openSUSE-SU-2020:1272-1

Опубликовано: 27 авг. 2020

Источник: suse-cvrf

Описание

Security update for inn

This update for inn fixes the following issues:

change file owners in /usr/lib/news to root [boo#1172573] [CVE-2020-8026]

Список пакетов

openSUSE Leap 15.2

inn-2.6.2-lp152.2.3.1

inn-devel-2.6.2-lp152.2.3.1

mininews-2.6.2-lp152.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5AHQWOZSB3POCF7B7QNSKINNAC7DUZXD/
E-Mail link for openSUSE-SU-2020:1272-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1172573
SUSE Bug 1172573
https://www.suse.com/security/cve/CVE-2020-8026/
SUSE CVE CVE-2020-8026 page

Описание

A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions.

Затронутые продукты

openSUSE Leap 15.2:inn-2.6.2-lp152.2.3.1

openSUSE Leap 15.2:inn-devel-2.6.2-lp152.2.3.1

openSUSE Leap 15.2:mininews-2.6.2-lp152.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-8026.html
CVE-2020-8026
https://bugzilla.suse.com/1172573
SUSE Bug 1172573

openSUSE-SU-2020:1272-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2020-8026

Описание

Затронутые продукты

Ссылки