Security update for dbus-1 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:1604-1 Final 1 1 2019-06-24T10:18:47Z current 2019-06-24T10:18:47Z 2019-06-24T10:18:47Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for dbus-1 This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication (bsc#1137832). This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-1604 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00059.html E-Mail link for openSUSE-SU-2019:1604-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1082318 SUSE Bug 1082318 https://bugzilla.suse.com/1137832 SUSE Bug 1137832 https://www.suse.com/security/cve/CVE-2019-12749/ SUSE CVE CVE-2019-12749 page openSUSE Leap 15.0 dbus-1-1.12.2-lp150.2.3.1 dbus-1-devel-1.12.2-lp150.2.3.1 dbus-1-devel-32bit-1.12.2-lp150.2.3.1 dbus-1-devel-doc-1.12.2-lp150.2.3.1 dbus-1-x11-1.12.2-lp150.2.3.1 libdbus-1-3-1.12.2-lp150.2.3.1 libdbus-1-3-32bit-1.12.2-lp150.2.3.1 dbus-1-1.12.2-lp150.2.3.1 as a component of openSUSE Leap 15.0 dbus-1-devel-1.12.2-lp150.2.3.1 as a component of openSUSE Leap 15.0 dbus-1-devel-32bit-1.12.2-lp150.2.3.1 as a component of openSUSE Leap 15.0 dbus-1-devel-doc-1.12.2-lp150.2.3.1 as a component of openSUSE Leap 15.0 dbus-1-x11-1.12.2-lp150.2.3.1 as a component of openSUSE Leap 15.0 libdbus-1-3-1.12.2-lp150.2.3.1 as a component of openSUSE Leap 15.0 libdbus-1-3-32bit-1.12.2-lp150.2.3.1 as a component of openSUSE Leap 15.0 dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass. CVE-2019-12749 openSUSE Leap 15.0:dbus-1-1.12.2-lp150.2.3.1 openSUSE Leap 15.0:dbus-1-devel-1.12.2-lp150.2.3.1 openSUSE Leap 15.0:dbus-1-devel-32bit-1.12.2-lp150.2.3.1 openSUSE Leap 15.0:dbus-1-devel-doc-1.12.2-lp150.2.3.1 openSUSE Leap 15.0:dbus-1-x11-1.12.2-lp150.2.3.1 openSUSE Leap 15.0:libdbus-1-3-1.12.2-lp150.2.3.1 openSUSE Leap 15.0:libdbus-1-3-32bit-1.12.2-lp150.2.3.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00059.html https://www.suse.com/security/cve/CVE-2019-12749.html CVE-2019-12749 https://bugzilla.suse.com/1137832 SUSE Bug 1137832