Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
98
security advisoryRed Hatbug fixRed Hat 7: RHSA-2020:3978-01 Moderate: glib2 and ibus Access Issues
An update for glib2 and ibus is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: glib2 and ibus security and bug fix update Advisory ID: RHSA-2020:3978-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3978 Issue date: 2020-09-29 CVE Names: CVE-2019-12450 CVE-2019-14822 ==================================================================== 1. Summary: An update for glib2 and ibus is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The Intelligent Input Bus (IBus) is an input method frameworkfor multilingual input in Unix-like operating systems. Security Fix(es): * glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress (CVE-2019-12450) * ibus: missing authorization allows local attacker to access the input bus of another user (CVE-2019-14822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1717958 - CVE-2019-14822 ibus: missing authorization allows local attacker to access the input bus of another user 1719141 - CVE-2019-12450 glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress 1777221 - IBUS input methods don't work in QT5-based applications 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: glib2-2.56.1-7.el7.src.rpm ibus-1.5.17-11.el7.src.rpm noarch: ibus-setup-1.5.17-11.el7.noarch.rpm x86_64: glib2-2.56.1-7.el7.i686.rpm glib2-2.56.1-7.el7.x86_64.rpm glib2-debuginfo-2.56.1-7.el7.i686.rpm glib2-debuginfo-2.56.1-7.el7.x86_64.rpm ibus-1.5.17-11.el7.i686.rpm ibus-1.5.17-11.el7.x86_64.rpm ibus-debuginfo-1.5.17-11.el7.i686.rpm ibus-debuginfo-1.5.17-11.el7.x86_64.rpm ibus-gtk2-1.5.17-11.el7.i686.rpm ibus-gtk2-1.5.17-11.el7.x86_64.rpm ibus-gtk3-1.5.17-11.el7.i686.rpm ibus-gtk3-1.5.17-11.el7.x86_64.rpm ibus-libs-1.5.17-11.el7.i686.rpm ibus-libs-1.5.17-11.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v.7): noarch: glib2-doc-2.56.1-7.el7.noarch.rpm ibus-devel-docs-1.5.17-11.el7.noarch.rpm ibus-pygtk2-1.5.17-11.el7.noarch.rpm x86_64: glib2-debuginfo-2.56.1-7.el7.i686.rpm glib2-debuginfo-2.56.1-7.el7.x86_64.rpm glib2-devel-2.56.1-7.el7.i686.rpm glib2-devel-2.56.1-7.el7.x86_64.rpm glib2-fam-2.56.1-7.el7.x86_64.rpm glib2-static-2.56.1-7.el7.i686.rpm glib2-static-2.56.1-7.el7.x86_64.rpm glib2-tests-2.56.1-7.el7.x86_64.rpm ibus-debuginfo-1.5.17-11.el7.i686.rpm ibus-debuginfo-1.5.17-11.el7.x86_64.rpm ibus-devel-1.5.17-11.el7.i686.rpm ibus-devel-1.5.17-11.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: glib2-2.56.1-7.el7.src.rpm x86_64: glib2-2.56.1-7.el7.i686.rpm glib2-2.56.1-7.el7.x86_64.rpm glib2-debuginfo-2.56.1-7.el7.i686.rpm glib2-debuginfo-2.56.1-7.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: ibus-1.5.17-11.el7.src.rpm noarch: glib2-doc-2.56.1-7.el7.noarch.rpm ibus-devel-docs-1.5.17-11.el7.noarch.rpm ibus-pygtk2-1.5.17-11.el7.noarch.rpm ibus-setup-1.5.17-11.el7.noarch.rpm x86_64: glib2-debuginfo-2.56.1-7.el7.i686.rpm glib2-debuginfo-2.56.1-7.el7.x86_64.rpm glib2-devel-2.56.1-7.el7.i686.rpm glib2-devel-2.56.1-7.el7.x86_64.rpm glib2-fam-2.56.1-7.el7.x86_64.rpm glib2-static-2.56.1-7.el7.i686.rpm glib2-static-2.56.1-7.el7.x86_64.rpm glib2-tests-2.56.1-7.el7.x86_64.rpm ibus-1.5.17-11.el7.i686.rpm ibus-1.5.17-11.el7.x86_64.rpm ibus-debuginfo-1.5.17-11.el7.i686.rpm ibus-debuginfo-1.5.17-11.el7.x86_64.rpm ibus-devel-1.5.17-11.el7.i686.rpm ibus-devel-1.5.17-11.el7.x86_64.rpm ibus-gtk2-1.5.17-11.el7.i686.rpm ibus-gtk2-1.5.17-11.el7.x86_64.rpm ibus-gtk3-1.5.17-11.el7.i686.rpm ibus-gtk3-1.5.17-11.el7.x86_64.rpm ibus-libs-1.5.17-11.el7.i686.rpm ibus-libs-1.5.17-11.el7.