| Revision Date: | 2019-12-05 | Version: | 1 |
| Title: | Security update for permissions (Moderate) |
| Description: |
This update for permissions fixes the following issues:
Security issues fixed:
- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary (bsc#1093414). - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links (bsc#1150734).
Other issue addressed:
- Corrected a badly constracted file which could have allowed treating of the shell environment as permissions files (bsc#1097665,bsc#1047247). - Fixed a regression which caused sagmentation fault (bsc#1157198).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1047247
1093414
1097665
1150734
1157198
CVE-2019-3688
CVE-2019-3690
SUSE-SU-2019:3183-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP4
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP4 is installed AND permissions-20170707-3.14.1 is installed
|