SUSE-SU-2022:2641-1

Опубликовано: 03 авг. 2022

Источник: suse-cvrf

Описание

Security update for xscreensaver

This update for xscreensaver fixes the following issues:

CVE-2021-34557: Fixed potential crash and unlock while disconnecting video output with more than 10 monitors (bsc#1186918)

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP3

xscreensaver-5.44-150000.5.6.1

xscreensaver-data-5.44-150000.5.6.1

xscreensaver-lang-5.44-150000.5.6.1

openSUSE Leap 15.3

xscreensaver-5.44-150000.5.6.1

xscreensaver-data-5.44-150000.5.6.1

xscreensaver-data-extra-5.44-150000.5.6.1

xscreensaver-lang-5.44-150000.5.6.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20222641-1/
Link for SUSE-SU-2022:2641-1
https://lists.suse.com/pipermail/sle-security-updates/2022-August/011753.html
E-Mail link for SUSE-SU-2022:2641-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1186918
SUSE Bug 1186918
https://www.suse.com/security/cve/CVE-2021-34557/
SUSE CVE CVE-2021-34557 page

Описание

XScreenSaver 5.45 can be bypassed if the machine has more than ten disconnectable video outputs. A buffer overflow in update_screen_layout() allows an attacker to bypass the standard screen lock authentication mechanism by crashing XScreenSaver. The attacker must physically disconnect many video outputs.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP3:xscreensaver-5.44-150000.5.6.1

SUSE Linux Enterprise Module for Basesystem 15 SP3:xscreensaver-data-5.44-150000.5.6.1

SUSE Linux Enterprise Module for Basesystem 15 SP3:xscreensaver-lang-5.44-150000.5.6.1

openSUSE Leap 15.3:xscreensaver-5.44-150000.5.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-34557.html
CVE-2021-34557
https://bugzilla.suse.com/1186918
SUSE Bug 1186918

SUSE-SU-2022:2641-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP3

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-34557

Описание

Затронутые продукты

Ссылки