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: glib2-2.56.1-7.el7.src.rpm ibus-1.5.17-11.el7.src.rpm noarch: ibus-setup-1.5.17-11.el7.noarch.rpm ppc64: glib2-2.56.1-7.el7.ppc.rpm glib2-2.56.1-7.el7.ppc64.rpm glib2-debuginfo-2.56.1-7.el7.ppc.rpm glib2-debuginfo-2.56.1-7.el7.ppc64.rpm glib2-devel-2.56.1-7.el7.ppc.rpm glib2-devel-2.56.1-7.el7.ppc64.rpm ibus-1.5.17-11.el7.ppc.rpm ibus-1.5.17-11.el7.ppc64.rpm ibus-debuginfo-1.5.17-11.el7.ppc.rpm ibus-debuginfo-1.5.17-11.el7.ppc64.rpm ibus-gtk2-1.5.17-11.el7.ppc.rpm ibus-gtk2-1.5.17-11.el7.ppc64.rpm ibus-gtk3-1.5.17-11.el7.ppc.rpm ibus-gtk3-1.5.17-11.el7.ppc64.rpm ibus-libs-1.5.17-11.el7.ppc.rpm ibus-libs-1.5.17-11.el7.ppc64.rpm ppc64le: glib2-2.56.1-7.el7.ppc64le.rpm glib2-debuginfo-2.56.1-7.el7.ppc64le.rpm glib2-devel-2.56.1-7.el7.ppc64le.rpm ibus-1.5.17-11.el7.ppc64le.rpm ibus-debuginfo-1.5.17-11.el7.ppc64le.rpm ibus-gtk2-1.5.17-11.el7.ppc64le.rpm ibus-gtk3-1.5.17-11.el7.ppc64le.rpm ibus-libs-1.5.17-11.el7.ppc64le.rpm s390x: glib2-2.56.1-7.el7.s390.rpm glib2-2.56.1-7.el7.s390x.rpm glib2-debuginfo-2.56.1-7.el7.s390.rpm glib2-debuginfo-2.56.1-7.el7.s390x.rpm glib2-devel-2.56.1-7.el7.s390.rpm glib2-devel-2.56.1-7.el7.s390x.rpm ibus-1.5.17-11.el7.s390.rpm ibus-1.5.17-11.el7.s390x.rpm ibus-debuginfo-1.5.17-11.el7.s390.rpm ibus-debuginfo-1.5.17-11.el7.s390x.rpm ibus-gtk2-1.5.17-11.el7.s390.rpm ibus-gtk2-1.5.17-11.el7.s390x.rpm ibus-gtk3-1.5.17-11.el7.s390.rpm ibus-gtk3-1.5.17-11.el7.s390x.rpm ibus-libs-1.5.17-11.el7.s390.rpm ibus-libs-1.5.17-11.el7.s390x.rpm x86_64: glib2-2.56.1-7.el7.i686.rpm glib2-2.56.1-7.el7.x86_64.rpm glib2-debuginfo-2.56.1-7.el7.i686.rpm glib2-debuginfo-2.56.1-7.el7.x86_64.rpm glib2-devel-2.56.1-7.el7.i686.rpm glib2-devel-2.56.1-7.el7.x86_64.rpm ibus-1.5.17-11.el7.i686.rpm ibus-1.5.17-11.el7.x86_64.rpm ibus-debuginfo-1.5.17-11.el7.i686.rpm ibus-debuginfo-1.5.17-11.el7.x86_64.rpm ibus-gtk2-1.5.17-11.el7.i686.rpm ibus-gtk2-1.5.17-11.el7.x86_64.rpm ibus-gtk3-1.5.17-11.el7.i686.rpm ibus-gtk3-1.5.17-11.el7.x86_64.rpm ibus-libs-1.5.17-11.el7.i686.rpm ibus-libs-1.5.17-11.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: glib2-doc-2.56.1-7.el7.noarch.rpm ibus-devel-docs-1.5.17-11.el7.noarch.rpm ibus-pygtk2-1.5.17-11.el7.noarch.rpm ppc64: glib2-debuginfo-2.56.1-7.el7.ppc.rpm glib2-debuginfo-2.56.1-7.el7.ppc64.rpm glib2-fam-2.56.1-7.el7.ppc64.rpm glib2-static-2.56.1-7.el7.ppc.rpm glib2-static-2.56.1-7.el7.ppc64.rpm glib2-tests-2.56.1-7.el7.ppc64.rpm ibus-debuginfo-1.5.17-11.el7.ppc.rpm ibus-debuginfo-1.5.17-11.el7.ppc64.rpm ibus-devel-1.5.17-11.el7.ppc.rpm ibus-devel-1.5.17-11.el7.ppc64.rpm ppc64le: glib2-debuginfo-2.56.1-7.el7.ppc64le.rpm glib2-fam-2.56.1-7.el7.ppc64le.rpm glib2-static-2.56.1-7.el7.ppc64le.rpm glib2-tests-2.56.1-7.el7.ppc64le.rpm ibus-debuginfo-1.5.17-11.el7.ppc64le.rpm ibus-devel-1.5.17-11.el7.ppc64le.rpm s390x: glib2-debuginfo-2.56.1-7.el7.s390.rpm glib2-debuginfo-2.56.1-7.el7.s390x.rpm glib2-fam-2.56.1-7.el7.s390x.rpm glib2-static-2.56.1-7.el7.s390.rpm glib2-static-2.56.1-7.el7.s390x.rpm glib2-tests-2.56.1-7.el7.s390x.rpm ibus-debuginfo-1.5.17-11.el7.s390.rpm ibus-debuginfo-1.5.17-11.el7.s390x.rpm ibus-devel-1.5.17-11.el7.s390.rpm ibus-devel-1.5.17-11.el7.s390x.rpm x86_64: glib2-debuginfo-2.56.1-7.el7.i686.rpm glib2-debuginfo-2.56.1-7.el7.x86_64.rpm glib2-fam-2.56.1-7.el7.x86_64.rpm glib2-static-2.56.1-7.el7.i686.rpm glib2-static-2.56.1-7.el7.x86_64.rpm glib2-tests-2.56.1-7.el7.x86_64.rpm ibus-debuginfo-1.5.17-11.el7.i686.rpm ibus-debuginfo-1.5.17-11.el7.x86_64.rpm ibus-devel-1.5.17-11.el7.i686.rpm ibus-devel-1.5.17-11.