Описание
Security update for gdm
This update for gdm fixes the following issues:
- Exit with failure if loading existing users fails (bsc#1178150 CVE-2020-16125).
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Список пакетов
openSUSE Leap 15.2
gdm-3.34.1-lp152.6.9.1
gdm-branding-upstream-3.34.1-lp152.6.9.1
gdm-devel-3.34.1-lp152.6.9.1
gdm-lang-3.34.1-lp152.6.9.1
gdm-systemd-3.34.1-lp152.6.9.1
gdmflexiserver-3.34.1-lp152.6.9.1
libgdm1-3.34.1-lp152.6.9.1
typelib-1_0-Gdm-1_0-3.34.1-lp152.6.9.1
Ссылки
- E-Mail link for openSUSE-SU-2020:1961-1
- SUSE Security Ratings
- SUSE Bug 1178150
- SUSE CVE CVE-2020-16125 page
Описание
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.
Затронутые продукты
openSUSE Leap 15.2:gdm-3.34.1-lp152.6.9.1
openSUSE Leap 15.2:gdm-branding-upstream-3.34.1-lp152.6.9.1
openSUSE Leap 15.2:gdm-devel-3.34.1-lp152.6.9.1
openSUSE Leap 15.2:gdm-lang-3.34.1-lp152.6.9.1
Ссылки
- CVE-2020-16125
- SUSE Bug 1140851
- SUSE Bug 1178150