Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2019-2628.NASLHistoryDec 04, 2019 - 12:00 a.m.
openSUSE Security Update : calamares (openSUSE-2019-2628)
2019-12-0400:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
8 High
AI Score
Confidence
High
This update for calamares fixes the following issues :
- Launch with ‘pkexec calamares’ in openSUSE Tumbleweed, but launch with ‘xdg-su -c calamares’ in openSUSE Leap 15.
Update to Calamares 3.2.15 :
-
‘displaymanager’ module now treats ‘sysconfig’ as a regular entry in the ‘displaymanagers’ list, and the ‘sysconfigSetup’ key is used as a shorthand to force only that entry in the list.
-
‘machineid’ module has been re-written in C++ and extended with a new configuration key to generate urandom pool data.
-
‘unpackfs’ now supports a special ‘sourcefs’ value of file for copying single files (optionally with renaming) or directory trees to the target system.
-
‘unpackfs’ now support an ‘exclude’ and ‘excludeFile’ setting for excluding particular files or patters from unpacking.
Update to Calamares 3.2.14 :
-
‘locale’ module no longer recognizes the legacy GeoIP configuration. This has been deprecated since Calamares 3.2.8 and is now removed.
-
‘packagechooser’ module can now be custom-labeled in the overall progress (left-hand column).
-
‘displaymanager’ module now recognizes KDE Plasma 5.17.
-
‘displaymanager’ module now can handle Wayland sessions and can detect sessions from their .desktop files.
-
‘unpackfs’ now has special handling for sourcefs setting “file”.
Update to Calamares 3.2.13.
More about upstream changes :
https://calamares.io/calamares-3.2.13-is-out/ and https://calamares.io/calamares-3.2.12-is-out/
Update to Calamares 3.2.11 :
-
Fix race condition in modules/luksbootkeyfile/main.py (boo#1140256, CVE-2019-13178)
-
more about upstream changes in 3.2 versions can be found in https://calamares.io/ and https://github.com/calamares/calamares/releases
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2019-2628.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('compat.inc');
if (description)
{
script_id(131689);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/05");
script_cve_id("CVE-2019-13178");
script_name(english:"openSUSE Security Update : calamares (openSUSE-2019-2628)");
script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"This update for calamares fixes the following issues :
- Launch with 'pkexec calamares' in openSUSE Tumbleweed,
but launch with 'xdg-su -c calamares' in openSUSE Leap
15.
Update to Calamares 3.2.15 :
- 'displaymanager' module now treats 'sysconfig' as a
regular entry in the 'displaymanagers' list, and the
'sysconfigSetup' key is used as a shorthand to force
only that entry in the list.
- 'machineid' module has been re-written in C++ and
extended with a new configuration key to generate
urandom pool data.
- 'unpackfs' now supports a special 'sourcefs' value of
file for copying single files (optionally with renaming)
or directory trees to the target system.
- 'unpackfs' now support an 'exclude' and 'excludeFile'
setting for excluding particular files or patters from
unpacking.
Update to Calamares 3.2.14 :
- 'locale' module no longer recognizes the legacy GeoIP
configuration. This has been deprecated since Calamares
3.2.8 and is now removed.
- 'packagechooser' module can now be custom-labeled in the
overall progress (left-hand column).
- 'displaymanager' module now recognizes KDE Plasma 5.17.
- 'displaymanager' module now can handle Wayland sessions
and can detect sessions from their .desktop files.
- 'unpackfs' now has special handling for sourcefs setting
“file”.
Update to Calamares 3.2.13.
More about upstream changes :
https://calamares.io/calamares-3.2.13-is-out/ and
https://calamares.io/calamares-3.2.12-is-out/
Update to Calamares 3.2.11 :
- Fix race condition in modules/luksbootkeyfile/main.py
(boo#1140256, CVE-2019-13178)
- more about upstream changes in 3.2 versions can be found
in https://calamares.io/ and
https://github.com/calamares/calamares/releases");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1140256");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1152377");
script_set_attribute(attribute:"see_also", value:"https://calamares.io/");
script_set_attribute(attribute:"see_also", value:"https://calamares.io/calamares-3.2.12-is-out/");
script_set_attribute(attribute:"see_also", value:"https://calamares.io/calamares-3.2.13-is-out/");
script_set_attribute(attribute:"see_also", value:"https://github.com/calamares/calamares/releases");
script_set_attribute(attribute:"solution", value:
"Update the affected calamares packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-13178");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/02");
script_set_attribute(attribute:"patch_publication_date", value:"2019/12/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/04");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calamares");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calamares-branding-upstream");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calamares-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calamares-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calamares-webview");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:calamares-webview-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE15.1", reference:"calamares-3.2.15-lp151.4.3.3") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"calamares-branding-upstream-3.2.15-lp151.4.3.3") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"calamares-debuginfo-3.2.15-lp151.4.3.3") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"calamares-debugsource-3.2.15-lp151.4.3.3") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"calamares-webview-3.2.15-lp151.4.3.3") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"calamares-webview-debuginfo-3.2.15-lp151.4.3.3") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "calamares / calamares-branding-upstream / calamares-debuginfo / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | calamares | p-cpe:/a:novell:opensuse:calamares |
| novell | opensuse | calamares-branding-upstream | p-cpe:/a:novell:opensuse:calamares-branding-upstream |
| novell | opensuse | calamares-debuginfo | p-cpe:/a:novell:opensuse:calamares-debuginfo |
| novell | opensuse | calamares-debugsource | p-cpe:/a:novell:opensuse:calamares-debugsource |
| novell | opensuse | calamares-webview | p-cpe:/a:novell:opensuse:calamares-webview |
| novell | opensuse | calamares-webview-debuginfo | p-cpe:/a:novell:opensuse:calamares-webview-debuginfo |
| novell | opensuse | 15.1 | cpe:/o:novell:opensuse:15.1 |
Related
debiancve
debiancve
CVE-2019-13178
2019-07-02 23:15:00
openvas
openvas
openSUSE: Security Advisory for calamares (openSUSE-SU-2019:2628-1)
2019-12-04 00:00:00
Fedora Update for calamares FEDORA-2019-e61a85c2bb
2019-08-14 00:00:00
Fedora Update for calamares FEDORA-2019-50ee491d76
2019-08-14 00:00:00
prion
prion
Race condition
2019-07-02 23:15:00
suse
suse
Security update for calamares (moderate)
2019-12-04 00:00:00
Security update for calamares (moderate)
2019-12-09 00:00:00
Security update for calamares (moderate)
2019-12-09 00:00:00
osv
osv
CVE-2019-13178
2019-07-02 23:15:09
ubuntucve
ubuntucve
CVE-2019-13178
2019-07-02 00:00:00
cve
cve
CVE-2019-13178
2019-07-02 23:15:00
fedora
fedora
[SECURITY] Fedora 30 Update: calamares-3.2.11-1.fc30
2019-08-13 01:02:16
[SECURITY] Fedora 29 Update: calamares-3.2.11-1.fc29
2019-08-13 01:59:37