Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE 11 SP3: SUSE-SU-2014:0847-1 Important Rights Assignment Fix

suse
Calendar Grey June 26, 2014
Dist Suse Esm H88
Critical SUSE Security Patch for novell-qtgui and novell-ui-core addresses incorrect permissions settings. Update immediately.
An update that fixes one vulnerability is now available

Summary

Packages novell-ui-base and novell-qtgui were updated to prevent erroneous rights assignment when a user is granted 'File Scan' rights (F). In this case nwrights was assigning Supervisor (S) rights. (CVE-2014-0595) Further information is available at https://login.microfocus.com/nidp/app/login?sid=0 . Security Issue reference: * CVE-2014-0595 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-novell-ui-201405-9276 To bring your system up-to-date, use "zypper patch". Package List:

Topics%20covered

Topics Covered

security advisory update patch important SUSE Linux Enterprise Desktop rights issue novell-ui

References

#872796

Cross- CVE-2014-0595

Affected Products:

SUSE Linux Enterprise Desktop 11 SP3

https://www.suse.com/security/cve/CVE-2014-0595.html

https://login.microfocus.com/nidp/app/login?sid=0

https://scc.suse.com:443/patches/

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2014:0847-1
Rating: important

Topics%20covered

Topics Covered

security advisory update patch important SUSE Linux Enterprise Desktop rights issue novell-ui

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here