SuseOPENSUSE-SU-2019:2628-1Security update for calamares (moderate)
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for calamares fixes the following issues:
- Launch with βpkexec calamaresβ in openSUSE Tumbleweed, but launch with
βxdg-su -c calamaresβ in openSUSE Leap 15.
Update to Calamares 3.2.15:
- βdisplaymanagerβ module now treats βsysconfigβ as a regular entry in the
βdisplaymanagersβ list, and the βsysconfigSetupβ key is used as a
shorthand to force only that entry in the list. - βmachineidβ module has been re-written in C++ and extended with a new
configuration key to generate urandom pool data. - βunpackfsβ now supports a special βsourcefsβ value of file for copying
single files (optionally with renaming) or directory trees to the target
system. - βunpackfsβ now support an βexcludeβ and βexcludeFileβ setting for
excluding particular files or patters from unpacking.
Update to Calamares 3.2.14:
- βlocaleβ module no longer recognizes the legacy GeoIP configuration.
This has been deprecated since Calamares 3.2.8 and is now removed. - βpackagechooserβ module can now be custom-labeled in the overall
progress (left-hand column). - βdisplaymanagerβ module now recognizes KDE Plasma 5.17.
- βdisplaymanagerβ module now can handle Wayland sessions and can detect
sessions from their .desktop files. - βunpackfsβ now has special handling for sourcefs setting βfileβ.
Update to Calamares 3.2.13.
More about upstream changes:
https://calamares.io/calamares-3.2.13-is-out/ and
https://calamares.io/calamares-3.2.12-is-out/
Update to Calamares 3.2.11:
- Fix race condition in modules/luksbootkeyfile/main.py (boo#1140256,
CVE-2019-13178) - more about upstream changes in 3.2 versions can be found in
https://calamares.io/ and https://github.com/calamares/calamares/releases
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or βzypper patchβ.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2019-2628=1
-
openSUSE Leap 15.0:
zypper in -t patch openSUSE-2019-2628=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.1 | x86_64 | <Β - openSUSE Leap 15.1 (x86_64): | - openSUSE Leap 15.1 (x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.1 | noarch | <Β - openSUSE Leap 15.1 (noarch): | - openSUSE Leap 15.1 (noarch):.noarch.rpm | |
| openSUSE Leap | 15.0 | x86_64 | <Β - openSUSE Leap 15.0 (x86_64): | - openSUSE Leap 15.0 (x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.0 | noarch | <Β - openSUSE Leap 15.0 (noarch): | - openSUSE Leap 15.0 (noarch):.noarch.rpm |
Related
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P