openSUSE: 2019:2654-1 Moderate Security Fix for Calamares Update
opensuse
December 9, 2019
An update that solves one vulnerability and has one errata is now available.
Description
This update for calamares fixes the following issues:
- Launch with "pkexec calamares" in openSUSE Tumbleweed, but launch with
"xdg-su -c calamares" in openSUSE Leap 15.
Update to Calamares 3.2.15:
- "displaymanager" module now treats "sysconfig" as a regular entry in the
"displaymanagers" list, and the "sysconfigSetup" key is used as a
shorthand to force only that entry in the list.
- "machineid" module has been re-written in C++ and extended with a new
configuration key to generate urandom pool data.
- "unpackfs" now supports a special "sourcefs" value of file for copying
single files (optionally with renaming) or directory trees to the target
system.
- "unpackfs" now support an "exclude" and "excludeFile" setting for
excluding particular files or patters from unpacking.
Update to Calamares 3.2.14:
- "locale" module no longer recognizes the legacy GeoIP configuration.
This has been deprecated since Calamares...
Read the Full Advisory
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15:
zypper in -t patch openSUSE-2019-2654=1
Package List
- openSUSE Backports SLE-15 (noarch):
calamares-branding-upstream-3.2.15-bp150.2.6.1
- openSUSE Backports SLE-15 (x86_64):
calamares-3.2.15-bp150.2.6.1
calamares-webview-3.2.15-bp150.2.6.1
References
https://www.suse.com/security/cve/CVE-2019-13178.html
https://bugzilla.suse.com/1140256
https://bugzilla.suse.com/1152377
--
PREVIOUS 
NEXT Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!