openSUSE-SU-2020:0234-1

Опубликовано: 19 фев. 2020

Источник: suse-cvrf

Описание

Security update for inn

This update for inn fixes the following issues:

CVE-2019-3692: Fixed a local privilage escalation from user to 'news' (bsc#1154302).

Список пакетов

openSUSE Leap 15.1

inn-2.5.4-lp151.3.3.1

inn-devel-2.5.4-lp151.3.3.1

mininews-2.5.4-lp151.3.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OLHPC73I5ZJXQPJ562MM2X3IHXTVMMXM/
E-Mail link for openSUSE-SU-2020:0234-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1154302
SUSE Bug 1154302
https://www.suse.com/security/cve/CVE-2019-3692/
SUSE CVE CVE-2019-3692 page

Описание

The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions.

Затронутые продукты

openSUSE Leap 15.1:inn-2.5.4-lp151.3.3.1

openSUSE Leap 15.1:inn-devel-2.5.4-lp151.3.3.1

openSUSE Leap 15.1:mininews-2.5.4-lp151.3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-3692.html
CVE-2019-3692
https://bugzilla.suse.com/1154062
SUSE Bug 1154062
https://bugzilla.suse.com/1154302
SUSE Bug 1154302

openSUSE-SU-2020:0234-1

Описание

Список пакетов

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2019-3692

Описание

Затронутые продукты

Ссылки