ALT-BU-2019-3694-1
Branch sisyphus update bulletin.
Package gnome-shell updated to version 3.32.2-alt1 for branch sisyphus in task 231133.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2021-20315
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allows a physical attacker who has access to a locked system to kill existing applications and start new ones as the locked user, even if the session is still locked.
Closed bugs
Некорректно отображается пункт программы в меню xfce: комментарий на английском
Package bubblewrap updated to version 0.3.3-alt1 for branch sisyphus in task 231168.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2019-12439
bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR), a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code.
- openSUSE-SU-2019:1535
- openSUSE-SU-2019:1535
- openSUSE-SU-2019:1721
- openSUSE-SU-2019:1721
- RHSA-2019:1833
- RHSA-2019:1833
- https://bugzilla.redhat.com/show_bug.cgi?id=1695963
- https://bugzilla.redhat.com/show_bug.cgi?id=1695963
- https://github.com/projectatomic/bubblewrap/commit/efc89e3b939b4bde42c10f065f6b7b02958ed50e
- https://github.com/projectatomic/bubblewrap/commit/efc89e3b939b4bde42c10f065f6b7b02958ed50e
- https://github.com/projectatomic/bubblewrap/issues/304
- https://github.com/projectatomic/bubblewrap/issues/304
- https://github.com/projectatomic/bubblewrap/releases/tag/v0.3.3
- https://github.com/projectatomic/bubblewrap/releases/tag/v0.3.3
- GLSA-202006-18
- GLSA-202006-18