Описание
Security update for lxterminal
This update for lxterminal fixes the following security issue:
- CVE-2016-10369: insecure /tmp usage for a socket file (boo#1038127)
Список пакетов
openSUSE Leap 42.2
lxterminal-0.2.0-7.1
lxterminal-lang-0.2.0-7.1
openSUSE Leap 42.3
lxterminal-0.2.0-7.1
lxterminal-lang-0.2.0-7.1
Ссылки
- E-Mail link for openSUSE-SU-2018:0149-1
- SUSE Security Ratings
Описание
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).
Затронутые продукты
openSUSE Leap 42.2:lxterminal-0.2.0-7.1
openSUSE Leap 42.2:lxterminal-lang-0.2.0-7.1
openSUSE Leap 42.3:lxterminal-0.2.0-7.1
openSUSE Leap 42.3:lxterminal-lang-0.2.0-7.1
Ссылки
- CVE-2016-10369
- SUSE Bug 1038127