openSUSE-SU-2019:1851-2

Опубликовано: 13 авг. 2019

Источник: suse-cvrf

Описание

Security update for kconfig, kdelibs4

This update for kconfig, kdelibs4 fixes the following issues:

CVE-2019-14744: Fixed a command execution by an shell expansion (boo#1144600).

Список пакетов

SUSE Package Hub 12 SP1

kconf_update5-5.55.0-bp151.3.5.1

kconfig-devel-5.55.0-bp151.3.5.1

kconfig-devel-32bit-5.55.0-lp151.2.5.1

kconfig-devel-64bit-5.55.0-bp151.3.5.1

kdelibs4-4.14.38-bp151.9.5.1

kdelibs4-apidocs-4.14.38-bp151.9.5.1

kdelibs4-branding-upstream-4.14.38-bp151.9.5.1

kdelibs4-core-4.14.38-bp151.9.5.1

kdelibs4-doc-4.14.38-bp151.9.5.1

libKF5ConfigCore5-5.55.0-bp151.3.5.1

libKF5ConfigCore5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1

libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1

libKF5ConfigGui5-5.55.0-bp151.3.5.1

libKF5ConfigGui5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1

libkde4-4.14.38-bp151.9.5.1

libkde4-32bit-4.14.38-lp151.9.5.1

libkde4-64bit-4.14.38-bp151.9.5.1

libkde4-devel-4.14.38-bp151.9.5.1

libkdecore4-4.14.38-bp151.9.5.1

libkdecore4-32bit-4.14.38-lp151.9.5.1

libkdecore4-64bit-4.14.38-bp151.9.5.1

libkdecore4-devel-4.14.38-bp151.9.5.1

libksuseinstall-devel-4.14.38-bp151.9.5.1

libksuseinstall1-4.14.38-bp151.9.5.1

libksuseinstall1-32bit-4.14.38-lp151.9.5.1

libksuseinstall1-64bit-4.14.38-bp151.9.5.1

SUSE Package Hub 12 SP2

kconf_update5-5.55.0-bp151.3.5.1

kconfig-devel-5.55.0-bp151.3.5.1

kconfig-devel-32bit-5.55.0-lp151.2.5.1

kconfig-devel-64bit-5.55.0-bp151.3.5.1

kdelibs4-4.14.38-bp151.9.5.1

kdelibs4-apidocs-4.14.38-bp151.9.5.1

kdelibs4-branding-upstream-4.14.38-bp151.9.5.1

kdelibs4-core-4.14.38-bp151.9.5.1

kdelibs4-doc-4.14.38-bp151.9.5.1

libKF5ConfigCore5-5.55.0-bp151.3.5.1

libKF5ConfigCore5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1

libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1

libKF5ConfigGui5-5.55.0-bp151.3.5.1

libKF5ConfigGui5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1

libkde4-4.14.38-bp151.9.5.1

libkde4-32bit-4.14.38-lp151.9.5.1

libkde4-64bit-4.14.38-bp151.9.5.1

libkde4-devel-4.14.38-bp151.9.5.1

libkdecore4-4.14.38-bp151.9.5.1

libkdecore4-32bit-4.14.38-lp151.9.5.1

libkdecore4-64bit-4.14.38-bp151.9.5.1

libkdecore4-devel-4.14.38-bp151.9.5.1

libksuseinstall-devel-4.14.38-bp151.9.5.1

libksuseinstall1-4.14.38-bp151.9.5.1

libksuseinstall1-32bit-4.14.38-lp151.9.5.1

libksuseinstall1-64bit-4.14.38-bp151.9.5.1

SUSE Package Hub 12 SP3

kconf_update5-5.55.0-bp151.3.5.1

kconfig-devel-5.55.0-bp151.3.5.1

kconfig-devel-32bit-5.55.0-lp151.2.5.1

kconfig-devel-64bit-5.55.0-bp151.3.5.1

kdelibs4-4.14.38-bp151.9.5.1

kdelibs4-apidocs-4.14.38-bp151.9.5.1

kdelibs4-branding-upstream-4.14.38-bp151.9.5.1

kdelibs4-core-4.14.38-bp151.9.5.1

kdelibs4-doc-4.14.38-bp151.9.5.1

libKF5ConfigCore5-5.55.0-bp151.3.5.1

libKF5ConfigCore5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1

libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1

