Описание
Security update for libosinfo
This update for libosinfo fixes the following issues:
- CVE-2019-13313: Fixed password leak via command line argument inside osinfo-install-script (bsc#1140749).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
libosinfo-1.2.0-3.3.2
libosinfo-1_0-0-1.2.0-3.3.2
libosinfo-lang-1.2.0-3.3.2
typelib-1_0-Libosinfo-1_0-1.2.0-3.3.2
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libosinfo-1.2.0-3.3.2
libosinfo-1_0-0-1.2.0-3.3.2
libosinfo-lang-1.2.0-3.3.2
typelib-1_0-Libosinfo-1_0-1.2.0-3.3.2
SUSE Linux Enterprise Software Development Kit 12 SP5
libosinfo-devel-1.2.0-3.3.2
Ссылки
- Link for SUSE-SU-2024:1700-1
- E-Mail link for SUSE-SU-2024:1700-1
- SUSE Security Ratings
- SUSE Bug 1140749
- SUSE CVE CVE-2019-13313 page
Описание
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:libosinfo-1.2.0-3.3.2
SUSE Linux Enterprise Server 12 SP5:libosinfo-1_0-0-1.2.0-3.3.2
SUSE Linux Enterprise Server 12 SP5:libosinfo-lang-1.2.0-3.3.2
SUSE Linux Enterprise Server 12 SP5:typelib-1_0-Libosinfo-1_0-1.2.0-3.3.2
Ссылки
- CVE-2019-13313
- SUSE Bug 1140749