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v.7): Source: glib2-2.56.1-7.el7.src.rpm ibus-1.5.17-11.el7.src.rpm noarch: ibus-setup-1.5.17-11.el7.noarch.rpm x86_64: glib2-2.56.1-7.el7.i686.rpm glib2-2.56.1-7.el7.x86_64.rpm glib2-debuginfo-2.56.1-7.el7.i686.rpm glib2-debuginfo-2.56.1-7.el7.x86_64.rpm glib2-devel-2.56.1-7.el7.i686.rpm glib2-devel-2.56.1-7.el7.x86_64.rpm ibus-1.5.17-11.el7.i686.rpm ibus-1.5.17-11.el7.x86_64.rpm ibus-debuginfo-1.5.17-11.el7.i686.rpm ibus-debuginfo-1.5.17-11.el7.x86_64.rpm ibus-gtk2-1.5.17-11.el7.i686.rpm ibus-gtk2-1.5.17-11.el7.x86_64.rpm ibus-gtk3-1.5.17-11.el7.i686.rpm ibus-gtk3-1.5.17-11.el7.x86_64.rpm ibus-libs-1.5.17-11.el7.i686.rpm ibus-libs-1.5.17-11.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: glib2-doc-2.56.1-7.el7.noarch.rpm ibus-devel-docs-1.5.17-11.el7.noarch.rpm ibus-pygtk2-1.5.17-11.el7.noarch.rpm x86_64: glib2-debuginfo-2.56.1-7.el7.i686.rpm glib2-debuginfo-2.56.1-7.el7.x86_64.rpm glib2-fam-2.56.1-7.el7.x86_64.rpm glib2-static-2.56.1-7.el7.i686.rpm glib2-static-2.56.1-7.el7.x86_64.rpm glib2-tests-2.56.1-7.el7.x86_64.rpm ibus-debuginfo-1.5.17-11.el7.i686.rpm ibus-debuginfo-1.5.17-11.el7.x86_64.rpm ibus-devel-1.5.17-11.el7.i686.rpm ibus-devel-1.5.17-11.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-12450 https://access.redhat.com/security/cve/CVE-2019-14822 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBX3OjWtzjgjWX9erEAQiOZA/7BZzcl1v/sSYMlDoh+hjiiZVbG1zgsHap zvvLLCGXnLfcGz/juCvCGmm5726bfAK1cv84sOSfVtZSLsW2mFfUv+ldr4ROMizh O45gD1tJZrLkmMoGXNY/34gXBurEDvXqNyLcU0NYPZ8gfUS51nq0rM9X2j7uCJ0p 52J7wp/HuiWG14D6WPG8kFPuIN0Xqn50IK0xFh56X62lE/MCQlfmRPLByXETY256 UZp2VVEDsWVynZoSIwFQxtaHO7HeXAXzJAvaMhdhTFDKt+dxXroha1jT7QiaBqs6 /FJ8fTlUIZ8Cs7O8vzDly32lTOQFi1fcUQeKE75AhUoc5h/to3PBsrvTKnzu264j ePx8/QfplUgaelmHQ9aBc/8sgJdBUTIv16EBKLAnwMQDnxTgWXR9CrpUI+/u9Jt+ RQmpqaGC9cxJK2PEVkzB08LMIMznvcX/wa3JXVrg8fau5Z1Dkd8ybqRszY265K+P ajoMTV0fljUKwEu17SjA1ZwKAabxZ5llieoxDMJY3OMMMPs/PYaNSpfbS4XafPFF iOfhSFvLYORRLeS+/K59BuVid0Wo9YqoLN+PzJsDXrYebjb64simo518NfYvRiGw KeXBBXo5B4SkQulB9Z2nAaOIBZ2Odh5Q9cQjiNOagej/ZXHAoQO7AiVpm00KJc0t R5JpPMyDh90=/RCK -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 29, 2020
Red Hat
98
security advisorymoderateRed HatRed Hat 8: RHSA-2020:1880-01 Moderate: IBus Security Access Issue
An update for glib2 and ibus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: ibus and glib2 security and bug fix update Advisory ID: RHSA-2020:1880-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1880 Issue date: 2020-04-28 CVE Names: CVE-2019-14822 ==================================================================== 1. Summary: An update for glib2 and ibus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The Intelligent Input Bus (IBus) is an input method framework for multilingual input in Unix-like operating systems. Security Fix(es): * ibus: missing authorization allows local attacker to access the input bus of another user (CVE-2019-14822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to theCVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1717958 - CVE-2019-14822 ibus: missing authorization allows local attacker to access the input bus of another user 1777213 - IBUS input methods don't work in QT5-based applications 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: ibus-1.5.19-11.el8.src.rpm aarch64: ibus-1.5.19-11.el8.aarch64.rpm ibus-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-debugsource-1.5.19-11.el8.aarch64.rpm ibus-gtk2-1.5.19-11.el8.aarch64.