Описание
Security update for audacity
This update for audacity fixes the following issues:
- CVE-2020-11867: Avoid saving temporary files to /var/tmp/audacity-$USER by default, which permissions are set to 755. (bsc#1179449)
Список пакетов
SUSE Package Hub 15 SP1
audacity-2.2.2-bp152.4.3.1
audacity-lang-2.2.2-bp152.4.3.1
SUSE Package Hub 15 SP2
audacity-2.2.2-bp152.4.3.1
audacity-lang-2.2.2-bp152.4.3.1
openSUSE Leap 15.1
audacity-2.2.2-bp152.4.3.1
audacity-lang-2.2.2-bp152.4.3.1
openSUSE Leap 15.2
audacity-2.2.2-bp152.4.3.1
audacity-lang-2.2.2-bp152.4.3.1
Ссылки
- E-Mail link for openSUSE-SU-2020:2261-1
- SUSE Security Ratings
- SUSE Bug 1179449
- SUSE CVE CVE-2020-11867 page
Описание
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
Затронутые продукты
SUSE Package Hub 15 SP1:audacity-2.2.2-bp152.4.3.1
SUSE Package Hub 15 SP1:audacity-lang-2.2.2-bp152.4.3.1
SUSE Package Hub 15 SP2:audacity-2.2.2-bp152.4.3.1
SUSE Package Hub 15 SP2:audacity-lang-2.2.2-bp152.4.3.1
Ссылки
- CVE-2020-11867
- SUSE Bug 1179449