Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2008-4311 (GCVE-0-2008-4311)
Vulnerability from cvelistv5
Published
2008-12-10 00:00
Modified
2024-08-07 10:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T10:08:35.156Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=18229" }, { "name": "33047", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/33047" }, { "name": "openSUSE-SU-2012:1418", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html" }, { "name": "dbus-sendreceive-security-bypass(47138)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47138" }, { "name": "34642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34642" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474895" }, { "name": "ADV-2008-3355", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/3355" }, { "name": "SUSE-SR:2009:008", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html" }, { "name": "FEDORA-2008-10907", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html" }, { "name": "33055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/33055" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://forums.fedoraforum.org/showthread.php?t=206797" }, { "name": "34360", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34360" }, { "name": "[dbus] 20081205 [CVE-2008-4311] DBus 1.2.6", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.freedesktop.org/archives/dbus/2008-December/010702.html" }, { "name": "SUSE-SR:2009:009", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html" }, { "name": "32674", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/32674" }, { "name": "SUSE-SA:2009:013", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2008-12-05T00:00:00", "descriptions": [ { "lang": "en", "value": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-07T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=18229" }, { "name": "33047", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/33047" }, { "name": "openSUSE-SU-2012:1418", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html" }, { "name": "dbus-sendreceive-security-bypass(47138)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47138" }, { "name": "34642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34642" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474895" }, { "name": "ADV-2008-3355", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/3355" }, { "name": "SUSE-SR:2009:008", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html" }, { "name": "FEDORA-2008-10907", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html" }, { "name": "33055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/33055" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://forums.fedoraforum.org/showthread.php?t=206797" }, { "name": "34360", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34360" }, { "name": "[dbus] 20081205 [CVE-2008-4311] DBus 1.2.6", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.freedesktop.org/archives/dbus/2008-December/010702.html" }, { "name": "SUSE-SR:2009:009", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html" }, { "name": "32674", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/32674" }, { "name": "SUSE-SA:2009:013", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-4311", "datePublished": "2008-12-10T00:00:00", "dateReserved": "2008-09-29T00:00:00", "dateUpdated": "2024-08-07T10:08:35.156Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2008-4311\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2008-12-10T00:30:00.220\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.\"},{\"lang\":\"es\",\"value\":\"La configuraci\u00f3n por defecto de system.conf en \\r\\nD-Bus (alias DBus) y versiones anteriores a 1.2.6 omite el atributo send_type en ciertas reglas, el cual permite a los usuarios locales evitar las restricciones de acceso (1) enviando mensajes, en relaci\u00f3n a send_requested_reply; y posiblemente (2) recibiendo mensajes, relativos a receive_requested_reply.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-16\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.2.4\",\"matchCriteriaId\":\"BA717BEA-178B-462B-A6D7-D355366F5A2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2945FB-BDB8-49B7-BA9A-2BB390345FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FE08E05-948A-4A9C-BA91-B2935355D3CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB0A3D5A-8823-4365-83B9-1E370C131F3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6262F9B-30B5-4A7E-AC49-B9221B06CA4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2F4A579-8F26-47CF-9AE0-41334A9751AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E12E1141-5FE4-43BF-B3A0-DC45C593F880\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B04817C0-14A2-4B75-8747-691D48E70BAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09C8C79E-AE58-48AE-89DB-E84637543783\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED4ECF06-79CC-4142-BE6A-AF4E1E981543\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A87CC329-AF59-4882-82E1-851C4E0BB0B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BDA4ACC-9166-491C-A8D4-A5418F3B0965\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"084A8212-B0FC-41BA-9532-080E8F92B949\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EB88CDF-0C71-4FE7-9210-C43EBE806416\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D84E94E-18EB-4276-AF55-2FB9850B08CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C6D0AAC-7F4B-48FF-9ACB-8C8844BDD722\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FD40B16-FF56-4C23-B8A9-D79433713F35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5A81FE8-37A0-46CE-AAA4-F00CF4122C71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.23.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8815B87-7910-4E41-AB28-AEAD9F53475A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.23.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCEF7E9B-3F19-48CF-862B-B5935824A4C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.23.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FB32F7B-8616-40F5-8D94-4FC97F6AD958\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EC42FAD-C541-4D91-BDF6-62AA1C894B42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAECF21B-68AF-47D8-9540-BB0001087881\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30D0DE09-5F83-423B-AD86-033005D35994\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6618ACC-B506-4A92-BE4F-346FAC29D24F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB406736-7185-4E0A-ACC6-4F79AB312FA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.35.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18867CA7-E4AE-4312-A6E8-0CC514FCF063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.35.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C443F3D-5BD0-4E89-99F1-1BC0798666F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DA75AB4-4ADF-4E42-8840-B044DC4D9FFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.36.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D809A431-7BA6-4C9F-8644-33A14389B289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.36.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"732CD552-3E19-4389-B426-77D5B473866F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1702AE33-38F4-40C5-B448-C863A7E95553\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.60:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3801D383-91A6-4F2F-87D5-32882005BF58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.61:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2392266A-BE81-4494-81C3-942ED56B0558\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.62:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCCA6868-E09D-4616-A9A8-EF63F20C981D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60B6DA02-F08B-4ACE-8F93-F869467BC628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B4E7E9B-722E-4EE1-A435-906DE07BEB2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:0.92:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEF4902A-5598-42B7-8BB0-E9F8AB645D59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DEF0BA7-4EE6-482A-BFE4-A159A7C329AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E93056D8-497A-4C08-B3FA-8372A92A6ACA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:1.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0380A55A-541E-450B-8092-280BD5DA736D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:1.