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-gtk3-1.5.19-11.el8.aarch64.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-libs-1.5.19-11.el8.aarch64.rpm ibus-libs-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-tests-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-wayland-1.5.19-11.el8.aarch64.rpm ibus-wayland-debuginfo-1.5.19-11.el8.aarch64.rpm noarch: ibus-setup-1.5.19-11.el8.noarch.rpm ppc64le: ibus-1.5.19-11.el8.ppc64le.rpm ibus-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-debugsource-1.5.19-11.el8.ppc64le.rpm ibus-gtk2-1.5.19-11.el8.ppc64le.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-gtk3-1.5.19-11.el8.ppc64le.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-libs-1.5.19-11.el8.ppc64le.rpm ibus-libs-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-tests-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-wayland-1.5.19-11.el8.ppc64le.rpm ibus-wayland-debuginfo-1.5.19-11.el8.ppc64le.rpm s390x: ibus-1.5.19-11.el8.s390x.rpm ibus-debuginfo-1.5.19-11.el8.s390x.rpm ibus-debugsource-1.5.19-11.el8.s390x.rpm ibus-gtk2-1.5.19-11.el8.s390x.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.s390x.rpm ibus-gtk3-1.5.19-11.el8.s390x.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.s390x.rpm ibus-libs-1.5.19-11.el8.s390x.rpm ibus-libs-debuginfo-1.5.19-11.el8.s390x.rpm ibus-tests-debuginfo-1.5.19-11.el8.s390x.rpm ibus-wayland-1.5.19-11.el8.s390x.rpm ibus-wayland-debuginfo-1.5.19-11.el8.s390x.rpm x86_64: ibus-1.5.19-11.el8.x86_64.rpm ibus-debuginfo-1.5.19-11.el8.i686.rpm ibus-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-debugsource-1.5.19-11.el8.i686.rpm ibus-debugsource-1.5.19-11.el8.x86_64.rpm ibus-gtk2-1.5.19-11.el8.i686.rpm ibus-gtk2-1.5.19-11.el8.x86_64.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.i686.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-gtk3-1.5.19-11.el8.x86_64.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.i686.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-libs-1.5.19-11.el8.i686.rpm ibus-libs-1.5.19-11.el8.x86_64.rpm ibus-libs-debuginfo-1.5.19-11.el8.i686.rpm ibus-libs-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-tests-debuginfo-1.5.19-11.el8.i686.rpm ibus-tests-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-wayland-1.5.19-11.el8.x86_64.rpm ibus-wayland-debuginfo-1.5.19-11.el8.i686.rpm ibus-wayland-debuginfo-1.5.19-11.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v.8): Source: glib2-2.56.4-8.el8.src.rpm aarch64: glib2-2.56.4-8.el8.aarch64.rpm glib2-debuginfo-2.56.4-8.el8.aarch64.rpm glib2-debugsource-2.56.4-8.el8.aarch64.rpm glib2-devel-2.56.4-8.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-8.el8.aarch64.rpm glib2-fam-2.56.4-8.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-8.el8.aarch64.rpm glib2-tests-2.56.4-8.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-8.el8.aarch64.rpm ppc64le: glib2-2.56.4-8.el8.ppc64le.rpm glib2-debuginfo-2.56.4-8.el8.ppc64le.rpm glib2-debugsource-2.56.4-8.el8.ppc64le.rpm glib2-devel-2.56.4-8.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-8.el8.ppc64le.rpm glib2-fam-2.56.4-8.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-8.el8.ppc64le.rpm glib2-tests-2.56.4-8.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-8.el8.ppc64le.rpm s390x: glib2-2.56.4-8.el8.s390x.rpm glib2-debuginfo-2.56.4-8.el8.s390x.rpm glib2-debugsource-2.56.4-8.el8.s390x.rpm glib2-devel-2.56.4-8.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-8.el8.s390x.rpm glib2-fam-2.56.4-8.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-8.el8.s390x.rpm glib2-tests-2.56.4-8.