libKF5ConfigGui5-5.55.0-bp151.3.5.1

libKF5ConfigGui5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1

libkde4-4.14.38-bp151.9.5.1

libkde4-32bit-4.14.38-lp151.9.5.1

libkde4-64bit-4.14.38-bp151.9.5.1

libkde4-devel-4.14.38-bp151.9.5.1

libkdecore4-4.14.38-bp151.9.5.1

libkdecore4-32bit-4.14.38-lp151.9.5.1

libkdecore4-64bit-4.14.38-bp151.9.5.1

libkdecore4-devel-4.14.38-bp151.9.5.1

libksuseinstall-devel-4.14.38-bp151.9.5.1

libksuseinstall1-4.14.38-bp151.9.5.1

libksuseinstall1-32bit-4.14.38-lp151.9.5.1

libksuseinstall1-64bit-4.14.38-bp151.9.5.1

SUSE Package Hub 15

kconf_update5-5.55.0-bp151.3.5.1

kconfig-devel-5.55.0-bp151.3.5.1

kconfig-devel-32bit-5.55.0-lp151.2.5.1

kconfig-devel-64bit-5.55.0-bp151.3.5.1

kdelibs4-4.14.38-bp151.9.5.1

kdelibs4-apidocs-4.14.38-bp151.9.5.1

kdelibs4-branding-upstream-4.14.38-bp151.9.5.1

kdelibs4-core-4.14.38-bp151.9.5.1

kdelibs4-doc-4.14.38-bp151.9.5.1

libKF5ConfigCore5-5.55.0-bp151.3.5.1

libKF5ConfigCore5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1

libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1

libKF5ConfigGui5-5.55.0-bp151.3.5.1

libKF5ConfigGui5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1

libkde4-4.14.38-bp151.9.5.1

libkde4-32bit-4.14.38-lp151.9.5.1

libkde4-64bit-4.14.38-bp151.9.5.1

libkde4-devel-4.14.38-bp151.9.5.1

libkdecore4-4.14.38-bp151.9.5.1

libkdecore4-32bit-4.14.38-lp151.9.5.1

libkdecore4-64bit-4.14.38-bp151.9.5.1

libkdecore4-devel-4.14.38-bp151.9.5.1

libksuseinstall-devel-4.14.38-bp151.9.5.1

libksuseinstall1-4.14.38-bp151.9.5.1

libksuseinstall1-32bit-4.14.38-lp151.9.5.1

libksuseinstall1-64bit-4.14.38-bp151.9.5.1

SUSE Package Hub 15 SP1

kconf_update5-5.55.0-bp151.3.5.1

kconfig-devel-5.55.0-bp151.3.5.1

kconfig-devel-32bit-5.55.0-lp151.2.5.1

kconfig-devel-64bit-5.55.0-bp151.3.5.1

kdelibs4-4.14.38-bp151.9.5.1

kdelibs4-apidocs-4.14.38-bp151.9.5.1

kdelibs4-branding-upstream-4.14.38-bp151.9.5.1

kdelibs4-core-4.14.38-bp151.9.5.1

kdelibs4-doc-4.14.38-bp151.9.5.1

libKF5ConfigCore5-5.55.0-bp151.3.5.1

libKF5ConfigCore5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1

libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1

libKF5ConfigGui5-5.55.0-bp151.3.5.1

libKF5ConfigGui5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1

libkde4-4.14.38-bp151.9.5.1

libkde4-32bit-4.14.38-lp151.9.5.1

libkde4-64bit-4.14.38-bp151.9.5.1

libkde4-devel-4.14.38-bp151.9.5.1

libkdecore4-4.14.38-bp151.9.5.1

libkdecore4-32bit-4.14.38-lp151.9.5.1

libkdecore4-64bit-4.14.38-bp151.9.5.1

libkdecore4-devel-4.14.38-bp151.9.5.1

libksuseinstall-devel-4.14.38-bp151.9.5.1

libksuseinstall1-4.14.38-bp151.9.5.1

libksuseinstall1-32bit-4.14.38-lp151.9.5.1

libksuseinstall1-64bit-4.14.38-bp151.9.5.1

openSUSE Leap 15.0

kconf_update5-5.55.0-bp151.3.5.1

kconfig-devel-5.55.0-bp151.3.5.1

kconfig-devel-32bit-5.55.0-lp151.2.5.1

kconfig-devel-64bit-5.55.0-bp151.3.5.1

kdelibs4-4.14.38-bp151.9.5.1

kdelibs4-apidocs-4.14.38-bp151.9.5.1

kdelibs4-branding-upstream-4.14.38-bp151.9.5.1