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C55E6EEB-A408-45F5-AF95-37DBDEBA17EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C9908FE-6B10-41BF-ADE2-1639CAC1340E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA34903A-9D38-46FF-B702-D6BEECA96031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39753912-8A2D-49B0-B90B-43DAF723B34A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freedesktop:dbus:1.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11FF206A-8E96-40A2-9687-E0C4F00F020F\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://forums.fedoraforum.org/showthread.php?t=206797\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.freedesktop.org/archives/dbus/2008-December/010702.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/33047\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/33055\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34360\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/34642\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/32674\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/3355\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugs.freedesktop.org/show_bug.cgi?id=18229\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=474895\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/47138\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://forums.fedoraforum.org/showthread.php?t=206797\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.freedesktop.org/archives/dbus/2008-December/010702.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/33047\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/33055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34360\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/34642\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/32674\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/3355\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugs.freedesktop.org/show_bug.cgi?id=18229\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=474895\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/47138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
opensuse-su-2024:10711-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
dbus-1-1.12.20-5.5 on GA media
Notes
Title of the patch
dbus-1-1.12.20-5.5 on GA media
Description of the patch
These are all security issues fixed in the dbus-1-1.12.20-5.5 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10711
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "dbus-1-1.12.20-5.5 on GA media", "title": "Title of the patch" }, { "category": "description", "text": "These are all security issues fixed in the dbus-1-1.12.20-5.5 package on the GA media of openSUSE Tumbleweed.", "title": "Description of the patch" }, { "category": "details", "text": "openSUSE-Tumbleweed-2024-10711", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10711-1.json" }, { "category": "self", "summary": "SUSE CVE CVE-2006-6107 page", "url": "https://www.suse.com/security/cve/CVE-2006-6107/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-0595 page", "url": "https://www.suse.com/security/cve/CVE-2008-0595/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-3834 page", "url": "https://www.suse.com/security/cve/CVE-2008-3834/" }, { "category": "self", "summary": "SUSE CVE CVE-2008-4311 page", "url": "https://www.suse.com/security/cve/CVE-2008-4311/" }, { "category": "self", "summary": "SUSE CVE CVE-2019-12749 page", "url": "https://www.suse.com/security/cve/CVE-2019-12749/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-12049 page", "url": "https://www.suse.com/security/cve/CVE-2020-12049/" } ], "title": "dbus-1-1.12.20-5.5 on GA media", "tracking": { "current_release_date": "2024-06-15T00:00:00Z", "generator": { "date": "2024-06-15T00:00:00Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "openSUSE-SU-2024:10711-1", "initial_release_date": "2024-06-15T00:00:00Z", "revision_history": [ { "date": "2024-06-15T00:00:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "dbus-1-1.12.20-5.5.aarch64", "product": { "name": "dbus-1-1.12.20-5.5.aarch64", "product_id": "dbus-1-1.12.20-5.5.aarch64" } }, { "category": "product_version", "name": "dbus-1-devel-1.12.20-5.5.aarch64", "product": { "name": "dbus-1-devel-1.12.20-5.5.aarch64", "product_id": "dbus-1-devel-1.12.20-5.5.aarch64" } }, { "category": "product_version", "name": "dbus-1-devel-32bit-1.12.20-5.5.aarch64", "product": { "name": "dbus-1-devel-32bit-1.12.20-5.5.aarch64", "product_id": "dbus-1-devel-32bit-1.12.20-5.5.aarch64" } }, { "category": "product_version", "name": "libdbus-1-3-1.12.20-5.5.aarch64", "product": { "name": "libdbus-1-3-1.12.20-5.5.aarch64", "product_id": "libdbus-1-3-1.12.20-5.5.aarch64" } }, { "category": "product_version", "name": "libdbus-1-3-32bit-1.12.20-5.5.aarch64", "product": { "name": "libdbus-1-3-32bit-1.12.20-5.5.aarch64", "product_id": "libdbus-1-3-32bit-1.12.20-5.5.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "dbus-1-1.12.20-5.5.ppc64le", "product": { "name": "dbus-1-1.12.20-5.5.ppc64le", "product_id": "dbus-1-1.12.20-5.5.ppc64le" } }, { "category": "product_version", "name": "dbus-1-devel-1.12.20-5.5.ppc64le", "product": { "name": "dbus-1-devel-1.12.20-5.5.ppc64le", "product_id": "dbus-1-devel-1.12.20-5.5.ppc64le" } }, { "category": "product_version", "name": "dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "product": { "name": "dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "product_id": "dbus-1-devel-32bit-1.12.20-5.5.ppc64le" } }, { "category": "product_version", "name": "libdbus-1-3-1.12.20-5.5.ppc64le", "product": { "name": "libdbus-1-3-1.12.20-5.5.ppc64le", "product_id": "libdbus-1-3-1.12.20-5.5.ppc64le" } }, { "category": "product_version", "name": "libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "product": { "name": "libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "product_id": "libdbus-1-3-32bit-1.12.20-5.5.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "dbus-1-1.12.20-5.5.s390x", "product": { "name": "dbus-1-1.12.20-5.5.s390x", "product_id": "dbus-1-1.12.20-5.5.s390x" } }, { "category": "product_version", "name": "dbus-1-devel-1.12.20-5.5.s390x", "product": { "name": "dbus-1-devel-1.12.20-5.5.s390x", "product_id": "dbus-1-devel-1.12.20-5.5.s390x" } }, { "category": "product_version", "name": "dbus-1-devel-32bit-1.12.20-5.5.s390x", "product": { "name": "dbus-1-devel-32bit-1.12.20-5.5.s390x", "product_id": "dbus-1-devel-32bit-1.12.20-5.5.s390x" } }, { "category": "product_version", "name": "libdbus-1-3-1.12.20-5.5.s390x", "product": { "name": "libdbus-1-3-1.12.20-5.5.s390x", "product_id": "libdbus-1-3-1.12.20-5.5.s390x" } }, { "category": "product_version", "name": "libdbus-1-3-32bit-1.12.20-5.5.s390x", "product": { "name": "libdbus-1-3-32bit-1.12.20-5.5.s390x", "product_id": "libdbus-1-3-32bit-1.12.20-5.5.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "dbus-1-1.12.20-5.5.x86_64", "product": { "name": "dbus-1-1.12.20-5.5.x86_64", "product_id": "dbus-1-1.12.20-5.5.x86_64" } }, { "category": "product_version", "name": "dbus-1-devel-1.12.20-5.5.x86_64", "product": { "name": "dbus-1-devel-1.12.20-5.5.x86_64", "product_id": "dbus-1-devel-1.12.20-5.5.x86_64" } }, { "category": "product_version", "name": "dbus-1-devel-32bit-1.12.20-5.5.x86_64", "product": { "name": "dbus-1-devel-32bit-1.12.20-5.5.x86_64", "product_id": "dbus-1-devel-32bit-1.12.20-5.5.x86_64" } }, { "category": "product_version", "name": "libdbus-1-3-1.12.20-5.5.x86_64", "product": { "name": "libdbus-1-3-1.12.20-5.5.x86_64", "product_id": "libdbus-1-3-1.12.20-5.5.x86_64" } }, { "category": "product_version", "name": "libdbus-1-3-32bit-1.12.20-5.5.x86_64", "product": { "name": "libdbus-1-3-32bit-1.12.20-5.5.x86_64", "product_id": "libdbus-1-3-32bit-1.12.20-5.5.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "openSUSE Tumbleweed", "product": { "name": "openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed", "product_identification_helper": { "cpe": "cpe:/o:opensuse:tumbleweed" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "dbus-1-1.12.20-5.5.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64" }, "product_reference": "dbus-1-1.12.20-5.5.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-1.12.20-5.5.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le" }, "product_reference": "dbus-1-1.12.20-5.5.