Описание
Security update for PackageKit
This update for PackageKit fixes the following issue:
- CVE-2020-16121: Fixed an Information disclosure in InstallFiles, GetFilesLocal and GetDetailsLocal (bsc#1176930).
- Notify service manager when it shutdown and cleanup temporary files when PackageKit quits. (bsc#1169739)
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
PackageKit-1.1.10-12.10.1
PackageKit-backend-zypp-1.1.10-12.10.1
PackageKit-devel-1.1.10-12.10.1
PackageKit-lang-1.1.10-12.10.1
libpackagekit-glib2-18-1.1.10-12.10.1
libpackagekit-glib2-devel-1.1.10-12.10.1
typelib-1_0-PackageKitGlib-1_0-1.1.10-12.10.1
SUSE Linux Enterprise Workstation Extension 15 SP1
PackageKit-gstreamer-plugin-1.1.10-12.10.1
PackageKit-gtk3-module-1.1.10-12.10.1
Ссылки
- Link for SUSE-SU-2020:3845-1
- E-Mail link for SUSE-SU-2020:3845-1
- SUSE Security Ratings
- SUSE Bug 1169739
- SUSE Bug 1176930
- SUSE CVE CVE-2020-16121 page
Описание
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:PackageKit-1.1.10-12.10.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:PackageKit-backend-zypp-1.1.10-12.10.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:PackageKit-devel-1.1.10-12.10.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:PackageKit-lang-1.1.10-12.10.1
Ссылки
- CVE-2020-16121
- SUSE Bug 1176930