Описание
Security update for gdm
This update for gdm fixes the following issues:
- Exit with failure if loading existing users fails (bsc#1178150 CVE-2020-16125).
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
gdm-3.34.1-8.9.1
gdm-devel-3.34.1-8.9.1
gdm-lang-3.34.1-8.9.1
gdm-systemd-3.34.1-8.9.1
gdmflexiserver-3.34.1-8.9.1
libgdm1-3.34.1-8.9.1
typelib-1_0-Gdm-1_0-3.34.1-8.9.1
Ссылки
- Link for SUSE-SU-2020:3333-1
- E-Mail link for SUSE-SU-2020:3333-1
- SUSE Security Ratings
- SUSE Bug 1178150
- SUSE CVE CVE-2020-16125 page
Описание
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:gdm-3.34.1-8.9.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:gdm-devel-3.34.1-8.9.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:gdm-lang-3.34.1-8.9.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:gdm-systemd-3.34.1-8.9.1
Ссылки
- CVE-2020-16125
- SUSE Bug 1140851
- SUSE Bug 1178150