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-1.12.20-5.5.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x" }, "product_reference": "dbus-1-1.12.20-5.5.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-1.12.20-5.5.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64" }, "product_reference": "dbus-1-1.12.20-5.5.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-devel-1.12.20-5.5.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64" }, "product_reference": "dbus-1-devel-1.12.20-5.5.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-devel-1.12.20-5.5.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le" }, "product_reference": "dbus-1-devel-1.12.20-5.5.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-devel-1.12.20-5.5.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x" }, "product_reference": "dbus-1-devel-1.12.20-5.5.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-devel-1.12.20-5.5.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64" }, "product_reference": "dbus-1-devel-1.12.20-5.5.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-devel-32bit-1.12.20-5.5.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64" }, "product_reference": "dbus-1-devel-32bit-1.12.20-5.5.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-devel-32bit-1.12.20-5.5.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le" }, "product_reference": "dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-devel-32bit-1.12.20-5.5.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x" }, "product_reference": "dbus-1-devel-32bit-1.12.20-5.5.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "dbus-1-devel-32bit-1.12.20-5.5.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64" }, "product_reference": "dbus-1-devel-32bit-1.12.20-5.5.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdbus-1-3-1.12.20-5.5.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64" }, "product_reference": "libdbus-1-3-1.12.20-5.5.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdbus-1-3-1.12.20-5.5.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le" }, "product_reference": "libdbus-1-3-1.12.20-5.5.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdbus-1-3-1.12.20-5.5.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x" }, "product_reference": "libdbus-1-3-1.12.20-5.5.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdbus-1-3-1.12.20-5.5.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64" }, "product_reference": "libdbus-1-3-1.12.20-5.5.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdbus-1-3-32bit-1.12.20-5.5.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64" }, "product_reference": "libdbus-1-3-32bit-1.12.20-5.5.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdbus-1-3-32bit-1.12.20-5.5.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le" }, "product_reference": "libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdbus-1-3-32bit-1.12.20-5.5.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x" }, "product_reference": "libdbus-1-3-32bit-1.12.20-5.5.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libdbus-1-3-32bit-1.12.20-5.5.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" }, "product_reference": "libdbus-1-3-32bit-1.12.20-5.5.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" } ] }, "vulnerabilities": [ { "cve": "CVE-2006-6107", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2006-6107" } ], "notes": [ { "category": "general", "text": "Unspecified vulnerability in the match_rule_equal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service (lost process messages).", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2006-6107", "url": "https://www.suse.com/security/cve/CVE-2006-6107" }, { "category": "external", "summary": "SUSE Bug 224811 for CVE-2006-6107", "url": "https://bugzilla.suse.com/224811" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "low" } ], "title": "CVE-2006-6107" }, { "cve": "CVE-2008-0595", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-0595" } ], "notes": [ { "category": "general", "text": "dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-0595", "url": "https://www.suse.com/security/cve/CVE-2008-0595" }, { "category": "external", "summary": "SUSE Bug 364532 for CVE-2008-0595", "url": "https://bugzilla.suse.com/364532" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-0595" }, { "cve": "CVE-2008-3834", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-3834" } ], "notes": [ { "category": "general", "text": "The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-3834", "url": "https://www.suse.com/security/cve/CVE-2008-3834" }, { "category": "external", "summary": "SUSE Bug 432901 for CVE-2008-3834", "url": "https://bugzilla.suse.com/432901" }, { "category": "external", "summary": "SUSE Bug 495804 for CVE-2008-3834", "url": "https://bugzilla.suse.com/495804" }, { "category": "external", "summary": "SUSE Bug 659934 for CVE-2008-3834", "url": "https://bugzilla.suse.com/659934" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-3834" }, { "cve": "CVE-2008-4311", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-4311" } ], "notes": [ { "category": "general", "text": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-4311", "url": "https://www.suse.com/security/cve/CVE-2008-4311" }, { "category": "external", "summary": "SUSE Bug 443307 for CVE-2008-4311", "url": "https://bugzilla.suse.com/443307" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-4311" }, { "cve": "CVE-2019-12749", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-12749" } ], "notes": [ { "category": "general", "text": "dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2019-12749", "url": "https://www.suse.com/security/cve/CVE-2019-12749" }, { "category": "external", "summary": "SUSE Bug 1137832 for CVE-2019-12749", "url": "https://bugzilla.suse.com/1137832" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "important" } ], "title": "CVE-2019-12749" }, { "cve": "CVE-2020-12049", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2020-12049" } ], "notes": [ { "category": "general", "text": "An issue was discovered in dbus \u003e= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service\u0027s private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2020-12049", "url": "https://www.suse.com/security/cve/CVE-2020-12049" }, { "category": "external", "summary": "SUSE Bug 1172505 for CVE-2020-12049", "url": "https://bugzilla.suse.com/1172505" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:dbus-1-devel-32bit-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-1.12.20-5.5.x86_64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.aarch64", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.ppc64le", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.s390x", "openSUSE Tumbleweed:libdbus-1-3-32bit-1.12.20-5.5.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2020-12049" } ] }
opensuse-su-2024:11531-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
yast2-core-4.4.0-1.4 on GA media
Notes
Title of the patch
yast2-core-4.4.0-1.4 on GA media
Description of the patch
These are all security issues fixed in the yast2-core-4.4.0-1.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11531
