Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

SUSE: 2011:1324-1 Critical: Shell Injection And XSS Issues In Studio

suse
Calendar Grey December 15, 2011
Dist Suse Esm H88
Important SUSE Security Patch for Studio Onsite 1.2 and kiwi resolves critical vulnerabilities. Ensure your system is updated immediately.
An update that solves 6 vulnerabilities and has 9 fixes is An update that solves 6 vulnerabilities and has 9 fixes is An update that solves 6 vulnerabilities and has 9 fixes is now...

Summary

   SUSE Security Update: Security update for SUSE Studio Onsite 1.2 and kiwi
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:1324-1
Rating:             critical
References:         #705694 #707637 #709572 #710392 #710403 #714755 
                    #716992 #725445 #725466 #725706 #728934 #729204 
                    #729273 #729315 #729675 
Cross-References:   CVE-2011-2225 CVE-2011-2226 CVE-2011-3180
                    CVE-2011-4192 CVE-2011-4193 CVE-2011-4195
                   
Affected Products:
                    SUSE Studio Onsite 1.2
                    SUSE Studio Extension for System z 1.2
______________________________________________________________________________

   An update that solves 6 vulnerabilities and has 9 fixes is
   now available. It includes two new package versions.

Description:


   Fix for several vulnerabilities in SUSE Studio Onsite 1.2
   and kiwi:

   * CVE-2011-2225: The path of overlay files was not
   escaped which allowed shell meta character injection.
   * CVE-2011-2226: By using an untrusted software
   repository a user becomes vulnerable to a XSS attack when
   displaying pattern files (clicking "All patterns" in the
   software tab).
   * CVE-2011-3180: The path of overlay files was not
   escaped which allowed shell meta character injection via
   the chown(1) command-line. (kiwi)
   * CVE-2011-4195: The image name was not escaped
   properly and can be used in conjunction with other
   applications to execute arbitrary shell commands. (kiwi)
   * CVE-2011-4193: XSS vulnerability in "overlay files"
   tab can be used to execute arbitrary JavaScript code while
   cloning an appliance from an untrusted source.
   * CVE-2011-4192: Arbitrary shell command injection in
   conjunction with Studio by using double quotes in
   kiwi_oemtitle of .profile. (kiwi)

   In addition, the following non-security fixes were added:

   * Added SLE SDK repos to SLES-for-VMware templates
   * do not overwrite rmds.conf

   Security Issue references:

   * CVE-2011-2225
   
   * CVE-2011-2226
   
   * CVE-2011-3180
   
   * CVE-2011-4195
   
   * CVE-2011-4193
   
   * CVE-2011-4192
   

Indications:

   Please update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Studio Onsite 1.2:

      zypper in -t patch slestso12-susestudio-201112-5535

   - SUSE Studio Extension for System z 1.2:

      zypper in -t patch slestso12-susestudio-201112-5535

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Studio Onsite 1.2 (x86_64) [New Version: 1.2.1 and 4.85.1]:

      kiwi4-4.85.1-0.22.9
      kiwi4-desc-isoboot-4.85.1-0.22.9
      kiwi4-desc-netboot-4.85.1-0.22.9
      kiwi4-desc-oemboot-4.85.1-0.22.9
      kiwi4-desc-vmxboot-4.85.1-0.22.9
      kiwi4-doc-4.85.1-0.22.9
      kiwi4-tools-4.85.1-0.22.9
      susestudio-1.2.1-0.26.1
      susestudio-clicfs-1.2.1-0.26.1
      susestudio-common-1.2.1-0.26.1
      susestudio-image-helpers-1.2.1-0.3.3
      susestudio-parted-1.2.1-0.26.1
      susestudio-rmds-1.2.1-0.26.1
      susestudio-runner-1.2.1-0.26.1
      susestudio-squashfs-1.2.1-0.26.1
      susestudio-thoth-1.2.1-0.26.1
      susestudio-ui-server-1.2.1-0.26.1

   - SUSE Studio Extension for System z 1.2 (s390x) [New Version: 1.2.1 and 4.85.1]:

      kiwi4-4.85.1-0.22.9
      kiwi4-desc-oemboot-4.85.1-0.22.9
      kiwi4-desc-vmxboot-4.85.1-0.22.9
      kiwi4-tools-4.85.1-0.22.9
      susestudio-1.2.1-0.26.1
      susestudio-common-1.2.1-0.26.1
      susestudio-image-helpers-1.2.1-0.3.3
      susestudio-runner-1.2.1-0.26.1
      susestudio-ui-server-1.2.1-0.26.1


References:

   https://www.suse.com/security/cve/CVE-2011-2225.html
   https://www.suse.com/security/cve/CVE-2011-2226.html
   https://www.suse.com/security/cve/CVE-2011-3180.html
   https://www.suse.com/security/cve/CVE-2011-4192.html
   https://www.suse.com/security/cve/CVE-2011-4193.html
   https://www.suse.com/security/cve/CVE-2011-4195.html
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0
   https://login.microfocus.com/nidp/app/login?sid=0

Topics%20covered

Topics Covered

security advisory critical issue software update XSS shell injection SUSE Studio

References

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical issue software update XSS shell injection SUSE Studio

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here