Oval Definition:oval:org.opensuse.security:def:90161
Revision Date:2019-07-04Version:1
Title:Security update for libu2f-host, pam_u2f (Moderate)
Description:

This update for libu2f-host and pam_u2f to version 1.0.8 fixes the following issues:

Security issues fixed for libu2f-host:

- CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response (bsc#1128140).

Security issues fixed for pam_u2f:

- CVE-2019-12209: Fixed an issue where symlinks in the user's directory were followed (bsc#1135729). - CVE-2019-12210: Fixed file descriptor leaks (bsc#1135727).
Family:unixClass:patch
Status:Reference(s):1128140
1135727
1135729
CVE-2019-12209
CVE-2019-12210
CVE-2019-9578
SUSE-SU-2019:1750-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libu2f-host-devel-1.1.6-3.6.1 is installed
  • OR libu2f-host0-1.1.6-3.6.1 is installed
  • OR pam_u2f-1.0.8-3.3.1 is installed
    • BACK