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "yast2-core-4.4.0-1.4 on GA media", "title": "Title of the patch" }, { "category": "description", "text": "These are all security issues fixed in the yast2-core-4.4.0-1.4 package on the GA media of openSUSE Tumbleweed.", "title": "Description of the patch" }, { "category": "details", "text": "openSUSE-Tumbleweed-2024-11531", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11531-1.json" }, { "category": "self", "summary": "SUSE CVE CVE-2008-4311 page", "url": "https://www.suse.com/security/cve/CVE-2008-4311/" } ], "title": "yast2-core-4.4.0-1.4 on GA media", "tracking": { "current_release_date": "2024-06-15T00:00:00Z", "generator": { "date": "2024-06-15T00:00:00Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "openSUSE-SU-2024:11531-1", "initial_release_date": "2024-06-15T00:00:00Z", "revision_history": [ { "date": "2024-06-15T00:00:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "yast2-core-4.4.0-1.4.aarch64", "product": { "name": "yast2-core-4.4.0-1.4.aarch64", "product_id": "yast2-core-4.4.0-1.4.aarch64" } }, { "category": "product_version", "name": "yast2-core-devel-4.4.0-1.4.aarch64", "product": { "name": "yast2-core-devel-4.4.0-1.4.aarch64", "product_id": "yast2-core-devel-4.4.0-1.4.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "yast2-core-4.4.0-1.4.ppc64le", "product": { "name": "yast2-core-4.4.0-1.4.ppc64le", "product_id": "yast2-core-4.4.0-1.4.ppc64le" } }, { "category": "product_version", "name": "yast2-core-devel-4.4.0-1.4.ppc64le", "product": { "name": "yast2-core-devel-4.4.0-1.4.ppc64le", "product_id": "yast2-core-devel-4.4.0-1.4.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "yast2-core-4.4.0-1.4.s390x", "product": { "name": "yast2-core-4.4.0-1.4.s390x", "product_id": "yast2-core-4.4.0-1.4.s390x" } }, { "category": "product_version", "name": "yast2-core-devel-4.4.0-1.4.s390x", "product": { "name": "yast2-core-devel-4.4.0-1.4.s390x", "product_id": "yast2-core-devel-4.4.0-1.4.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "yast2-core-4.4.0-1.4.x86_64", "product": { "name": "yast2-core-4.4.0-1.4.x86_64", "product_id": "yast2-core-4.4.0-1.4.x86_64" } }, { "category": "product_version", "name": "yast2-core-devel-4.4.0-1.4.x86_64", "product": { "name": "yast2-core-devel-4.4.0-1.4.x86_64", "product_id": "yast2-core-devel-4.4.0-1.4.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "openSUSE Tumbleweed", "product": { "name": "openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed", "product_identification_helper": { "cpe": "cpe:/o:opensuse:tumbleweed" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "yast2-core-4.4.0-1.4.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.aarch64" }, "product_reference": "yast2-core-4.4.0-1.4.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "yast2-core-4.4.0-1.4.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.ppc64le" }, "product_reference": "yast2-core-4.4.0-1.4.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "yast2-core-4.4.0-1.4.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.s390x" }, "product_reference": "yast2-core-4.4.0-1.4.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "yast2-core-4.4.0-1.4.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.x86_64" }, "product_reference": "yast2-core-4.4.0-1.4.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "yast2-core-devel-4.4.0-1.4.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.aarch64" }, "product_reference": "yast2-core-devel-4.4.0-1.4.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "yast2-core-devel-4.4.0-1.4.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.ppc64le" }, "product_reference": "yast2-core-devel-4.4.0-1.4.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "yast2-core-devel-4.4.0-1.4.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.s390x" }, "product_reference": "yast2-core-devel-4.4.0-1.4.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "yast2-core-devel-4.4.0-1.4.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.x86_64" }, "product_reference": "yast2-core-devel-4.4.0-1.4.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" } ] }, "vulnerabilities": [ { "cve": "CVE-2008-4311", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-4311" } ], "notes": [ { "category": "general", "text": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.aarch64", "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.ppc64le", "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.s390x", "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.x86_64", "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.aarch64", "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.ppc64le", "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.s390x", "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-4311", "url": "https://www.suse.com/security/cve/CVE-2008-4311" }, { "category": "external", "summary": "SUSE Bug 443307 for CVE-2008-4311", "url": "https://bugzilla.suse.com/443307" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.aarch64", "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.ppc64le", "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.s390x", "openSUSE Tumbleweed:yast2-core-4.4.0-1.4.x86_64", "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.aarch64", "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.ppc64le", "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.s390x", "openSUSE Tumbleweed:yast2-core-devel-4.4.0-1.4.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-4311" } ] }
opensuse-su-2024:10605-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
PackageKit-1.2.2-13.2 on GA media
Notes
Title of the patch
PackageKit-1.2.2-13.2 on GA media
Description of the patch
These are all security issues fixed in the PackageKit-1.2.2-13.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10605
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "PackageKit-1.2.2-13.2 on GA media", "title": "Title of the patch" }, { "category": "description", "text": "These are all security issues fixed in the PackageKit-1.2.2-13.2 package on the GA media of openSUSE Tumbleweed.", "title": "Description of the patch" }, { "category": "details", "text": "openSUSE-Tumbleweed-2024-10605", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10605-1.json" }, { "category": "self", "summary": "SUSE CVE CVE-2008-4311 page", "url": "https://www.suse.com/security/cve/CVE-2008-4311/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-1106 page", "url": "https://www.suse.com/security/cve/CVE-2018-1106/" }, { "category": "self", "summary": "SUSE CVE CVE-2020-16121 page", "url": "https://www.suse.com/security/cve/CVE-2020-16121/" } ], "title": "PackageKit-1.2.2-13.2 on GA media", "tracking": { "current_release_date": "2024-06-15T00:00:00Z", "generator": { "date": "2024-06-15T00:00:00Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "openSUSE-SU-2024:10605-1", "initial_release_date": "2024-06-15T00:00:00Z", "revision_history": [ { "date": "2024-06-15T00:00:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "PackageKit-1.2.2-13.2.aarch64", "product": { "name": "PackageKit-1.2.2-13.2.aarch64", "product_id": "PackageKit-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "PackageKit-backend-dnf-1.2.2-13.2.aarch64", "product": { "name": "PackageKit-backend-dnf-1.2.2-13.2.aarch64", "product_id": "PackageKit-backend-dnf-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "PackageKit-backend-zypp-1.2.2-13.2.aarch64", "product": { "name": "PackageKit-backend-zypp-1.2.2-13.2.aarch64", "product_id": "PackageKit-backend-zypp-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "PackageKit-branding-upstream-1.2.2-13.2.aarch64", "product": { "name": "PackageKit-branding-upstream-1.2.2-13.2.aarch64", "product_id": "PackageKit-branding-upstream-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "PackageKit-devel-1.2.2-13.2.aarch64", "product": { "name": "PackageKit-devel-1.2.2-13.2.aarch64", "product_id": "PackageKit-devel-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "product": { "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "product_id": "PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "PackageKit-gtk3-module-1.2.2-13.2.aarch64", "product": { "name": "PackageKit-gtk3-module-1.2.2-13.2.aarch64", "product_id": "PackageKit-gtk3-module-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "PackageKit-lang-1.2.2-13.2.aarch64", "product": { "name": "PackageKit-lang-1.2.2-13.2.aarch64", "product_id": "PackageKit-lang-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "libpackagekit-glib2-18-1.2.2-13.2.aarch64", "product": { "name": "libpackagekit-glib2-18-1.2.2-13.2.aarch64", "product_id": "libpackagekit-glib2-18-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "product": { "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "product_id": "libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "product": { "name": "libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "product_id": "libpackagekit-glib2-devel-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "product": { "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "product_id": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64" } }, { "category": "product_version", "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "product": { "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "product_id": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "PackageKit-1.2.2-13.2.ppc64le", "product": { "name": "PackageKit-1