kdelibs4-core-4.14.38-bp151.9.5.1

kdelibs4-doc-4.14.38-bp151.9.5.1

libKF5ConfigCore5-5.55.0-bp151.3.5.1

libKF5ConfigCore5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1

libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1

libKF5ConfigGui5-5.55.0-bp151.3.5.1

libKF5ConfigGui5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1

libkde4-4.14.38-bp151.9.5.1

libkde4-32bit-4.14.38-lp151.9.5.1

libkde4-64bit-4.14.38-bp151.9.5.1

libkde4-devel-4.14.38-bp151.9.5.1

libkdecore4-4.14.38-bp151.9.5.1

libkdecore4-32bit-4.14.38-lp151.9.5.1

libkdecore4-64bit-4.14.38-bp151.9.5.1

libkdecore4-devel-4.14.38-bp151.9.5.1

libksuseinstall-devel-4.14.38-bp151.9.5.1

libksuseinstall1-4.14.38-bp151.9.5.1

libksuseinstall1-32bit-4.14.38-lp151.9.5.1

libksuseinstall1-64bit-4.14.38-bp151.9.5.1

openSUSE Leap 15.1

kconf_update5-5.55.0-bp151.3.5.1

kconfig-devel-5.55.0-bp151.3.5.1

kconfig-devel-32bit-5.55.0-lp151.2.5.1

kconfig-devel-64bit-5.55.0-bp151.3.5.1

kdelibs4-4.14.38-bp151.9.5.1

kdelibs4-apidocs-4.14.38-bp151.9.5.1

kdelibs4-branding-upstream-4.14.38-bp151.9.5.1

kdelibs4-core-4.14.38-bp151.9.5.1

kdelibs4-doc-4.14.38-bp151.9.5.1

libKF5ConfigCore5-5.55.0-bp151.3.5.1

libKF5ConfigCore5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1

libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1

libKF5ConfigGui5-5.55.0-bp151.3.5.1

libKF5ConfigGui5-32bit-5.55.0-lp151.2.5.1

libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1

libkde4-4.14.38-bp151.9.5.1

libkde4-32bit-4.14.38-lp151.9.5.1

libkde4-64bit-4.14.38-bp151.9.5.1

libkde4-devel-4.14.38-bp151.9.5.1

libkdecore4-4.14.38-bp151.9.5.1

libkdecore4-32bit-4.14.38-lp151.9.5.1

libkdecore4-64bit-4.14.38-bp151.9.5.1

libkdecore4-devel-4.14.38-bp151.9.5.1

libksuseinstall-devel-4.14.38-bp151.9.5.1

libksuseinstall1-4.14.38-bp151.9.5.1

libksuseinstall1-32bit-4.14.38-lp151.9.5.1

libksuseinstall1-64bit-4.14.38-bp151.9.5.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZQO5EYPXIVZ5HZPEQ377KQFRRENZNQJI/#ZQO5EYPXIVZ5HZPEQ377KQFRRENZNQJI
E-Mail link for openSUSE-SU-2019:1851-2
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1144600
SUSE Bug 1144600
https://www.suse.com/security/cve/CVE-2019-14744/
SUSE CVE CVE-2019-14744 page

Описание

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.

Затронутые продукты

SUSE Package Hub 12 SP1:kconf_update5-5.55.0-bp151.3.5.1

SUSE Package Hub 12 SP1:kconfig-devel-32bit-5.55.0-lp151.2.5.1

SUSE Package Hub 12 SP1:kconfig-devel-5.55.0-bp151.3.5.1

SUSE Package Hub 12 SP1:kconfig-devel-64bit-5.55.0-bp151.3.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-14744.html
CVE-2019-14744
https://bugzilla.suse.com/1144600
SUSE Bug 1144600

openSUSE-SU-2019:1851-2

Описание

Список пакетов

SUSE Package Hub 12 SP1

SUSE Package Hub 12 SP2

SUSE Package Hub 12 SP3

SUSE Package Hub 15

SUSE Package Hub 15 SP1

openSUSE Leap 15.0

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2019-14744

Описание

Затронутые продукты

Ссылки