Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2019:1697-1

Опубликовано: 07 июл. 2019
Источник: suse-cvrf

Описание

Security update for gvfs

This update for gvfs fixes the following issues:

Security issues fixed:

  • CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls (bsc#1137930).
  • CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of setfsuid (bsc#1136986).
  • CVE-2019-12449: Fixed an improper handling of file's user and group ownership
    in daemon/gvfsbackendadmin.c (bsc#1136992).
  • CVE-2019-12448: Fixed race conditions in daemon/gvfsbackendadmin.c due to implementation of query_info_on_read/write at admin backend (bsc#1136981).

Other issue addressed:

  • Drop polkit rules files that are only relevant for wheel group (bsc#1125433).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.1
gvfs-1.34.2.1-lp151.6.3.1
gvfs-32bit-1.34.2.1-lp151.6.3.1
gvfs-backend-afc-1.34.2.1-lp151.6.3.1
gvfs-backend-samba-1.34.2.1-lp151.6.3.1
gvfs-backends-1.34.2.1-lp151.6.3.1
gvfs-devel-1.34.2.1-lp151.6.3.1
gvfs-fuse-1.34.2.1-lp151.6.3.1
gvfs-lang-1.34.2.1-lp151.6.3.1

Ссылки

Описание

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.

Затронутые продукты
openSUSE Leap 15.1:gvfs-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-32bit-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-backend-afc-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-backend-samba-1.34.2.1-lp151.6.3.1
Ссылки

Описание

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write.

Затронутые продукты
openSUSE Leap 15.1:gvfs-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-32bit-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-backend-afc-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-backend-samba-1.34.2.1-lp151.6.3.1
Ссылки

Описание

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable.

Затронутые продукты
openSUSE Leap 15.1:gvfs-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-32bit-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-backend-afc-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-backend-samba-1.34.2.1-lp151.6.3.1
Ссылки

Описание

daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)

Затронутые продукты
openSUSE Leap 15.1:gvfs-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-32bit-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-backend-afc-1.34.2.1-lp151.6.3.1
openSUSE Leap 15.1:gvfs-backend-samba-1.34.2.1-lp151.6.3.1
Ссылки