.2.2-13.2.ppc64le", "product_id": "PackageKit-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "product": { "name": "PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "product_id": "PackageKit-backend-dnf-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "product": { "name": "PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "product_id": "PackageKit-backend-zypp-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "product": { "name": "PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "product_id": "PackageKit-branding-upstream-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "PackageKit-devel-1.2.2-13.2.ppc64le", "product": { "name": "PackageKit-devel-1.2.2-13.2.ppc64le", "product_id": "PackageKit-devel-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "product": { "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "product_id": "PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "product": { "name": "PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "product_id": "PackageKit-gtk3-module-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "PackageKit-lang-1.2.2-13.2.ppc64le", "product": { "name": "PackageKit-lang-1.2.2-13.2.ppc64le", "product_id": "PackageKit-lang-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "product": { "name": "libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "product_id": "libpackagekit-glib2-18-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "product": { "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "product_id": "libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "product": { "name": "libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "product_id": "libpackagekit-glib2-devel-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "product": { "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "product_id": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le" } }, { "category": "product_version", "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "product": { "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "product_id": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "PackageKit-1.2.2-13.2.s390x", "product": { "name": "PackageKit-1.2.2-13.2.s390x", "product_id": "PackageKit-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "PackageKit-backend-dnf-1.2.2-13.2.s390x", "product": { "name": "PackageKit-backend-dnf-1.2.2-13.2.s390x", "product_id": "PackageKit-backend-dnf-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "PackageKit-backend-zypp-1.2.2-13.2.s390x", "product": { "name": "PackageKit-backend-zypp-1.2.2-13.2.s390x", "product_id": "PackageKit-backend-zypp-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "PackageKit-branding-upstream-1.2.2-13.2.s390x", "product": { "name": "PackageKit-branding-upstream-1.2.2-13.2.s390x", "product_id": "PackageKit-branding-upstream-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "PackageKit-devel-1.2.2-13.2.s390x", "product": { "name": "PackageKit-devel-1.2.2-13.2.s390x", "product_id": "PackageKit-devel-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "product": { "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "product_id": "PackageKit-gstreamer-plugin-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "PackageKit-gtk3-module-1.2.2-13.2.s390x", "product": { "name": "PackageKit-gtk3-module-1.2.2-13.2.s390x", "product_id": "PackageKit-gtk3-module-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "PackageKit-lang-1.2.2-13.2.s390x", "product": { "name": "PackageKit-lang-1.2.2-13.2.s390x", "product_id": "PackageKit-lang-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "libpackagekit-glib2-18-1.2.2-13.2.s390x", "product": { "name": "libpackagekit-glib2-18-1.2.2-13.2.s390x", "product_id": "libpackagekit-glib2-18-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "product": { "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "product_id": "libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "libpackagekit-glib2-devel-1.2.2-13.2.s390x", "product": { "name": "libpackagekit-glib2-devel-1.2.2-13.2.s390x", "product_id": "libpackagekit-glib2-devel-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "product": { "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "product_id": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x" } }, { "category": "product_version", "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "product": { "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "product_id": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "PackageKit-1.2.2-13.2.x86_64", "product": { "name": "PackageKit-1.2.2-13.2.x86_64", "product_id": "PackageKit-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "PackageKit-backend-dnf-1.2.2-13.2.x86_64", "product": { "name": "PackageKit-backend-dnf-1.2.2-13.2.x86_64", "product_id": "PackageKit-backend-dnf-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "PackageKit-backend-zypp-1.2.2-13.2.x86_64", "product": { "name": "PackageKit-backend-zypp-1.2.2-13.2.x86_64", "product_id": "PackageKit-backend-zypp-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "PackageKit-branding-upstream-1.2.2-13.2.x86_64", "product": { "name": "PackageKit-branding-upstream-1.2.2-13.2.x86_64", "product_id": "PackageKit-branding-upstream-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "PackageKit-devel-1.2.2-13.2.x86_64", "product": { "name": "PackageKit-devel-1.2.2-13.2.x86_64", "product_id": "PackageKit-devel-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "product": { "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "product_id": "PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "PackageKit-gtk3-module-1.2.2-13.2.x86_64", "product": { "name": "PackageKit-gtk3-module-1.2.2-13.2.x86_64", "product_id": "PackageKit-gtk3-module-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "PackageKit-lang-1.2.2-13.2.x86_64", "product": { "name": "PackageKit-lang-1.2.2-13.2.x86_64", "product_id": "PackageKit-lang-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "libpackagekit-glib2-18-1.2.2-13.2.x86_64", "product": { "name": "libpackagekit-glib2-18-1.2.2-13.2.x86_64", "product_id": "libpackagekit-glib2-18-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "product": { "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "product_id": "libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "product": { "name": "libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "product_id": "libpackagekit-glib2-devel-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "product": { "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "product_id": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64" } }, { "category": "product_version", "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64", "product": { "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64", "product_id": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "openSUSE Tumbleweed", "product": { "name": "openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed", "product_identification_helper": { "cpe": "cpe:/o:opensuse:tumbleweed" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "PackageKit-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.aarch64" }, "product_reference": "PackageKit-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.ppc64le" }, "product_reference": "PackageKit-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.s390x" }, "product_reference": "PackageKit-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.x86_64" }, "product_reference": "PackageKit-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-backend-dnf-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.aarch64" }, "product_reference": "PackageKit-backend-dnf-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-backend-dnf-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.ppc64le" }, "product_reference": "PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-backend-dnf-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.s390x" }, "product_reference": "PackageKit-backend-dnf-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-backend-dnf-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.x86_64" }, "product_reference": "PackageKit-backend-dnf-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-backend-zypp-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.aarch64" }, "product_reference": "PackageKit-backend-zypp-