Oval Definition:oval:org.opensuse.security:def:2704
Revision Date:2020-12-02Version:1
Title:Security update for gvfs (Important)
Description:

This update for gvfs fixes the following issues:

Security issues fixed: - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls (bsc#1137930). - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of setfsuid (bsc#1136986). - CVE-2019-12449: Fixed an improper handling of file's user and group ownership in daemon/gvfsbackendadmin.c (bsc#1136992). - CVE-2019-12448: Fixed race conditions in daemon/gvfsbackendadmin.c due to implementation of query_info_on_read/write at admin backend (bsc#1136981).

Other issue addressed: - Drop polkit rules files that are only relevant for wheel group (bsc#1125433).
Family:unixClass:patch
Status:Reference(s):1069904
1084645
1085416
1086613
1087240
1096748
1099162
1100523
1101262
1103557
1104918
1111177
1112028
1114567
1116708
1117025
1117963
1117964
1117965
1117966
1117967
1120507
1121563
1122000
1122895
1123333
1123727
1123892
1124153
1125352
1125433
1128829
1128963
1131233
1131237
1131239
1131241
1131245
1135114
1136981
1136986
1136992
1137930
1141980
1154370
1154804
1154805
1155198
1155205
1155298
1155678
1155819
1156158
1157377
1158763
1159646
1159922
1159923
1159924
1159927
CVE-2016-1000031
CVE-2017-14804
CVE-2018-0886
CVE-2018-1000852
CVE-2018-10861
CVE-2018-1128
CVE-2018-1129
CVE-2018-13440
CVE-2018-14662
CVE-2018-16846
CVE-2018-8784
CVE-2018-8785
CVE-2018-8786
CVE-2018-8787
CVE-2018-8788
CVE-2018-8789
CVE-2019-0196
CVE-2019-0197
CVE-2019-0211
CVE-2019-0217
CVE-2019-0220
CVE-2019-11045
CVE-2019-11046
CVE-2019-11047
CVE-2019-11050
CVE-2019-12447
CVE-2019-12448
CVE-2019-12449
CVE-2019-12795
CVE-2019-13619
CVE-2019-17571
CVE-2019-17626
CVE-2019-18900
CVE-2019-6454
SUSE-SU-2019:0387-1
SUSE-SU-2019:0426-1
SUSE-SU-2019:0539-1
SUSE-SU-2019:0586-1
SUSE-SU-2019:0873-1
SUSE-SU-2019:0940-1
SUSE-SU-2019:1212-2
SUSE-SU-2019:1717-1
SUSE-SU-2019:2103-1
SUSE-SU-2020:0053-1
SUSE-SU-2020:0087-1
SUSE-SU-2020:0101-1
SUSE-SU-2020:0255-1
Platform(s):SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for High Performance Computing 15
SUSE Linux Enterprise Module for High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Toolchain 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for VMWare 11 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Package Hub for SUSE Linux Enterprise 12 SP1
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND haproxy-1.5.4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND Package Information
  • krb5-mini-1.12.1-22.2 is installed
  • OR krb5-mini-devel-1.12.1-22.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • ecryptfs-utils-103-5 is installed
  • OR ecryptfs-utils-32bit-103-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • cpp48-4.8.5-24 is installed
  • OR gcc48-4.8.5-24 is installed
  • OR gcc48-32bit-4.8.5-24 is installed
  • OR gcc48-c++-4.8.5-24 is installed
  • OR gcc48-gij-4.8.5-24 is installed
  • OR gcc48-gij-32bit-4.8.5-24 is installed
  • OR gcc48-info-4.8.5-24 is installed
  • OR libasan0-4.8.5-24 is installed
  • OR libasan0-32bit-4.8.5-24 is installed
  • OR libgcj48-4.8.5-24 is installed
  • OR libgcj48-32bit-4.8.5-24 is installed
  • OR libgcj48-jar-4.8.5-24 is installed
  • OR libgcj_bc1-4.8.5-24 is installed
  • OR libstdc++48-devel-4.8.5-24 is installed
  • OR libstdc++48-devel-32bit-4.8.5-24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • kernel-default-4.4.59-92.24 is installed
  • OR kernel-default-devel-4.4.59-92.24 is installed
  • OR kernel-default-extra-4.4.59-92.24 is installed
  • OR kernel-devel-4.4.59-92.24 is installed
  • OR kernel-macros-4.4.59-92.24 is installed
  • OR kernel-source-4.4.59-92.24 is installed
  • OR kernel-syms-4.4.59-92.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libwireshark9-2.4.9-48.29 is installed
  • OR libwiretap7-2.4.9-48.29 is installed
  • OR libwscodecs1-2.4.9-48.29 is installed
  • OR libwsutil8-2.4.9-48.29 is installed
  • OR wireshark-2.4.9-48.29 is installed
