Описание
Security update for PackageKit
This update for PackageKit fixes the following issue:
- CVE-2020-16121: Fixed an Information disclosure in InstallFiles, GetFilesLocal and GetDetailsLocal (bsc#1176930).
- Update summary and description of gstreamer-plugin and gtk3-module. (bsc#1104313)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Список пакетов
openSUSE Leap 15.2
PackageKit-1.1.13-lp152.3.15.1
PackageKit-backend-dnf-1.1.13-lp152.3.15.1
PackageKit-backend-zypp-1.1.13-lp152.3.15.1
PackageKit-branding-upstream-1.1.13-lp152.3.15.1
PackageKit-devel-1.1.13-lp152.3.15.1
PackageKit-gstreamer-plugin-1.1.13-lp152.3.15.1
PackageKit-gtk3-module-1.1.13-lp152.3.15.1
PackageKit-lang-1.1.13-lp152.3.15.1
libpackagekit-glib2-18-1.1.13-lp152.3.15.1
libpackagekit-glib2-18-32bit-1.1.13-lp152.3.15.1
libpackagekit-glib2-devel-1.1.13-lp152.3.15.1
libpackagekit-glib2-devel-32bit-1.1.13-lp152.3.15.1
typelib-1_0-PackageKitGlib-1_0-1.1.13-lp152.3.15.1
Ссылки
- E-Mail link for openSUSE-SU-2020:2344-1
- SUSE Security Ratings
- SUSE Bug 1104313
- SUSE Bug 1176930
- SUSE CVE CVE-2020-16121 page
Описание
PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.
Затронутые продукты
openSUSE Leap 15.2:PackageKit-1.1.13-lp152.3.15.1
openSUSE Leap 15.2:PackageKit-backend-dnf-1.1.13-lp152.3.15.1
openSUSE Leap 15.2:PackageKit-backend-zypp-1.1.13-lp152.3.15.1
openSUSE Leap 15.2:PackageKit-branding-upstream-1.1.13-lp152.3.15.1
Ссылки
- CVE-2020-16121
- SUSE Bug 1176930