Lucene search
SuseOPENSUSE-SU-2019:1697-1HistoryJul 07, 2019 - 12:00 a.m.
Security update for gvfs (important)
2019-07-0700:00:00
lists.opensuse.org
248
EPSS
0.039
Percentile
92.0%
An update that solves four vulnerabilities and has one
errata is now available.
Description:
This update for gvfs fixes the following issues:
Security issues fixed:
- CVE-2019-12795: Fixed a vulnerability which could have allowed attacks
via local D-Bus method calls (bsc#1137930). - CVE-2019-12447: Fixed an improper handling of file ownership in
daemon/gvfsbackendadmin.c due to no use of setfsuid (bsc#1136986). - CVE-2019-12449: Fixed an improper handling of file’s user and group
ownership in daemon/gvfsbackendadmin.c (bsc#1136992). - CVE-2019-12448: Fixed race conditions in daemon/gvfsbackendadmin.c due
to implementation
of query_info_on_read/write at admin backend (bsc#1136981).
Other issue addressed:
- Drop polkit rules files that are only relevant for wheel group
(bsc#1125433).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2019-1697=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.1 | i586 | < - openSUSE Leap 15.1 (i586 x86_64): | - openSUSE Leap 15.1 (i586 x86_64):.i586.rpm | |
| openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (i586 x86_64): | - openSUSE Leap 15.1 (i586 x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (x86_64): | - openSUSE Leap 15.1 (x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.1 | noarch | < - openSUSE Leap 15.1 (noarch): | - openSUSE Leap 15.1 (noarch):.noarch.rpm |
Related
nessus
nessus
SUSE SLED15 / SLES15 Security Update : gvfs (SUSE-SU-2019:1717-1)
2019-07-02 00:00:00
openSUSE Security Update : gvfs (openSUSE-2019-1699)
2019-07-08 00:00:00
RHEL 7 : gvfs (Unpatched Vulnerability)
2024-06-03 00:00:00
openvas
openvas
Fedora Update for gvfs FEDORA-2019-e6b02af8b8
2019-08-06 00:00:00
Ubuntu: Security Advisory (USN-4053-1)
2019-07-10 00:00:00
openSUSE: Security Advisory for gvfs (openSUSE-SU-2019:1697-1)
2020-01-09 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: gvfs-1.40.2-1.fc30
2019-07-22 01:04:19
[SECURITY] Fedora 29 Update: gvfs-1.38.3-1.fc29
2019-08-06 01:55:42
mageia
mageia
Updated gvfs packages fix security vulnerabilities
2019-07-21 21:17:27
ubuntu
ubuntu
GVfs vulnerabilities
2019-07-09 00:00:00
suse
suse
Security update for gvfs (important)
2019-07-07 00:00:00
rocky
rocky
GNOME security, bug fix, and enhancement update
2020-04-28 09:13:23
GNOME security, bug fix, and enhancement update
2019-11-05 17:59:21
osv
osv
Moderate: GNOME security, bug fix, and enhancement update
2020-04-28 09:13:23
Moderate: GNOME security, bug fix, and enhancement update
2020-04-28 09:13:23
gvfs - security update
2019-06-19 00:00:00
redhat
redhat
almalinux
almalinux
Moderate: GNOME security, bug fix, and enhancement update
2020-04-28 09:13:23
Low: GNOME security, bug fix, and enhancement update
2019-11-05 17:59:21
oraclelinux
oraclelinux
GNOME security, bug fix, and enhancement update
2020-05-05 00:00:00
GNOME security, bug fix, and enhancement update
2019-11-14 00:00:00
veracode
veracode
Authorization Bypass
2019-11-06 00:21:03
Privilege Escalation
2020-04-30 02:24:04
ubuntucve
ubuntucve
redhatcve
redhatcve
prion
prion
Design/Logic Flaw
2019-05-29 17:29:00
Authorization
2019-06-11 22:29:00
Design/Logic Flaw
2019-05-29 17:29:00
cve
cve
alpinelinux
alpinelinux
debiancve
debiancve
cvelist
cvelist
nvd
nvd
debian
debian
[SECURITY] [DLA 1827-1] gvfs security update
2019-06-19 21:49:36