You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa kauth i kdelibs4

Sigurnosni nedostatak programskog paketa kauth i kdelibs4

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LSU

openSUSE Security Update: Security update for kauth, kdelibs4
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:1272-1
Rating: important
References: #1036244
Cross-References: CVE-2017-8422
Affected Products:
openSUSE Leap 42.2
openSUSE Leap 42.1
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for kauth and kdelibs4 fixes the following issues:

– CVE-2017-8422: logic flaw in the KAuth framework allowed privilege
escalation (boo#1036244).

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-575=1

– openSUSE Leap 42.1:

zypper in -t patch openSUSE-2017-575=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– openSUSE Leap 42.2 (i586 x86_64):

kauth-debugsource-5.26.0-2.3.1
kauth-devel-5.26.0-2.3.1
kdelibs4-4.14.25-7.4.1
kdelibs4-branding-upstream-4.14.25-7.4.1
kdelibs4-core-4.14.25-7.4.1
kdelibs4-core-debuginfo-4.14.25-7.4.1
kdelibs4-debuginfo-4.14.25-7.4.1
kdelibs4-debugsource-4.14.25-7.4.1
kdelibs4-doc-4.14.25-7.4.1
kdelibs4-doc-debuginfo-4.14.25-7.4.1
libKF5Auth5-5.26.0-2.3.1
libKF5Auth5-debuginfo-5.26.0-2.3.1
libkde4-4.14.25-7.4.1
libkde4-debuginfo-4.14.25-7.4.1
libkde4-devel-4.14.25-7.4.1
libkdecore4-4.14.25-7.4.1
libkdecore4-debuginfo-4.14.25-7.4.1
libkdecore4-devel-4.14.25-7.4.1
libkdecore4-devel-debuginfo-4.14.25-7.4.1
libksuseinstall-devel-4.14.25-7.4.1
libksuseinstall1-4.14.25-7.4.1
libksuseinstall1-debuginfo-4.14.25-7.4.1

– openSUSE Leap 42.2 (x86_64):

kauth-devel-32bit-5.26.0-2.3.1
libKF5Auth5-32bit-5.26.0-2.3.1
libKF5Auth5-debuginfo-32bit-5.26.0-2.3.1
libkde4-32bit-4.14.25-7.4.1
libkde4-debuginfo-32bit-4.14.25-7.4.1
libkdecore4-32bit-4.14.25-7.4.1
libkdecore4-debuginfo-32bit-4.14.25-7.4.1
libksuseinstall1-32bit-4.14.25-7.4.1
libksuseinstall1-debuginfo-32bit-4.14.25-7.4.1

– openSUSE Leap 42.2 (noarch):

kdelibs4-apidocs-4.14.25-7.4.1
libKF5Auth5-lang-5.26.0-2.3.1

– openSUSE Leap 42.1 (i586 x86_64):

kauth-debugsource-5.21.0-16.1
kauth-devel-5.21.0-16.1
kdelibs4-4.14.18-18.1
kdelibs4-branding-upstream-4.14.18-18.1
kdelibs4-core-4.14.18-18.1
kdelibs4-core-debuginfo-4.14.18-18.1
kdelibs4-debuginfo-4.14.18-18.1
kdelibs4-debugsource-4.14.18-18.1
kdelibs4-doc-4.14.18-18.1
kdelibs4-doc-debuginfo-4.14.18-18.1
libKF5Auth5-5.21.0-16.1
libKF5Auth5-debuginfo-5.21.0-16.1
libkde4-4.14.18-18.1
libkde4-debuginfo-4.14.18-18.1
libkde4-devel-4.14.18-18.1
libkdecore4-4.14.18-18.1
libkdecore4-debuginfo-4.14.18-18.1
libkdecore4-devel-4.14.18-18.1
libkdecore4-devel-debuginfo-4.14.18-18.1
libksuseinstall-devel-4.14.18-18.1
libksuseinstall1-4.14.18-18.1
libksuseinstall1-debuginfo-4.14.18-18.1

