed:
- CVE-2018-14348: Fix daemon that creates /var/log/cgred with mode 0666 (bsc#1100365).
This updates also sets the permissions of already existing log files to proper values.
Список пакетов
SUSE Linux Enterprise Desktop 12 SP3
libcgroup1-0.41.rc1-10.9.1
SUSE Linux Enterprise Server 12 SP3
libcgroup-tools-0.41.rc1-10.9.1
libcgroup1-0.41.rc1-10.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libcgroup-tools-0.41.rc1-10.9.1
libcgroup1-0.41.rc1-10.9.1
SUSE Linux Enterprise Software Development Kit 12 SP3
libcgroup-devel-0.41.rc1-10.9.1
Ссылки
- Link for SUSE-SU-2018:2468-1
- E-Mail link for SUSE-SU-2018:2468-1
- SUSE Security Ratings
- SUSE Bug 1100365
- SUSE CVE CVE-2018-14348 page
Описание
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:libcgroup1-0.41.rc1-10.9.1
SUSE Linux Enterprise Server 12 SP3:libcgroup-tools-0.41.rc1-10.9.1
SUSE Linux Enterprise Server 12 SP3:libcgroup1-0.41.rc1-10.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcgroup-tools-0.41.rc1-10.9.1
Ссылки
- CVE-2018-14348
- SUSE Bug 1100365