Bug 1137835 - (CVE-2019-12779) VUL-0: CVE-2019-12779: libqb: insecure treatment of IPC (temporary) files
(CVE-2019-12779)
VUL-0: CVE-2019-12779: libqb: insecure treatment of IPC (temporary) files
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Yan Gao
Security Team bot
https://smash.suse.de/issue/234606/
CVSSv3:SUSE:CVE-2019-12779:6.5:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-06-11 08:48 UTC by Alexander Bergmann
Modified: 2022-04-28 12:55 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---
gabriele.sonnu: needinfo? (ygao)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 4 Swamp Workflow Management 2019-07-09 19:19:47 UTC
SUSE-SU-2019:1791-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1137835
CVE References: CVE-2019-12779
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    libqb-1.0.3+20190326.a521604-3.3.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    libqb-1.0.3+20190326.a521604-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 5 Swamp Workflow Management 2019-07-10 13:16:12 UTC
SUSE-SU-2019:1806-1: An update that solves one vulnerability and has three fixes is now available.

Category: security (important)
Bug References: 1069468,1074327,1098449,1137835
CVE References: CVE-2019-12779
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    libdlm-4.0.7-3.3.2, libqb-1.0.3+20171226.6d62b64-4.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    libdlm-4.0.7-3.3.2, libqb-1.0.3+20171226.6d62b64-4.3.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    libdlm-4.0.7-3.3.2, libqb-1.0.3+20171226.6d62b64-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2019-07-10 19:11:34 UTC
SUSE-SU-2019:1812-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1137835
CVE References: CVE-2019-12779
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    libqb-1.0.3+20171226.6d62b64-3.3.1
SUSE Linux Enterprise High Availability 15 (src):    libqb-1.0.3+20171226.6d62b64-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2019-07-19 10:30:46 UTC
openSUSE-SU-2019:1718-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1137835
CVE References: CVE-2019-12779
Sources used:
openSUSE Leap 15.0 (src):    libqb-1.0.3+20171226.6d62b64-lp150.2.3.1
Comment 8 Swamp Workflow Management 2019-07-20 10:28:17 UTC
openSUSE-SU-2019:1752-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1137835
CVE References: CVE-2019-12779
Sources used:
openSUSE Leap 15.1 (src):    libqb-1.0.3+20190326.a521604-lp151.2.3.1
Comment 9 Swamp Workflow Management 2019-08-14 22:12:12 UTC
openSUSE-SU-2019:1891-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1137835
CVE References: CVE-2019-12779
Sources used:
openSUSE Backports SLE-15-SP1 (src):    libqb-1.0.3+20190326.a521604-bp151.2.3.1