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-8.el8.s390x.rpm x86_64: glib2-2.56.4-8.el8.i686.rpm glib2-2.56.4-8.el8.x86_64.rpm glib2-debuginfo-2.56.4-8.el8.i686.rpm glib2-debuginfo-2.56.4-8.el8.x86_64.rpm glib2-debugsource-2.56.4-8.el8.i686.rpm glib2-debugsource-2.56.4-8.el8.x86_64.rpm glib2-devel-2.56.4-8.el8.i686.rpm glib2-devel-2.56.4-8.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-8.el8.i686.rpm glib2-devel-debuginfo-2.56.4-8.el8.x86_64.rpm glib2-fam-2.56.4-8.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-8.el8.i686.rpm glib2-fam-debuginfo-2.56.4-8.el8.x86_64.rpm glib2-tests-2.56.4-8.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-8.el8.i686.rpm glib2-tests-debuginfo-2.56.4-8.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v.8): aarch64: glib2-debuginfo-2.56.4-8.el8.aarch64.rpm glib2-debugsource-2.56.4-8.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-8.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-8.el8.aarch64.rpm glib2-static-2.56.4-8.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-8.el8.aarch64.rpm ibus-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-debugsource-1.5.19-11.el8.aarch64.rpm ibus-devel-1.5.19-11.el8.aarch64.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-libs-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-tests-debuginfo-1.5.19-11.el8.aarch64.rpm ibus-wayland-debuginfo-1.5.19-11.el8.aarch64.rpm noarch: glib2-doc-2.56.4-8.el8.noarch.rpm ibus-devel-docs-1.5.19-11.el8.noarch.rpm ppc64le: glib2-debuginfo-2.56.4-8.el8.ppc64le.rpm glib2-debugsource-2.56.4-8.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-8.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-8.el8.ppc64le.rpm glib2-static-2.56.4-8.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-8.el8.ppc64le.rpm ibus-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-debugsource-1.5.19-11.el8.ppc64le.rpm ibus-devel-1.5.19-11.el8.ppc64le.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-libs-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-tests-debuginfo-1.5.19-11.el8.ppc64le.rpm ibus-wayland-debuginfo-1.5.19-11.el8.ppc64le.rpm s390x: glib2-debuginfo-2.56.4-8.el8.s390x.rpm glib2-debugsource-2.56.4-8.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-8.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-8.el8.s390x.rpm glib2-static-2.56.4-8.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-8.el8.s390x.rpm ibus-debuginfo-1.5.19-11.el8.s390x.rpm ibus-debugsource-1.5.19-11.el8.s390x.rpm ibus-devel-1.5.19-11.el8.s390x.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.s390x.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.s390x.rpm ibus-libs-debuginfo-1.5.19-11.el8.s390x.rpm ibus-tests-debuginfo-1.5.19-11.el8.s390x.rpm ibus-wayland-debuginfo-1.5.19-11.el8.s390x.rpm x86_64: glib2-debuginfo-2.56.4-8.el8.i686.rpm glib2-debuginfo-2.56.4-8.el8.x86_64.rpm glib2-debugsource-2.56.4-8.el8.i686.rpm glib2-debugsource-2.56.4-8.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-8.el8.i686.rpm glib2-devel-debuginfo-2.56.4-8.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-8.el8.i686.rpm glib2-fam-debuginfo-2.56.4-8.el8.x86_64.rpm glib2-static-2.56.4-8.el8.i686.rpm glib2-static-2.56.4-8.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-8.el8.i686.rpm glib2-tests-debuginfo-2.56.4-8.el8.x86_64.rpm ibus-debuginfo-1.5.19-11.el8.i686.rpm ibus-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-debugsource-1.5.19-11.el8.i686.rpm ibus-debugsource-1.5.19-11.el8.x86_64.rpm ibus-devel-1.5.19-11.el8.i686.rpm ibus-devel-1.5.19-11.el8.x86_64.