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-backend-zypp-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.ppc64le" }, "product_reference": "PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-backend-zypp-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.s390x" }, "product_reference": "PackageKit-backend-zypp-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-backend-zypp-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.x86_64" }, "product_reference": "PackageKit-backend-zypp-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-branding-upstream-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.aarch64" }, "product_reference": "PackageKit-branding-upstream-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-branding-upstream-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.ppc64le" }, "product_reference": "PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-branding-upstream-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.s390x" }, "product_reference": "PackageKit-branding-upstream-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-branding-upstream-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.x86_64" }, "product_reference": "PackageKit-branding-upstream-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-devel-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.aarch64" }, "product_reference": "PackageKit-devel-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-devel-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.ppc64le" }, "product_reference": "PackageKit-devel-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-devel-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.s390x" }, "product_reference": "PackageKit-devel-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-devel-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.x86_64" }, "product_reference": "PackageKit-devel-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64" }, "product_reference": "PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le" }, "product_reference": "PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.s390x" }, "product_reference": "PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64" }, "product_reference": "PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-gtk3-module-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.aarch64" }, "product_reference": "PackageKit-gtk3-module-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-gtk3-module-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.ppc64le" }, "product_reference": "PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-gtk3-module-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.s390x" }, "product_reference": "PackageKit-gtk3-module-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-gtk3-module-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.x86_64" }, "product_reference": "PackageKit-gtk3-module-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-lang-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.aarch64" }, "product_reference": "PackageKit-lang-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-lang-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.ppc64le" }, "product_reference": "PackageKit-lang-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-lang-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.s390x" }, "product_reference": "PackageKit-lang-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "PackageKit-lang-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.x86_64" }, "product_reference": "PackageKit-lang-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-18-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.aarch64" }, "product_reference": "libpackagekit-glib2-18-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-18-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.ppc64le" }, "product_reference": "libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-18-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.s390x" }, "product_reference": "libpackagekit-glib2-18-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-18-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.x86_64" }, "product_reference": "libpackagekit-glib2-18-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64" }, "product_reference": "libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le" }, "product_reference": "libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x" }, "product_reference": "libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64" }, "product_reference": "libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-devel-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.aarch64" }, "product_reference": "libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-devel-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.ppc64le" }, "product_reference": "libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-devel-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.s390x" }, "product_reference": "libpackagekit-glib2-devel-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-devel-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.x86_64" }, "product_reference": "libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64" }, "product_reference": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le" }, "product_reference": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x" }, "product_reference": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64" }, "product_reference": "libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64" }, "product_reference": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le" }, "product_reference": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x" }, "product_reference": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" }, "product_reference": "typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" } ] }, "vulnerabilities": [ { "cve": "CVE-2008-4311", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2008-4311" } ], "notes": [ { "category": "general", "text": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2008-4311", "url": "https://www.suse.com/security/cve/CVE-2008-4311" }, { "category": "external", "summary": "SUSE Bug 443307 for CVE-2008-4311", "url": "https://bugzilla.suse.com/443307" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2008-4311" }, { "cve": "CVE-2018-1106", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-1106" } ], "notes": [ { "category": "general", "text": "An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-1106", "url": "https://www.suse.com/security/cve/CVE-2018-1106" }, { "category": "external", "summary": "SUSE Bug 1086936 for CVE-2018-1106", "url": "https://bugzilla.suse.com/1086936" }, { "category": "external", "summary": "SUSE Bug 1123722 for CVE-2018-1106", "url": "https://bugzilla.suse.com/1123722" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2018-1106" }, { "cve": "CVE-2020-16121", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2020-16121" } ], "notes": [ { "category": "general", "text": "PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2020-16121", "url": "https://www.suse.com/security/cve/CVE-2020-16121" }, { "category": "external", "summary": "SUSE Bug 1176930 for CVE-2020-16121", "url": "https://bugzilla.suse.com/1176930" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-dnf-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-backend-zypp-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-branding-upstream-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gstreamer-plugin-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-gtk3-module-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.s390x", "openSUSE Tumbleweed:PackageKit-lang-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-18-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.s390x", "openSUSE Tumbleweed:libpackagekit-glib2-devel-32bit-1.2.2-13.2.x86_64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.aarch64", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.ppc64le", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.s390x", "openSUSE Tumbleweed:typelib-1_0-PackageKitGlib-1_0-1.2.2-13.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "low" } ], "title": "CVE-2020-16121" } ] }
ghsa-hpmr-9r6f-w2rr
Vulnerability from github
Published
2022-05-02 00:08
Modified
2022-05-02 00:08
VLAI Severity ?
