Download
| Alert*
oval:org.secpod.oval:def:89000035
permissions is installed oval:org.secpod.oval:def:89003197 This update for permissions fixes the following issues: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary . - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links . - Fix ... oval:org.secpod.oval:def:89003396 This update for permissions fixes the following issues: - CVE-2019-3690: Fixed a privilege escalation through untrusted symlinks . oval:org.secpod.oval:def:89003039 This update for permissions fixes the following issues: Security issues fixed: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary . - CVE-2019-3690: Fixed a privilege escalation through untrusted ... oval:org.secpod.oval:def:89044210 This update for permissions fixes the following issues: - Update to version 20170707: * make btmp root:utmp oval:org.secpod.oval:def:89045102 This update for permissions fixes the following issues: - Fork package for 12-SP5 - make btmp root:utmp - pcp: remove no longer needed / conflicting entries . Fixes a potential security issue. - do not follow symlinks that are the final path element - fix handling of relative directory symlinks i ... oval:org.secpod.oval:def:89047722 This update for permissions fixes the following issues: * apptainer: fix starter-suid location * static permissions: remove deprecated bind / named chroot entries * postfix: add postlog setgid for maildrop binary oval:org.secpod.oval:def:89047412 This update for permissions fixes the following issues: - Update to version 20181225: setuid bit for cockpit session binary . oval:org.secpod.oval:def:89047298 This update for permissions fixes the following issues: - etc/permissions: remove unnecessary entries oval:org.secpod.oval:def:89047241 This update for permissions fixes the following issues: - Update to version 20181225: * drop ping capabilities in favor of ICMP_PROTO sockets oval:org.secpod.oval:def:3300980 SUSE Security Update: Security update for permissions oval:org.secpod.oval:def:89047419 This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths . oval:org.secpod.oval:def:3301046 SUSE Security Update: Security update for permissions oval:org.secpod.oval:def:89047037 This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths . - Add capability for prometheus-blackbox_exporter . - Make btmp root:utmp . oval:org.secpod.oval:def:89047662 This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths . oval:org.secpod.oval:def:3300436 SUSE Security Update: Security update for permissions oval:org.secpod.oval:def:89050332 This update for permissions fixes the following issues: Security issues fixed: - CVE-2019-3687: Fixed a privilege escalation which could allow a local user to read network traffic if wireshark is installed - CVE-2020-8013: Fixed an issue where chkstat set unintended setuid/capabilities for mrsh and ... oval:org.secpod.oval:def:89000196 This update for permissions fixes the following issues: Security issue fixed: - CVE-2020-8013: Fixed a local privilege escalation with mrsh and wodim . Non-security issues fixed: - Fixed regression where chkstat breaks without /proc available - Fixed capability handling when doing multiple permissi ... oval:org.secpod.oval:def:89050240 This update for permissions fixes the following issues: - Fixed spelling of icinga group oval:org.secpod.oval:def:89050470 This update for permissions fixes the following issues: - Removed conflicting entries which might expose pcp to security issues oval:org.secpod.oval:def:89050450 This update for permissions fixes the following issues: - whitelist WMP oval:org.secpod.oval:def:89050927 This update for permissions fixes the following issues: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary . - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links . - Fix ... |