Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

openSUSE: 2020:2732-1 Important: Calamares Security Patch

opensuse
Calendar Grey December 9, 2019
Dist Opensuse Esm H88
This enhancement introduces a crucial patch for Calamares in the openSUSE environment, reinforcing both the integrity and security measures of the system.
An update that solves one vulnerability and has one errata is now available.

Description

This update for calamares fixes the following issues:

- Launch with "pkexec calamares" in openSUSE Tumbleweed, but launch with

"xdg-su -c calamares" in openSUSE Leap 15.

Update to Calamares 3.2.15:

- "displaymanager" module now treats "sysconfig" as a regular entry in the

"displaymanagers" list, and the "sysconfigSetup" key is used as a

shorthand to force only that entry in the list.

- "machineid" module has been re-written in C++ and extended with a new

configuration key to generate urandom pool data.

- "unpackfs" now supports a special "sourcefs" value of file for copying

single files (optionally with renaming) or directory trees to the target

system.

- "unpackfs" now support an "exclude" and "excludeFile" setting for

excluding particular files or patters from unpacking.

Update to Calamares 3.2.14:

- "locale" module no longer recognizes the legacy GeoIP configuration.

This has been deprecated since Calamares...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate software update openSUSE calamares

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2019-2655=1

Package List

- openSUSE Backports SLE-15-SP1 (aarch64 x86_64):

calamares-3.2.15-bp151.4.3.1

calamares-webview-3.2.15-bp151.4.3.1

- openSUSE Backports SLE-15-SP1 (noarch):

calamares-branding-upstream-3.2.15-bp151.4.3.1

References

https://www.suse.com/security/cve/CVE-2019-13178.html

https://bugzilla.suse.com/1140256

https://bugzilla.suse.com/1152377

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2019:2655-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP1 le.

Topics%20covered

Topics Covered

security advisory moderate software update openSUSE calamares

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here