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.i686.rpm ibus-gtk2-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.i686.rpm ibus-gtk3-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-libs-debuginfo-1.5.19-11.el8.i686.rpm ibus-libs-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-tests-debuginfo-1.5.19-11.el8.i686.rpm ibus-tests-debuginfo-1.5.19-11.el8.x86_64.rpm ibus-wayland-debuginfo-1.5.19-11.el8.i686.rpm ibus-wayland-debuginfo-1.5.19-11.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-14822 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXqhVm9zjgjWX9erEAQgShA/+Psfn09CwxvJcHA1/Xbax9OR/7xRxCVWR lj98Xr7kMz1U3TEefilxXlZVdewflNrUXr26FVBdfa/0veJXOlU9L7V2wQylZE59 YDYo+/Z4T//zaqZyTltGjpTwfj1RhI8OBX+IFzFKKHeWkjAh2mNzVDMUgogJj32X jNqwco5JWZtAaRKQLr0Gr1sFaXkLEYwRKr3OG8ZgVwMNG1Wkc4Tr/NlmwH95JSfE WpTs6L/PJH0BuWbW9yrx5tKJ7yY7qAyKqLHhfc4kdXcv6eKtdRjrC2Hcn6SAlHqe 4D//WR00HaiPfNUJbcNlk9bc7uQSrbL2ibXT4qA7MUeOdjF/mdem15PBVc6iTRWk BOjbypZwkFvWI36T3v40WKFqo9I4YNLg2lMMpkRutudyhRBrnzS5wxynD4mpa6CZ 2JnydBN+hLCjEPlri0LRgiJp7MLiBG5/jp1R8vAsiu0Vwef01sppGjza+Ml/QOxV 9xNaBlAFS0+dG5cdyu5ynjxHTdlD3o/Q7zvgIQ3JokE7tZ8aOuTzO+ZE0pjvtsZu E43Q2M7LpGyoEO3Xy8Ip3fTgKESOtB9q1UhM7bj50yFy1IvKnjgxM9PwRl+7S4lW tGaN5ccTWywh9DtWCfnq8fs42rjcDzy/gjMUfalWnOk1lOEtU/cStWcYeE6jO9A2 bj+2R+IfQs8=F7rK -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 28, 2020
Red Hat
172
security advisoryaccess controlDoSUbuntu 19.10: USN-4134-3 Critical: IBus Local User Key Capture
IBus could allow local users to capture key strokes of other locally logged in users.. =========================================================================Ubuntu Security Notice USN-4134-3 March 24, 2020 ibus vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: IBus could allow local users to capture key strokes of other locally logged in users. Software Description: - ibus: Intelligent Input Bus - core Details: USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2. The regression has since been resolved and so this update fixes the original vulnerability. We apologize for the inconvenience. Original advisory details: Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: ibus 1.5.21-1~exp2ubuntu2.1 Ubuntu 18.04 LTS: ibus 1.5.17-3ubuntu5.3 Ubuntu 16.04 LTS: ibus 1.5.11-1ubuntu2.4 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4134-3 https://ubuntu.com/security/notices/USN-4134-1 CVE-2019-14822 Package Information: https://launchpad.net/ubuntu/+source/ibus/1.5.17-3ubuntu5.3 https://launchpad.net/ubuntu/+source/ibus/1.5.11-1ubuntu2.4 . An IBus flaw permits local users to intercept the keystrokes of fellow users on Ubuntu platforms. Patches for remediation are now accessible.. Ubuntu IBus, Local Access Control,Keystroke Capture Success, Linux Security. . Severity: Critical. LinuxSecurity.com Team
Mar 24, 2020
•Critical
Ubuntu
202
security advisoryimportantlocal threatopenSUSE Leap 15.1: 2019:2199-1 Important: ibus Local User Threat
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for ibus ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2199-1 Rating: important References: #1150011 Cross-References: CVE-2019-14822 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ibus fixes the following issues: - CVE-2019-14822: Fixed misconfiguration of the DBus server allows to unprivileged user could monitor and send method calls to the ibus bus of another user (bsc#1150011). This update was imported from the SUSE:SLE-15-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2199=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): ibus-1.5.19-lp151.2.3.1 