Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE: 2020:1528-1 Moderate: osc Network Path Validation Fix

suse
Calendar Grey June 3, 2020
Dist Suse Esm H88
SUSE Security Patch for osc; addresses a moderate vulnerability stemming from inadequate verification of paths managed via network.
An update that fixes one vulnerability is now available

Summary

This update for osc fixes the following issues: Security issue fixed: - CVE-2019-3681: Fixed an insufficient validation of network-controlled filesystem paths (bsc#1122675). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1528=1 - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1528=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch): osc-0.162.1-15.9.1 - SUSE Linux Enterprise Software Development Kit 12-SP4 (noarch): osc-0.162.1-15.9.1

References

#1122675

Cross- CVE-2019-3681

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Software Development Kit 12-SP4

https://www.suse.com/security/cve/CVE-2019-3681.html

https://bugzilla.suse.com/1122675

Announcement ID: SUSE-SU-2020:1528-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here