SUSE-SU-2019:1122-1 -- SLES hostinfo, supportutilsID: oval:org.secpod.oval:def:89043782 | Date: (C)2021-03-05 (M)2021-06-02 |
Class: PATCH | Family: unix |
This update for hostinfo, supportutils fixes the following issues: Security issues fixed for supportutils: - CVE-2018-19640: Fixed an issue where users could kill arbitrary processes . - CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files . - CVE-2018-19639: Fixed a code execution if run with -v . - CVE-2018-19637: Fixed an issue where static temporary filename could allow overwriting of files . - CVE-2018-19636: Fixed a local root exploit via inclusion of attacker controlled shell script . Other issues fixed for supportutils: - Fixed invalid exit code commands - SUSE separation in supportconfig - Clarified supportconfig -x option - supportconfig: 3.0.127 - btrfs filesystem usage - List products.d - Dump lsof errors - Added ha commands for corosync - Dumped find errors in ib_info Issues fixed in hostinfo: - Removed extra kernel install dates - Resolved network bond issue
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP4 |
Product: |
hostinfo |
supportutils |