26 matches found
GNOME security, bug fix, and enhancement update
accountsservice 0.6.55-2 - Add support for user templates so user can specify default session Resolves: 1812788 gdm 40.0-14 - Fix XDMCP Resolves: 2004170 - Fix crash at shutdown Related: 2004170 40.0-13 - Disable Wayland on HyperV - Fix Xorg fallback Related: 1998989 40.0-12 - Redisable on server...
gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix)
autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplet...
RLSA-2021:4381 Moderate: GNOME security, bug fix, and enhancement update
GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm 40.0, webkit2gtk3 2.32.3. BZ1909300 Security Fixes: webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558...
SUSE: Security Advisory (SUSE-SU-2021:0687-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for gnome-autoar (openSUSE-SU-2021:0390-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for gnome-screenshot (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for yelp-tools (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for eog (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for tracker3 (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for gnome-shell-extension-background-logo (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for gnome-shell (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for evolution (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for gnome-user-docs (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Directory traversal
autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplet...
CVE-2021-28650
autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplet...
openSUSE Security Update : gnome-autoar (openSUSE-2021-390)
This update for gnome-autoar fixes the following issues : - CVE-2020-36241: Skip problematic files that might be extracted outside of the destination dir to prevent potential directory traversal bsc1181930. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network...
OPENSUSE-SU-2021:0390-1 Security update for gnome-autoar
This update for gnome-autoar fixes the following issues: - CVE-2020-36241: Skip problematic files that might be extracted outside of the destination dir to prevent potential directory traversal bsc1181930. This update was imported from the SUSE:SLE-15:Update update project...
Security update for gnome-autoar (moderate)
openSUSE Security Update: Security update for gnome-autoar Announcement ID: openSUSE-SU-2021:0390-1 Rating: moderate References: 1181930 Cross-References: CVE-2020-36241 CVSS scores: CVE-2020-36241 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2020-36241 SUSE: 3.9...
Updated gnome-autoar packages fix security vulnerability
Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution CVE-2020-36241...
SUSE SLED15 / SLES15 Security Update : gnome-autoar (SUSE-SU-2021:0687-1)
This update for gnome-autoar fixes the following issues : CVE-2020-36241: Skip problematic files that might be extracted outside of the destination dir to prevent potential directory traversal bsc1181930. Note that Tenable Network Security has extracted the preceding description block directly fr...