Details
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.
{ "affected": [], "aliases": [ "CVE-2008-4311" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2008-12-10T00:30:00Z", "severity": "MODERATE" }, "details": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.", "id": "GHSA-hpmr-9r6f-w2rr", "modified": "2022-05-02T00:08:51Z", "published": "2022-05-02T00:08:51Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4311" }, { "type": "WEB", "url": "https://bugs.freedesktop.org/show_bug.cgi?id=18229" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474895" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47138" }, { "type": "WEB", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html" }, { "type": "WEB", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532" }, { "type": "WEB", "url": "http://forums.fedoraforum.org/showthread.php?t=206797" }, { "type": "WEB", "url": "http://lists.freedesktop.org/archives/dbus/2008-December/010702.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/33047" }, { "type": "WEB", "url": "http://secunia.com/advisories/33055" }, { "type": "WEB", "url": "http://secunia.com/advisories/34360" }, { "type": "WEB", "url": "http://secunia.com/advisories/34642" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/32674" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2008/3355" } ], "schema_version": "1.4.0", "severity": [] }
gsd-2008-4311
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2008-4311", "description": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.", "id": "GSD-2008-4311", "references": [ "https://www.suse.com/security/cve/CVE-2008-4311.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2008-4311" ], "details": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.", "id": "GSD-2008-4311", "modified": "2023-12-13T01:22:59.911108Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2008-4311", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_affected": "=", "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html" }, { "name": "http://secunia.com/advisories/34642", "refsource": "MISC", "url": "http://secunia.com/advisories/34642" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html" }, { "name": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html" }, { "name": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html" }, { "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532", "refsource": "MISC", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532" }, { "name": "http://forums.fedoraforum.org/showthread.php?t=206797", "refsource": "MISC", "url": "http://forums.fedoraforum.org/showthread.php?t=206797" }, { "name": "http://lists.freedesktop.org/archives/dbus/2008-December/010702.html", "refsource": "MISC", "url": "http://lists.freedesktop.org/archives/dbus/2008-December/010702.html" }, { "name": "http://secunia.com/advisories/33047", "refsource": "MISC", "url": "http://secunia.com/advisories/33047" }, { "name": "http://secunia.com/advisories/33055", "refsource": "MISC", "url": "http://secunia.com/advisories/33055" }, { "name": "http://secunia.com/advisories/34360", "refsource": "MISC", "url": "http://secunia.com/advisories/34360" }, { "name": "http://www.securityfocus.com/bid/32674", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/32674" }, { "name": "http://www.vupen.com/english/advisories/2008/3355", "refsource": "MISC", "url": "http://www.vupen.com/english/advisories/2008/3355" }, { "name": "https://bugs.freedesktop.org/show_bug.cgi?id=18229", "refsource": "MISC", "url": "https://bugs.freedesktop.org/show_bug.cgi?id=18229" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=474895", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474895" }, { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47138", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47138" }, { "name": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html", "refsource": "MISC", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:1.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:1.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.92:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.36.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.36.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.2.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:1.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.91:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.90:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.35.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.23.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.23.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:1.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:1.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.62:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.61:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.35.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.23.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:1.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:1.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.60:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:freedesktop:dbus:0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2008-4311" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-16" } ] } ] }, "references": { "reference_data": [ { "name": "http://forums.fedoraforum.org/showthread.php?t=206797", "refsource": "CONFIRM", "tags": [], "url": "http://forums.fedoraforum.org/showthread.php?t=206797" }, { "name": "[dbus] 20081205 [CVE-2008-4311] DBus 1.2.6", "refsource": "MLIST", "tags": [], "url": "http://lists.freedesktop.org/archives/dbus/2008-December/010702.html" }, { "name": "32674", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/32674" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=474895", "refsource": "CONFIRM", "tags": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474895" }, { "name": "FEDORA-2008-10907", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html" }, { "name": "https://bugs.freedesktop.org/show_bug.cgi?id=18229", "refsource": "CONFIRM", "tags": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=18229" }, { "name": "33047", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33047" }, { "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532", "refsource": "CONFIRM", "tags": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532" }, { "name": "33055", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33055" }, { "name": "SUSE-SA:2009:013", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html" }, { "name": "34360", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/34360" }, { "name": "SUSE-SR:2009:008", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html" }, { "name": "34642", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/34642" }, { "name": "SUSE-SR:2009:009", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html" }, { "name": "ADV-2008-3355", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2008/3355" }, { "name": "openSUSE-SU-2012:1418", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html" }, { "name": "dbus-sendreceive-security-bypass(47138)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47138" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2017-08-08T01:32Z", "publishedDate": "2008-12-10T00:30Z" } } }
fkie_cve-2008-4311
Vulnerability from fkie_nvd
Published
2008-12-10 00:30
Modified
2025-04-09 00:30
Severity ?
