Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:3132-1

Опубликовано: 03 нояб. 2020
Источник: suse-cvrf

Описание

Security update for gnome-settings-daemon, gnome-shell

This update for gnome-settings-daemon, gnome-shell fixes the following issues:

gnome-settings-daemon:

  • Add support for recent UCM related changes in ALSA and PulseAudio. (jsc#SLE-16518)
  • Don't warn when a default source or sink is missing and the PulseAudio daemon is restarting. (jsc#SLE-16518)
  • Don't warn about starting/stopping services which don't exist. (bsc#1172760).

gnome-shell:

  • Add support for recent UCM related changes in ALSA and PulseAudio. (jsc#SLE-16518)
  • CVE-2020-17489: reset auth prompt on vt switch before fade in in loginDialog (bsc#1175155).

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP2
gnome-settings-daemon-3.34.2+0-4.3.1
gnome-settings-daemon-devel-3.34.2+0-4.3.1
gnome-settings-daemon-lang-3.34.2+0-4.3.1
gnome-shell-3.34.5-3.13.1
gnome-shell-devel-3.34.5-3.13.1
gnome-shell-lang-3.34.5-3.13.1
SUSE Linux Enterprise Workstation Extension 15 SP2
gnome-shell-calendar-3.34.5-3.13.1

Ссылки

Описание

An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible for a brief moment upon a logout. (If the password were never shown in cleartext, only the password length is revealed.)

Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:gnome-settings-daemon-3.34.2+0-4.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:gnome-settings-daemon-devel-3.34.2+0-4.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:gnome-settings-daemon-lang-3.34.2+0-4.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:gnome-shell-3.34.5-3.13.1
Ссылки