SUSE-SU-2019:1591-1

UNKNOWN

Security update for dbus-1

Published Jun 21, 2019

Modified 6 years ago

Fix available

Details

This update for dbus-1 fixes the following issue:

Security issue fixed:

CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication (bsc#1137832).

Affected Packages

dbus-1

SUSE Enterprise Storage 4SUSE Linux Enterprise Server 12 SP1-LTSSSUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12-LTSS

Fixed in:

1.8.22-24.19.1

dbus-1-x11

SUSE Enterprise Storage 4SUSE Linux Enterprise Server 12 SP1-LTSSSUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12-LTSS

Fixed in:

1.8.22-24.19.1

libdbus-1-3

SUSE Enterprise Storage 4SUSE Linux Enterprise Server 12 SP1-LTSSSUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12-LTSS

Fixed in:

1.8.22-24.19.1

libdbus-1-3-32bit

SUSE Enterprise Storage 4SUSE Linux Enterprise Server 12 SP1-LTSSSUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12-LTSS

Fixed in:

1.8.22-24.19.1

References

REPORT

https://bugzilla.suse.com/1137832

WEB

https://www.suse.com/security/cve/CVE-2019-12749

ADVISORY

https://www.suse.com/support/update/announcement/2019/suse-su-20191591-1/

Upstream

CVE-2019-12749

Ecosystems(8)

SUSE Enterprise Storage 4 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12-LTSS

Timeline

PublishedJun 21, 2019

ModifiedJun 21, 2019

SUSE-SU-2019:1591-1 | Mondoo Vulnerability Intelligence