Summary
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:freedesktop:dbus:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA717BEA-178B-462B-A6D7-D355366F5A2C", "versionEndIncluding": "1.2.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1A2945FB-BDB8-49B7-BA9A-2BB390345FED", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "0FE08E05-948A-4A9C-BA91-B2935355D3CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "CB0A3D5A-8823-4365-83B9-1E370C131F3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6262F9B-30B5-4A7E-AC49-B9221B06CA4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "C2F4A579-8F26-47CF-9AE0-41334A9751AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "E12E1141-5FE4-43BF-B3A0-DC45C593F880", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B04817C0-14A2-4B75-8747-691D48E70BAC", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "09C8C79E-AE58-48AE-89DB-E84637543783", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "ED4ECF06-79CC-4142-BE6A-AF4E1E981543", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.10:*:*:*:*:*:*:*", "matchCriteriaId": "A87CC329-AF59-4882-82E1-851C4E0BB0B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.11:*:*:*:*:*:*:*", "matchCriteriaId": "9BDA4ACC-9166-491C-A8D4-A5418F3B0965", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.12:*:*:*:*:*:*:*", "matchCriteriaId": "084A8212-B0FC-41BA-9532-080E8F92B949", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.13:*:*:*:*:*:*:*", "matchCriteriaId": "0EB88CDF-0C71-4FE7-9210-C43EBE806416", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.20:*:*:*:*:*:*:*", "matchCriteriaId": "0D84E94E-18EB-4276-AF55-2FB9850B08CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.21:*:*:*:*:*:*:*", "matchCriteriaId": "0C6D0AAC-7F4B-48FF-9ACB-8C8844BDD722", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.22:*:*:*:*:*:*:*", "matchCriteriaId": "5FD40B16-FF56-4C23-B8A9-D79433713F35", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.23:*:*:*:*:*:*:*", "matchCriteriaId": "C5A81FE8-37A0-46CE-AAA4-F00CF4122C71", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.23.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8815B87-7910-4E41-AB28-AEAD9F53475A", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.23.2:*:*:*:*:*:*:*", "matchCriteriaId": "DCEF7E9B-3F19-48CF-862B-B5935824A4C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.23.3:*:*:*:*:*:*:*", "matchCriteriaId": "1FB32F7B-8616-40F5-8D94-4FC97F6AD958", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.31:*:*:*:*:*:*:*", "matchCriteriaId": "4EC42FAD-C541-4D91-BDF6-62AA1C894B42", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.32:*:*:*:*:*:*:*", "matchCriteriaId": "FAECF21B-68AF-47D8-9540-BB0001087881", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.33:*:*:*:*:*:*:*", "matchCriteriaId": "30D0DE09-5F83-423B-AD86-033005D35994", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.34:*:*:*:*:*:*:*", "matchCriteriaId": "D6618ACC-B506-4A92-BE4F-346FAC29D24F", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.35:*:*:*:*:*:*:*", "matchCriteriaId": "BB406736-7185-4E0A-ACC6-4F79AB312FA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.35.1:*:*:*:*:*:*:*", "matchCriteriaId": "18867CA7-E4AE-4312-A6E8-0CC514FCF063", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.35.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C443F3D-5BD0-4E89-99F1-1BC0798666F9", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.36:*:*:*:*:*:*:*", "matchCriteriaId": "2DA75AB4-4ADF-4E42-8840-B044DC4D9FFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.36.1:*:*:*:*:*:*:*", "matchCriteriaId": "D809A431-7BA6-4C9F-8644-33A14389B289", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.36.2:*:*:*:*:*:*:*", "matchCriteriaId": "732CD552-3E19-4389-B426-77D5B473866F", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.50:*:*:*:*:*:*:*", "matchCriteriaId": "1702AE33-38F4-40C5-B448-C863A7E95553", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.60:*:*:*:*:*:*:*", "matchCriteriaId": "3801D383-91A6-4F2F-87D5-32882005BF58", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.61:*:*:*:*:*:*:*", "matchCriteriaId": "2392266A-BE81-4494-81C3-942ED56B0558", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.62:*:*:*:*:*:*:*", "matchCriteriaId": "BCCA6868-E09D-4616-A9A8-EF63F20C981D", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "60B6DA02-F08B-4ACE-8F93-F869467BC628", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "3B4E7E9B-722E-4EE1-A435-906DE07BEB2B", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "BEF4902A-5598-42B7-8BB0-E9F8AB645D59", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9DEF0BA7-4EE6-482A-BFE4-A159A7C329AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "E93056D8-497A-4C08-B3FA-8372A92A6ACA", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:1.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "0380A55A-541E-450B-8092-280BD5DA736D", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:1.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "C55E6EEB-A408-45F5-AF95-37DBDEBA17EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C9908FE-6B10-41BF-ADE2-1639CAC1340E", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FA34903A-9D38-46FF-B702-D6BEECA96031", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "39753912-8A2D-49B0-B90B-43DAF723B34A", "vulnerable": true }, { "criteria": "cpe:2.3:a:freedesktop:dbus:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "11FF206A-8E96-40A2-9687-E0C4F00F020F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and possibly (2) receiving messages, related to receive_requested_reply." }, { "lang": "es", "value": "La configuraci\u00f3n por defecto de system.conf en \r\nD-Bus (alias DBus) y versiones anteriores a 1.2.6 omite el atributo send_type en ciertas reglas, el cual permite a los usuarios locales evitar las restricciones de acceso (1) enviando mensajes, en relaci\u00f3n a send_requested_reply; y posiblemente (2) recibiendo mensajes, relativos a receive_requested_reply." } ], "id": "CVE-2008-4311", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-12-10T00:30:00.220", "references": [ { "source": "secalert@redhat.com", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532" }, { "source": "secalert@redhat.com", "url": "http://forums.fedoraforum.org/showthread.php?t=206797" }, { "source": "secalert@redhat.com", "url": "http://lists.freedesktop.org/archives/dbus/2008-December/010702.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html" }, { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33047" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33055" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/34360" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/34642" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/32674" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/3355" }, { "source": "secalert@redhat.com", "url": "https://bugs.freedesktop.org/show_bug.cgi?id=18229" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474895" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47138" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://forums.fedoraforum.org/showthread.php?t=206797" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.freedesktop.org/archives/dbus/2008-December/010702.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/33055" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34360" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/32674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/3355" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.freedesktop.org/show_bug.cgi?id=18229" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474895" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47138" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00436.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-16" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…