ibus-debuginfo-1.5.19-lp151.2.3.1 ibus-debugsource-1.5.19-lp151.2.3.1 ibus-devel-1.5.19-lp151.2.3.1 ibus-gtk-1.5.19-lp151.2.3.1 ibus-gtk-debuginfo-1.5.19-lp151.2.3.1 ibus-gtk3-1.5.19-lp151.2.3.1 ibus-gtk3-debuginfo-1.5.19-lp151.2.3.1 libibus-1_0-5-1.5.19-lp151.2.3.1 libibus-1_0-5-debuginfo-1.5.19-lp151.2.3.1 typelib-1_0-IBus-1_0-1.5.19-lp151.2.3.1 - openSUSE Leap 15.1 (x86_64): ibus-gtk-32bit-1.5.19-lp151.2.3.1 ibus-gtk-32bit-debuginfo-1.5.19-lp151.2.3.1 ibus-gtk3-32bit-1.5.19-lp151.2.3.1 ibus-gtk3-32bit-debuginfo-1.5.19-lp151.2.3.1 libibus-1_0-5-32bit-1.5.19-lp151.2.3.1 libibus-1_0-5-32bit-debuginfo-1.5.19-lp151.2.3.1 python-ibus-1.5.19-lp151.2.3.1 - openSUSE Leap 15.1(noarch): ibus-lang-1.5.19-lp151.2.3.1 References: https://www.suse.com/security/cve/CVE-2019-14822.html https://bugzilla.suse.com/1150011 -- . The latest openSUSE release includes a vital security update for ibus, targeting significant misconfiguration vulnerabilities to protect user systems from threats. openSUSE Security Update, ibus patch, local user threat. . Severity: Important. LinuxSecurity.com Team
Sep 26, 2019
•Important
OpenSUSE
202
security advisoryDoSimportantopenSUSE Leap 15.0: 2019:2174-1 Important: ibus DoS Risk
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for ibus ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2174-1 Rating: important References: #1150011 Cross-References: CVE-2019-14822 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ibus fixes the following issues: Security issue fixed: - CVE-2019-14822: Fixed a misconfiguration of the DBus server that allowed an unprivileged user to monitor and send method calls to the ibus bus of another user. (bsc#1150011) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2174=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): ibus-1.5.17-lp150.4.3.1 ibus-debuginfo-1.5.17-lp150.4.3.1 ibus-debugsource-1.5.17-lp150.4.3.1 ibus-devel-1.5.17-lp150.4.3.1 ibus-gtk-1.5.17-lp150.4.3.1 ibus-gtk-debuginfo-1.5.17-lp150.4.3.1 ibus-gtk3-1.5.17-lp150.4.3.1 ibus-gtk3-debuginfo-1.5.17-lp150.4.3.1 libibus-1_0-5-1.5.17-lp150.4.3.1 libibus-1_0-5-debuginfo-1.5.17-lp150.4.3.1 python-ibus-1.5.17-lp150.4.3.1 typelib-1_0-IBus-1_0-1.5.17-lp150.4.3.1 - openSUSE Leap 15.0 (noarch): ibus-branding-openSUSE-KDE-1.5.17-lp150.4.3.1 ibus-lang-1.5.17-lp150.4.3.1 - openSUSE Leap 15.0 (x86_64): ibus-gtk-32bit-1.5.17-lp150.4.3.1 ibus-gtk-32bit-debuginfo-1.5.17-lp150.4.3.1 ibus-gtk3-32bit-1.5.17-lp150.4.3.1 ibus-gtk3-32bit-debuginfo-1.5.17-lp150.4.3.1 libibus-1_0-5-32bit-1.5.17-lp150.4.3.1 libibus-1_0-5-32bit-debuginfo-1.5.17-lp150.4.3.1 python3-ibus-1.5.17-lp150.4.3.1 References: https://www.suse.com/security/cve/CVE-2019-14822.html https://bugzilla.suse.com/1150011 -- . A significant enhancement for NetworkManager in Fedora addressing a severe configuration flaw. Discover further details today.. openSUSE Security Update, ibus patch, important security fix. . Severity: Important. LinuxSecurity.com Team
Sep 24, 2019
•Important
OpenSUSE
203
security advisorycriticallocal attackMageia: 2019-0284 Critical: Ibus Local Attack and User Monitoring
