SUSE-SU-2022:0828-1

Опубликовано: 14 мар. 2022

Источник: suse-cvrf

Описание

Security update for glib2

This update for glib2 fixes the following issues:

CVE-2021-3800: Fixed a file content leak in pkexec due to charset aliases (bsc#1191489).

Список пакетов

Image SLES12-SP4-Azure-BYOS

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP4-SAP-Azure-BYOS

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-Azure-BYOS

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-Azure-Basic-On-Demand

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-Azure-HPC-BYOS

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-Azure-HPC-On-Demand

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-Azure-SAP-BYOS

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-Azure-SAP-On-Demand

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-Azure-Standard-On-Demand

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-EC2-BYOS

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-EC2-ECS-On-Demand

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-EC2-On-Demand

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-EC2-SAP-BYOS

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-EC2-SAP-On-Demand

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-GCE-BYOS

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-GCE-On-Demand

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-GCE-SAP-BYOS

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-GCE-SAP-On-Demand

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

SUSE Linux Enterprise Server 12 SP5

glib2-lang-2.48.2-12.25.1

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libgio-2_0-0-32bit-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libglib-2_0-0-32bit-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-32bit-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-32bit-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-32bit-2.48.2-12.25.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

glib2-lang-2.48.2-12.25.1

glib2-tools-2.48.2-12.25.1

libgio-2_0-0-2.48.2-12.25.1

libgio-2_0-0-32bit-2.48.2-12.25.1

libglib-2_0-0-2.48.2-12.25.1

libglib-2_0-0-32bit-2.48.2-12.25.1

libgmodule-2_0-0-2.48.2-12.25.1

libgmodule-2_0-0-32bit-2.48.2-12.25.1

libgobject-2_0-0-2.48.2-12.25.1

libgobject-2_0-0-32bit-2.48.2-12.25.1

libgthread-2_0-0-2.48.2-12.25.1

libgthread-2_0-0-32bit-2.48.2-12.25.1

SUSE Linux Enterprise Software Development Kit 12 SP5

glib2-devel-2.48.2-12.25.1

glib2-devel-static-2.48.2-12.25.1

libgio-fam-2.48.2-12.25.1

SUSE Linux Enterprise Workstation Extension 12 SP5

libgio-fam-2.48.2-12.25.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20220828-1/
Link for SUSE-SU-2022:0828-1
https://lists.suse.com/pipermail/sle-security-updates/2022-March/010435.html
E-Mail link for SUSE-SU-2022:0828-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1191489
SUSE Bug 1191489
https://www.suse.com/security/cve/CVE-2021-3800/
SUSE CVE CVE-2021-3800 page

Описание

A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

Затронутые продукты

Image SLES12-SP4-Azure-BYOS:glib2-tools-2.48.2-12.25.1

Image SLES12-SP4-Azure-BYOS:libgio-2_0-0-2.48.2-12.25.1

Image SLES12-SP4-Azure-BYOS:libglib-2_0-0-2.48.2-12.25.1

Image SLES12-SP4-Azure-BYOS:libgmodule-2_0-0-2.48.2-12.25.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3800.html
CVE-2021-3800
https://bugzilla.suse.com/1191489
SUSE Bug 1191489

SUSE-SU-2022:0828-1

Описание

Список пакетов

Image SLES12-SP4-Azure-BYOS

Image SLES12-SP4-SAP-Azure-BYOS

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

Image SLES12-SP5-Azure-BYOS

Image SLES12-SP5-Azure-Basic-On-Demand

Image SLES12-SP5-Azure-HPC-BYOS

Image SLES12-SP5-Azure-HPC-On-Demand

Image SLES12-SP5-Azure-SAP-BYOS

Image SLES12-SP5-Azure-SAP-On-Demand

Image SLES12-SP5-Azure-Standard-On-Demand

Image SLES12-SP5-EC2-BYOS

Image SLES12-SP5-EC2-ECS-On-Demand

Image SLES12-SP5-EC2-On-Demand

Image SLES12-SP5-EC2-SAP-BYOS

Image SLES12-SP5-EC2-SAP-On-Demand

Image SLES12-SP5-GCE-BYOS

Image SLES12-SP5-GCE-On-Demand

Image SLES12-SP5-GCE-SAP-BYOS

Image SLES12-SP5-GCE-SAP-On-Demand

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE Linux Enterprise Workstation Extension 12 SP5

Ссылки

Уязвимость: CVE-2021-3800

Описание

Затронутые продукты

Ссылки