SUSE-SU-2019:1390-1

Опубликовано: 31 мая 2019

Источник: suse-cvrf

Описание

Security update for gnome-shell

This update for gnome-shell fixes the following issues:

Security issue fixed:

CVE-2019-3820: Fixed a partial lock screen bypass (bsc#1124493).

Fixed bugs:

Remove sessionList of endSessionDialog for security reasons (jsc#SLE-6660).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP3

gnome-shell-3.20.4-77.23.1

gnome-shell-browser-plugin-3.20.4-77.23.1

gnome-shell-calendar-3.20.4-77.23.1

gnome-shell-lang-3.20.4-77.23.1

SUSE Linux Enterprise Desktop 12 SP4

gnome-shell-3.20.4-77.23.1

gnome-shell-browser-plugin-3.20.4-77.23.1

gnome-shell-calendar-3.20.4-77.23.1

gnome-shell-lang-3.20.4-77.23.1

SUSE Linux Enterprise Server 12 SP3

gnome-shell-3.20.4-77.23.1

gnome-shell-browser-plugin-3.20.4-77.23.1

gnome-shell-lang-3.20.4-77.23.1

SUSE Linux Enterprise Server 12 SP4

gnome-shell-3.20.4-77.23.1

gnome-shell-browser-plugin-3.20.4-77.23.1

gnome-shell-lang-3.20.4-77.23.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

gnome-shell-3.20.4-77.23.1

gnome-shell-browser-plugin-3.20.4-77.23.1

gnome-shell-lang-3.20.4-77.23.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

gnome-shell-3.20.4-77.23.1

gnome-shell-browser-plugin-3.20.4-77.23.1

gnome-shell-lang-3.20.4-77.23.1

SUSE Linux Enterprise Software Development Kit 12 SP3

gnome-shell-devel-3.20.4-77.23.1

SUSE Linux Enterprise Software Development Kit 12 SP4

gnome-shell-devel-3.20.4-77.23.1

SUSE Linux Enterprise Workstation Extension 12 SP3

gnome-shell-calendar-3.20.4-77.23.1

SUSE Linux Enterprise Workstation Extension 12 SP4

gnome-shell-calendar-3.20.4-77.23.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20191390-1/
Link for SUSE-SU-2019:1390-1
https://lists.suse.com/pipermail/sle-security-updates/2019-May/005523.html
E-Mail link for SUSE-SU-2019:1390-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1124493
SUSE Bug 1124493
https://www.suse.com/security/cve/CVE-2019-3820/
SUSE CVE CVE-2019-3820 page
https://bugzilla.suse.com/SLE-6660
SUSE Bug SLE-6660

Описание

It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP3:gnome-shell-3.20.4-77.23.1

SUSE Linux Enterprise Desktop 12 SP3:gnome-shell-browser-plugin-3.20.4-77.23.1

SUSE Linux Enterprise Desktop 12 SP3:gnome-shell-calendar-3.20.4-77.23.1

SUSE Linux Enterprise Desktop 12 SP3:gnome-shell-lang-3.20.4-77.23.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-3820.html
CVE-2019-3820
https://bugzilla.suse.com/1124493
SUSE Bug 1124493

SUSE-SU-2019:1390-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP3

SUSE Linux Enterprise Desktop 12 SP4

SUSE Linux Enterprise Server 12 SP3

SUSE Linux Enterprise Server 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Software Development Kit 12 SP3

SUSE Linux Enterprise Software Development Kit 12 SP4

SUSE Linux Enterprise Workstation Extension 12 SP3

SUSE Linux Enterprise Workstation Extension 12 SP4

Ссылки

Уязвимость: CVE-2019-3820

Описание

Затронутые продукты

Ссылки