Описание
Security update for PackageKit
This update for PackageKit fixes the following issue:
- CVE-2020-16121: Fixed an Information disclosure in InstallFiles, GetFilesLocal and GetDetailsLocal (bsc#1176930).
- Update summary and description of gstreamer-plugin and gtk3-module. (bsc#1104313)
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
PackageKit-1.1.13-4.14.2
PackageKit-backend-zypp-1.1.13-4.14.2
PackageKit-devel-1.1.13-4.14.2
PackageKit-lang-1.1.13-4.14.2
libpackagekit-glib2-18-1.1.13-4.14.2
libpackagekit-glib2-devel-1.1.13-4.14.2
typelib-1_0-PackageKitGlib-1_0-1.1.13-4.14.2
SUSE Linux Enterprise Workstation Extension 15 SP2
PackageKit-gstreamer-plugin-1.1.13-4.14.2
PackageKit-gtk3-module-1.1.13-4.14.2
Ссылки
- Link for SUSE-SU-2020:3911-1
- E-Mail link for SUSE-SU-2020:3911-1
- SUSE Security Ratings
- SUSE Bug 1104313
- SUSE Bug 1176930
- SUSE CVE CVE-2020-16121 page
Описание
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:PackageKit-1.1.13-4.14.2
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:PackageKit-backend-zypp-1.1.13-4.14.2
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:PackageKit-devel-1.1.13-4.14.2
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:PackageKit-lang-1.1.13-4.14.2
Ссылки
- CVE-2020-16121
- SUSE Bug 1176930