You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa calamares

Sigurnosni nedostatak programskog paketa calamares

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2020-73471e6414
2020-10-23 22:01:02.263265
——————————————————————————–

Name : calamares
Product : Fedora 33
Version : 3.2.11
Release : 14.fc33
URL : https://protect2.fireeye.com/v1/url?k=e792424b-bb80f64f-e795df87-000babd90757-0777186cabde4aff&q=1&e=ee5a042a-a646-4a89-84a7-31eae6148480&u=https%3A%2F%2Fcalamares.io%2F
Summary : Installer from a live CD/DVD/USB to disk
Description :
Calamares is a distribution-independent installer framework, designed to install
from a live CD/DVD/USB environment to a hard disk. It includes a graphical
installation program based on Qt 5. This package includes the Calamares
framework and the required configuration files to produce a working replacement
for Anaconda’s liveinst.

——————————————————————————–
Update Information:

Update kpmcore to 4.2.0 and rebuild all dependent packages. This update also
fixes CVE-2020-27187.
——————————————————————————–
ChangeLog:

* Sat Oct 17 2020 Mattia Verga <mattia.verga@protonmail.com> – 3.2.11-14
– Rebuilt for kpmcore 4.2.0
* Sat Oct 17 2020 Mamoru TASAKA <mtasaka@fedoraproject.org> – 3.2.11-13
– Workaround for FTBFS
– Workaround for %cmake_kf5 forcely undefining %__cmake_in_source_build
– Upstream patch for missing header include
– Kill python bytecompile for now
* Sat Aug 1 2020 Fedora Release Engineering <releng@fedoraproject.org> – 3.2.11-12
– Second attempt – Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 28 2020 Adam Jackson <ajax@redhat.com> – 3.2.11-11
– Require setxkbmap not xorg-x11-xkb-utils
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> – 3.2.11-10
– Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jul 24 2020 Jeff Law <law@redhat.com> – 3.2.11-10
– Use __cmake_in_source_build
——————————————————————————–
References:

[ 1 ] Bug #1890199 – CVE-2020-27187 kpmcore: kpmcore_externalcommand helper can be exploited in local privilege escalation
https://bugzilla.redhat.com/show_bug.cgi?id=1890199
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-73471e6414’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=57e346b6-0bf1f2b2-57e4db7a-000babd90757-a5239afd245605bc&q=1&e=ee5a042a-a646-4a89-84a7-31eae6148480&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorBruno Varga
Cert idNCERT-REF-2020-10-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa kpmcore

Otkriven je sigurnosni nedostatak u programskom paketu kpmcore za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje stjecanje uvećanih ovlasti....

Close