Описание
Security update for opensuse-welcome
This update for opensuse-welcome fixes the following issues:
- CVE-2023-32184: Fixed possible security issues when using the feature to change the Xfce desktop layout, caused by a fixed temporary file path used in /tmp/layout (boo#1213708)
Список пакетов
SUSE Package Hub 15 SP4
opensuse-welcome-0.1.9+git.0.66be0d8-bp154.2.6.1
opensuse-welcome-lang-0.1.9+git.0.66be0d8-bp154.2.6.1
openSUSE Leap 15.4
opensuse-welcome-0.1.9+git.0.66be0d8-bp154.2.6.1
opensuse-welcome-lang-0.1.9+git.0.66be0d8-bp154.2.6.1
Ссылки
- E-Mail link for openSUSE-SU-2023:0230-1
- SUSE Security Ratings
- SUSE Bug 1213708
- SUSE CVE CVE-2023-32184 page
Описание
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 before 0.1.9+git.35.4b9444a.
Затронутые продукты
SUSE Package Hub 15 SP4:opensuse-welcome-0.1.9+git.0.66be0d8-bp154.2.6.1
SUSE Package Hub 15 SP4:opensuse-welcome-lang-0.1.9+git.0.66be0d8-bp154.2.6.1
openSUSE Leap 15.4:opensuse-welcome-0.1.9+git.0.66be0d8-bp154.2.6.1
openSUSE Leap 15.4:opensuse-welcome-lang-0.1.9+git.0.66be0d8-bp154.2.6.1
Ссылки
- CVE-2023-32184
- SUSE Bug 1213708