It was discovered that any unprivileged user could monitor and send method calls to the ibus bus of another user, due to a misconfiguration during the setup of the DBus server. When ibus is in use, a local attacker, who discovers the UNIX socket used by another user connected on a graphical environment, could use this flaw to intercept all keystrokes of the victim user or modify . MGASA-2019-0284 - Updated ibus packages fix security vulnerability Publication date: 21 Sep 2019 URL: https://advisories.mageia.org/MGASA-2019-0284.html Type: security Affected Mageia releases: 6, 7 CVE: CVE-2019-14822 It was discovered that any unprivileged user could monitor and send method calls to the ibus bus of another user, due to a misconfiguration during the setup of the DBus server. When ibus is in use, a local attacker, who discoversthe UNIX socket used by another user connected on a graphical environment, could use this flaw to intercept all keystrokes of the victim user or modify input related configurations through DBus method calls (CVE-2019-14822). References: - https://bugs.mageia.org/show_bug.cgi?id=25434 - https://www.openwall.com/lists/oss-security/2019/09/13/1 - https://www.cve.org/CVERecord?id=CVE-2019-14822 SRPMS: - 7/core/ibus-1.5.20-1.1.mga7 - 6/core/ibus-1.5.16-3.1.mga6 . Mageia Security Update MGASA-2019-0285 addresses the critical vulnerability in the libxml library that could potentially allow arbitrary code execution by a malicious user.. Mageia Ibus Update, Security Advisory, DBus Misconfiguration, Unprivileged Users. . Severity: Critical. LinuxSecurity.com Team
Sep 21, 2019
•Critical
Mageia
100
security advisoryimportantibusSUSE: 2019:2427-1 Critical Fix for IBus DoS Vulnerability Released
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for ibus ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:2427-1 Rating: important References: #1150011 Cross-References: CVE-2019-14822 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 SUSE Linux Enterprise Module for Desktop Applications 15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ibus fixes the following issues: - CVE-2019-14822: Fixed misconfiguration of the DBus server allows to unprivileged user could monitor and send method calls to the ibus bus of another user (bsc#1150011). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2427=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP1: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP1-2019-2427=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64): python-ibus-1.5.19-8.3.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (x86_64): ibus-debugsource-1.5.19-8.3.1 ibus-gtk-32bit-1.5.19-8.3.1 ibus-gtk-32bit-debuginfo-1.5.19-8.3.1 ibus-gtk3-32bit-1.5.19-8.3.1 ibus-gtk3-32bit-debuginfo-1.5.19-8.3.1 libibus-1_0-5-32bit-1.5.19-8.3.1 libibus-1_0-5-32bit-debuginfo-1.5.19-8.3.1 - SUSE Linux Enterprise Module for DesktopApplications 15-SP1 (aarch64 ppc64le s390x x86_64): ibus-1.5.19-8.3.1 ibus-debuginfo-1.5.19-8.3.1 ibus-debugsource-1.5.19-8.3.1 ibus-devel-1.5.19-8.3.1 ibus-gtk-1.5.19-8.3.1 ibus-gtk-debuginfo-1.5.19-8.3.1 ibus-gtk3-1.5.19-8.3.1 ibus-gtk3-debuginfo-1.5.19-8.3.1 libibus-1_0-5-1.5.19-8.3.1 libibus-1_0-5-debuginfo-1.5.19-8.3.1 typelib-1_0-IBus-1_0-1.5.19-8.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (noarch): ibus-lang-1.5.19-8.3.1 References: https://www.suse.com/security/cve/CVE-2019-14822.html https://bugzilla.suse.com/1150011 _______________________________________________ sle-security-updates mailing list
Sep 20, 2019
•Important
SuSE
87
security advisorysecurity issuedebianDebian: DSA-4525-1 Moderate: ibus User Input Monitoring Flaw
Simon McVittie reported a flaw in ibus, the Intelligent Input Bus. Due to a misconfiguration during the setup of the DBus, any unprivileged user could monitor and send method calls to the ibus bus of another user, if able to discover the UNIX socket used by another user connected . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4525-1
Sep 18, 2019
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!