Описание
Security update for yast2-rmt
This update for yast2-rmt to 1.2.2 fixes the following issues:
Security issue fixed:
- CVE-2018-20105: Pass SSL password to Cheetah CLI interface securely (bsc#1119835)
Non-security issues fixed:
- Launch as root from gnome-shell menu (bsc#1123562)
- Remove broken hyperlink from help (bsc#1120672)
Список пакетов
SUSE Linux Enterprise Module for Server Applications 15
yast2-rmt-1.2.2-3.18.1
Ссылки
- Link for SUSE-SU-2019:0629-1
- E-Mail link for SUSE-SU-2019:0629-1
- SUSE Security Ratings
- SUSE Bug 1119835
- SUSE Bug 1120672
- SUSE Bug 1123562
- SUSE CVE CVE-2018-20105 page
Описание
A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2.
Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15:yast2-rmt-1.2.2-3.18.1
Ссылки
- CVE-2018-20105
- SUSE Bug 1119835