  • OR wireshark-gtk-2.4.9-48.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND haproxy-1.6.5-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND ctdb-4.6.5+git.27.6afd48b1083-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND fence-agents-4.2.1+git.1537269352.7b1fd536-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-150.35 is installed
  • OR dlm-kmp-default-4.12.14-150.35 is installed
  • OR gfs2-kmp-default-4.12.14-150.35 is installed
  • OR kernel-default-4.12.14-150.35 is installed
  • OR ocfs2-kmp-default-4.12.14-150.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • libqb-1.0.3+20190326.a521604-3.3 is installed
  • OR libqb-devel-1.0.3+20190326.a521604-3.3 is installed
  • OR libqb-tests-1.0.3+20190326.a521604-3.3 is installed
  • OR libqb-tools-1.0.3+20190326.a521604-3.3 is installed
  • OR libqb20-1.0.3+20190326.a521604-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • python-Werkzeug-0.12.2-3.3 is installed
  • OR python2-Werkzeug-0.12.2-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • gvfs-1.34.2.1-4.13 is installed
  • OR gvfs-backend-afc-1.34.2.1-4.13 is installed
  • OR gvfs-backend-samba-1.34.2.1-4.13 is installed
  • OR gvfs-backends-1.34.2.1-4.13 is installed
  • OR gvfs-devel-1.34.2.1-4.13 is installed
  • OR gvfs-fuse-1.34.2.1-4.13 is installed
  • OR gvfs-lang-1.34.2.1-4.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 is installed
  • AND Package Information
  • libpmi0-17.11.13-6.18 is installed
  • OR libslurm32-17.11.13-6.18 is installed
  • OR perl-slurm-17.11.13-6.18 is installed
  • OR slurm-17.11.13-6.18 is installed
  • OR slurm-auth-none-17.11.13-6.18 is installed
  • OR slurm-config-17.11.13-6.18 is installed
  • OR slurm-devel-17.11.13-6.18 is installed
  • OR slurm-doc-17.11.13-6.18 is installed
  • OR slurm-lua-17.11.13-6.18 is installed
  • OR slurm-munge-17.11.13-6.18 is installed
  • OR slurm-node-17.11.13-6.18 is installed
  • OR slurm-pam_slurm-17.11.13-6.18 is installed
  • OR slurm-plugins-17.11.13-6.18 is installed
  • OR slurm-slurmdbd-17.11.13-6.18 is installed
  • OR slurm-sql-17.11.13-6.18 is installed
  • OR slurm-torque-17.11.13-6.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed
  • AND Package Information
  • libmunge2-0.5.13-4.3 is installed
  • OR munge-0.5.13-4.3 is installed
  • OR munge-devel-0.5.13-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.6 is installed
  • OR reiserfs-kmp-default-4.12.14-25.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.212-3.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.6 is installed
  • OR kernel-default-livepatch-4.12.14-25.6 is installed
  • OR kernel-livepatch-4_12_14-25_6-default-1-1.3 is installed
  • OR kernel-livepatch-SLE15_Update_2-1-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.7 is installed
  • OR kernel-default-livepatch-4.12.14-197.7 is installed
  • OR kernel-default-livepatch-devel-4.12.14-197.7 is installed
  • OR kernel-livepatch-4_12_14-197_7-default-1-3.3 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_2-1-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • build-20190128-3.3 is installed
  • OR build-mkdrpms-20190128-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • jakarta-commons-fileupload-1.1.1-4.3 is installed
  • OR jakarta-commons-fileupload-javadoc-1.1.1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND Package Information
  • kernel-azure-4.12.14-5.16 is installed
  • OR kernel-azure-base-4.12.14-5.16 is installed
  • OR kernel-azure-devel-4.12.14-5.16 is installed
  • OR kernel-devel-azure-4.12.14-5.16 is installed
  • OR kernel-source-azure-4.12.14-5.16 is installed
  • OR kernel-syms-azure-4.12.14-5.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • dpdk-17.11.2-3.2 is installed
  • OR dpdk-devel-17.11.2-3.2 is installed
  • OR dpdk-kmp-default-17.11.2_k4.12.14_23-3.2 is installed
  • OR dpdk-thunderx-17.11.2-3.2 is installed
  • OR dpdk-thunderx-devel-17.11.2-3.2 is installed
  • OR dpdk-thunderx-kmp-default-17.11.2_k4.12.14_23-3.2 is installed
  • OR dpdk-tools-17.11.2-3.2 is installed
