Описание
Security update for virt-bootstrap
This update for virt-bootstrap fixes the following issues:
Security issue fixed:
- CVE-2019-13314: Allow providing the container's root password using a file (bsc#1140750).
Список пакетов
SUSE Linux Enterprise Module for Server Applications 15 SP1
python3-virt-bootstrap-1.0.0-5.3.124
SUSE Linux Enterprise Module for Server Applications 15 SP2
python3-virt-bootstrap-1.0.0-5.3.124
Ссылки
- Link for SUSE-SU-2020:3045-1
- E-Mail link for SUSE-SU-2020:3045-1
- SUSE Security Ratings
- SUSE Bug 1140750
- SUSE CVE CVE-2019-13314 page
Описание
virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.
Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP1:python3-virt-bootstrap-1.0.0-5.3.124
SUSE Linux Enterprise Module for Server Applications 15 SP2:python3-virt-bootstrap-1.0.0-5.3.124
Ссылки
- CVE-2019-13314
- SUSE Bug 1140750