– openSUSE Leap 42.1 (noarch):

kdelibs4-apidocs-4.14.18-18.1
libKF5Auth5-lang-5.21.0-16.1

– openSUSE Leap 42.1 (x86_64):

kauth-devel-32bit-5.21.0-16.1
libKF5Auth5-32bit-5.21.0-16.1
libKF5Auth5-debuginfo-32bit-5.21.0-16.1
libkde4-32bit-4.14.18-18.1
libkde4-debuginfo-32bit-4.14.18-18.1
libkdecore4-32bit-4.14.18-18.1
libkdecore4-debuginfo-32bit-4.14.18-18.1
libksuseinstall1-32bit-4.14.18-18.1
libksuseinstall1-debuginfo-32bit-4.14.18-18.1

References:

https://www.suse.com/security/cve/CVE-2017-8422.html
https://bugzilla.suse.com/1036244


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

openSUSE Security Update: Security update for kauth, kdelibs4
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:1254-1
Rating: important
References: #1036244
Cross-References: CVE-2017-8422
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for kauth and kdelibs4 fixes the following issues:

– CVE-2017-8422: logic flaw in the KAuth framework allowed privilege
escalation (boo#1036244).

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

– SUSE Package Hub for SUSE Linux Enterprise 12:

zypper in -t patch openSUSE-2017-575=1

To bring your system up-to-date, use “zypper patch”.

Package List:

– SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64):

kdelibs4-4.14.18-9.1
kdelibs4-4.14.25-8.2
kdelibs4-branding-upstream-4.14.18-9.1
kdelibs4-branding-upstream-4.14.25-8.2
kdelibs4-core-4.14.18-9.1
kdelibs4-core-4.14.25-8.2
kdelibs4-core-debuginfo-4.14.18-9.1
kdelibs4-core-debuginfo-4.14.25-8.2
kdelibs4-debuginfo-4.14.18-9.1
kdelibs4-debuginfo-4.14.25-8.2
kdelibs4-debugsource-4.14.18-9.1
kdelibs4-debugsource-4.14.25-8.2
kdelibs4-doc-4.14.18-9.1
kdelibs4-doc-4.14.25-8.2
kdelibs4-doc-debuginfo-4.14.18-9.1
kdelibs4-doc-debuginfo-4.14.25-8.2
libkde4-4.14.18-9.1
libkde4-4.14.25-8.2
libkde4-debuginfo-4.14.18-9.1
libkde4-debuginfo-4.14.25-8.2
libkde4-devel-4.14.18-9.1
libkde4-devel-4.14.25-8.2
libkdecore4-4.14.18-9.1
libkdecore4-4.14.25-8.2
libkdecore4-debuginfo-4.14.18-9.1
libkdecore4-debuginfo-4.14.25-8.2
libkdecore4-devel-4.14.18-9.1
libkdecore4-devel-4.14.25-8.2
libkdecore4-devel-debuginfo-4.14.18-9.1
libkdecore4-devel-debuginfo-4.14.25-8.2
libksuseinstall-devel-4.14.18-9.1
libksuseinstall-devel-4.14.25-8.2
libksuseinstall1-4.14.18-9.1
libksuseinstall1-4.14.25-8.2
libksuseinstall1-debuginfo-4.14.18-9.1
libksuseinstall1-debuginfo-4.14.25-8.2

– SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):

kauth-debugsource-5.20.0-7.1
kauth-debugsource-5.26.0-6.1
kauth-devel-5.20.0-7.1
kauth-devel-5.26.0-6.1
libKF5Auth5-5.20.0-7.1
libKF5Auth5-5.26.0-6.1
libKF5Auth5-debuginfo-5.20.0-7.1
libKF5Auth5-debuginfo-5.26.0-6.1

– SUSE Package Hub for SUSE Linux Enterprise 12 (noarch):

kdelibs4-apidocs-4.14.18-9.1
kdelibs4-apidocs-4.14.25-8.2
libKF5Auth5-lang-5.20.0-7.1
libKF5Auth5-lang-5.26.0-6.1

References:

https://www.suse.com/security/cve/CVE-2017-8422.html
https://bugzilla.suse.com/1036244


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

AutorVlatka Misic
Cert idNCERT-REF-2017-05-0012-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Sigurnosni nedostaci Live Patching servisa

Izdana je nadogradnja za Live Patching servis za operacijski sustav SUSE. Otkriveni nedostaci potencijalnim lokalnim napadačima omogućuju stjecanje uvećanih ovlasti,...

Close