openSUSE-SU-2018:4272-1

Опубликовано: 22 дек. 2018

Источник: suse-cvrf

Описание

Security update for yast2-rmt

This update for yast2-rmt to version 1.1.12 fixes the following issues:

Security issue fixed:

CVE-2018-17957: Secure MySQL credentials by not exposing them on the command line (bsc#1117602)

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0

yast2-rmt-1.1.2-lp150.2.12.1

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.html
E-Mail link for openSUSE-SU-2018:4272-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database.

Затронутые продукты

openSUSE Leap 15.0:yast2-rmt-1.1.2-lp150.2.12.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-17957.html
CVE-2018-17957
https://bugzilla.suse.com/1117602
SUSE Bug 1117602

openSUSE-SU-2018:4272-1

Описание

Список пакетов

openSUSE Leap 15.0

Ссылки

Уязвимость: CVE-2018-17957

Описание

Затронутые продукты

Ссылки