Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

openSUSE Leap 15.x: 2020:2262-1 Moderate Audacity Security Issue

opensuse
Calendar Grey December 15, 2020
Dist Opensuse Esm H88
Delve into the latest openSUSE security patch for Audacity, designed to rectify file access vulnerabilities while enhancing overall system protection.
An update that fixes one vulnerability is now available

Description

This update for audacity fixes the following issues:

- CVE-2020-11867: Avoid saving temporary files to /var/tmp/audacity-$USER

by default, which permissions are set to 755. (bsc#1179449)

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-2261=1

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-2261=1

- openSUSE Backports SLE-15-SP2:

zypper in -t patch openSUSE-2020-2261=1

- openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2020-2261=1

Package List

- openSUSE Leap 15.2 (noarch):

audacity-lang-2.2.2-lp152.4.3.1

- openSUSE Leap 15.2 (x86_64):

audacity-2.2.2-lp152.4.3.1

audacity-debuginfo-2.2.2-lp152.4.3.1

audacity-debugsource-2.2.2-lp152.4.3.1

- openSUSE Leap 15.1 (noarch):

audacity-lang-2.2.2-lp151.3.3.1

- openSUSE Leap 15.1 (x86_64):

audacity-2.2.2-lp151.3.3.1

audacity-debuginfo-2.2.2-lp151.3.3.1

audacity-debugsource-2.2.2-lp151.3.3.1

- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):

audacity-2.2.2-bp152.4.3.1

audacity-debuginfo-2.2.2-bp152.4.3.1

audacity-debugsource-2.2.2-bp152.4.3.1

- openSUSE Backports SLE-15-SP2 (noarch):

audacity-lang-2.2.2-bp152.4.3.1

- openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):

audacity-2.2.2-bp151.4.3.1

- openSUSE Backports SLE-15-SP1 (noarch):

audacity-lang-2.2.2-bp151.4.3.1

References

https://www.suse.com/security/cve/CVE-2020-11867.html

https://bugzilla.suse.com/1179449

openSUSE Security Announce mailing list -- security-announce@lists.opensuse.org

To unsubscribe, email security-announce-leave@lists.opensuse.org

List Netiquette:

List Archives:

Announcement ID: openSUSE-SU-2020:2261-1
Rating: moderate
Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here