  • OR libdpdk-17_11-0-17.11.2-3.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Toolchain 12 is installed
  • AND Package Information
  • cpp5-5.3.1+r233831-9 is installed
  • OR gcc5-5.3.1+r233831-9 is installed
  • OR gcc5-c++-5.3.1+r233831-9 is installed
  • OR gcc5-fortran-5.3.1+r233831-9 is installed
  • OR gcc5-info-5.3.1+r233831-9 is installed
  • OR gcc5-locale-5.3.1+r233831-9 is installed
  • OR libffi-devel-gcc5-5.3.1+r233831-9 is installed
  • OR libstdc++6-devel-gcc5-5.3.1+r233831-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php7-7.0.7-15 is installed
  • OR php7-7.0.7-15 is installed
  • OR php7-bcmath-7.0.7-15 is installed
  • OR php7-bz2-7.0.7-15 is installed
  • OR php7-calendar-7.0.7-15 is installed
  • OR php7-ctype-7.0.7-15 is installed
  • OR php7-curl-7.0.7-15 is installed
  • OR php7-dba-7.0.7-15 is installed
  • OR php7-dom-7.0.7-15 is installed
  • OR php7-enchant-7.0.7-15 is installed
  • OR php7-exif-7.0.7-15 is installed
  • OR php7-fastcgi-7.0.7-15 is installed
  • OR php7-fileinfo-7.0.7-15 is installed
  • OR php7-fpm-7.0.7-15 is installed
  • OR php7-ftp-7.0.7-15 is installed
  • OR php7-gd-7.0.7-15 is installed
  • OR php7-gettext-7.0.7-15 is installed
  • OR php7-gmp-7.0.7-15 is installed
  • OR php7-iconv-7.0.7-15 is installed
  • OR php7-imap-7.0.7-15 is installed
  • OR php7-intl-7.0.7-15 is installed
  • OR php7-json-7.0.7-15 is installed
  • OR php7-ldap-7.0.7-15 is installed
  • OR php7-mbstring-7.0.7-15 is installed
  • OR php7-mcrypt-7.0.7-15 is installed
  • OR php7-mysql-7.0.7-15 is installed
  • OR php7-odbc-7.0.7-15 is installed
  • OR php7-opcache-7.0.7-15 is installed
  • OR php7-openssl-7.0.7-15 is installed
  • OR php7-pcntl-7.0.7-15 is installed
  • OR php7-pdo-7.0.7-15 is installed
  • OR php7-pear-7.0.7-15 is installed
  • OR php7-pear-Archive_Tar-7.0.7-15 is installed
  • OR php7-pgsql-7.0.7-15 is installed
  • OR php7-phar-7.0.7-15 is installed
  • OR php7-posix-7.0.7-15 is installed
  • OR php7-pspell-7.0.7-15 is installed
  • OR php7-shmop-7.0.7-15 is installed
  • OR php7-snmp-7.0.7-15 is installed
  • OR php7-soap-7.0.7-15 is installed
  • OR php7-sockets-7.0.7-15 is installed
  • OR php7-sqlite-7.0.7-15 is installed
  • OR php7-sysvmsg-7.0.7-15 is installed
  • OR php7-sysvsem-7.0.7-15 is installed
  • OR php7-sysvshm-7.0.7-15 is installed
  • OR php7-tokenizer-7.0.7-15 is installed
  • OR php7-wddx-7.0.7-15 is installed
  • OR php7-xmlreader-7.0.7-15 is installed
  • OR php7-xmlrpc-7.0.7-15 is installed
  • OR php7-xmlwriter-7.0.7-15 is installed
  • OR php7-xsl-7.0.7-15 is installed
  • OR php7-zip-7.0.7-15 is installed
  • OR php7-zlib-7.0.7-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • nodejs8-8.16.1-3.20 is installed
  • OR nodejs8-devel-8.16.1-3.20 is installed
  • OR nodejs8-docs-8.16.1-3.20 is installed
  • OR npm8-8.16.1-3.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • DirectFB-1.7.1-4 is installed
  • OR lib++dfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-1.7.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libsmi-0.4.8-18 is installed
  • OR libsmi2-0.4.8-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_44-52_18-default-6-2.2 is installed
  • OR kgraft-patch-3_12_44-52_18-xen-6-2.2 is installed
  • OR kgraft-patch-SLE12_Update_7-6-2.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND libXext-devel-1.3.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND gnome-settings-daemon-devel-3.20.1-40.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND enigmail-2.0.7-3.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.17 is installed
  • OR libavcodec-devel-3.4.2-4.17 is installed
  • OR libavformat-devel-3.4.2-4.17 is installed
  • OR libavformat57-3.4.2-4.17 is installed
  • OR libavresample-devel-3.4.2-4.17 is installed
  • OR libavresample3-3.4.2-4.17 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 SP1 is installed
  • AND Package Information
  • kinit-5.20.0-6 is installed
  • OR kinit-devel-5.20.0-6 is installed
  • OR kinit-lang-5.20.0-6 is installed
    • BACK