CVE-2019-14822: Fixed a misconfiguration of the DBus server that allowed an unprivileged user to monitor and send method calls to the ibus bus of another user. (bsc#1150011)
Affected Packages
ibus
SUSE Enterprise Storage 4SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP2-BCL
Fixed in:
1.5.13-15.11.2
ibus-gtk
SUSE Enterprise Storage 4SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP2-BCL
Fixed in:
1.5.13-15.11.2
ibus-gtk3
SUSE Enterprise Storage 4SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP2-BCL
Fixed in:
1.5.13-15.11.2
ibus-lang
SUSE Enterprise Storage 4SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP2-BCL
Fixed in:
1.5.13-15.11.2
libibus-1_0-5
SUSE Enterprise Storage 4SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP2-BCL
Fixed in:
1.5.13-15.11.2
typelib-1_0-IBus-1_0
SUSE Enterprise Storage 4SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP2-BCL
Fixed in:
1.5.13-15.11.2
ibus-gtk3-32bit
SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP5
Fixed in:
1.5.13-15.11.2
libibus-1_0-5-32bit
SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP5
Fixed in:
1.5.13-15.11.2
python-ibus
SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP5
Fixed in:
1.5.13-15.11.2
ibus-devel
SUSE Linux Enterprise Software Development Kit 12 SP4SUSE Linux Enterprise Software Development Kit 12 SP5