SUSE-SU-2023:3190-1

Опубликовано: 03 авг. 2023

Источник: suse-cvrf

Описание

Security update for xtrans

This update for xtrans fixes the following issues:

CVE-2020-25697: Fixed local privilege escalation via TRANS_ABSTRACT on the client side (bsc#1178613).

Список пакетов

Image SLES15-SP3-SAPCAL-Azure

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP3-SAPCAL-EC2-HVM

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP3-SAPCAL-GCE

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP4-SAP

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP4-SAP-Azure

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP4-SAP-EC2

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP4-SAP-GCE

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP4-SAPCAL

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP4-SAPCAL-Azure

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP4-SAPCAL-EC2

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP4-SAPCAL-GCE

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP5-SAPCAL-Azure

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP5-SAPCAL-EC2

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP5-SAPCAL-GCE

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP6-SAP

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP6-SAP-Azure

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP6-SAP-EC2

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP6-SAP-GCE

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP6-SAPCAL

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP6-SAPCAL-Azure

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP6-SAPCAL-EC2

xtrans-1.3.5-150000.3.3.1

Image SLES15-SP6-SAPCAL-GCE

xtrans-1.3.5-150000.3.3.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

xtrans-1.3.5-150000.3.3.1

SUSE Linux Enterprise Module for Basesystem 15 SP5

xtrans-1.3.5-150000.3.3.1

SUSE Linux Enterprise Real Time 15 SP3

xtrans-1.3.5-150000.3.3.1

openSUSE Leap 15.4

xtrans-1.3.5-150000.3.3.1

openSUSE Leap 15.5

xtrans-1.3.5-150000.3.3.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233190-1/
Link for SUSE-SU-2023:3190-1
https://lists.suse.com/pipermail/sle-updates/2023-August/030792.html
E-Mail link for SUSE-SU-2023:3190-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1178613
SUSE Bug 1178613
https://www.suse.com/security/cve/CVE-2020-25697/
SUSE CVE CVE-2020-25697 page

Описание

A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.

Затронутые продукты

Image SLES15-SP3-SAPCAL-Azure:xtrans-1.3.5-150000.3.3.1

Image SLES15-SP3-SAPCAL-EC2-HVM:xtrans-1.3.5-150000.3.3.1

Image SLES15-SP3-SAPCAL-GCE:xtrans-1.3.5-150000.3.3.1

Image SLES15-SP4-SAP-Azure:xtrans-1.3.5-150000.3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-25697.html
CVE-2020-25697
https://bugzilla.suse.com/1178613
SUSE Bug 1178613

SUSE-SU-2023:3190-1

Описание

Список пакетов

Image SLES15-SP3-SAPCAL-Azure

Image SLES15-SP3-SAPCAL-EC2-HVM

Image SLES15-SP3-SAPCAL-GCE

Image SLES15-SP4-SAP

Image SLES15-SP4-SAP-Azure

Image SLES15-SP4-SAP-EC2

Image SLES15-SP4-SAP-GCE

Image SLES15-SP4-SAPCAL

Image SLES15-SP4-SAPCAL-Azure

Image SLES15-SP4-SAPCAL-EC2

Image SLES15-SP4-SAPCAL-GCE

Image SLES15-SP5-SAPCAL-Azure

Image SLES15-SP5-SAPCAL-EC2

Image SLES15-SP5-SAPCAL-GCE

Image SLES15-SP6-SAP

Image SLES15-SP6-SAP-Azure

Image SLES15-SP6-SAP-EC2

Image SLES15-SP6-SAP-GCE

Image SLES15-SP6-SAPCAL

Image SLES15-SP6-SAPCAL-Azure

Image SLES15-SP6-SAPCAL-EC2

Image SLES15-SP6-SAPCAL-GCE

SUSE Linux Enterprise Module for Basesystem 15 SP4

SUSE Linux Enterprise Module for Basesystem 15 SP5

SUSE Linux Enterprise Real Time 15 SP3

openSUSE Leap 15.4

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2020-25697

Описание

Затронутые продукты

Ссылки