Bugzilla – Bug 1152763
VUL-0: CVE-2019-3695: pcp: LPE from pcp user to root in %post
Last modified: 2021-02-23 00:54:15 UTC
+++ This bug was initially created as a clone of Bug #1152533 +++ in pcp.spec 2610 %post 2611 PCP_LOG_DIR=%{_logsdir} 2612 PCP_PMNS_DIR=%{_pmnsdir} 2613 # restore saved configs, if any 2614 test -s "$PCP_LOG_DIR/configs.sh" && source "$PCP_LOG_DIR/configs.sh" allows escalation of user pcp to root Reproducer as pcp: echo 'touch /owned' > /var/log/pcp/configs.sh as root: zypper in -f pcp ls -lah /owned -rw-r--r-- 1 root root 0 Oct 2 12:00 /owned
Public and released to all codestreams
SUSE-SU-2020:0355-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1129991,1152763,1153921 CVE References: CVE-2019-3695,CVE-2019-3696 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): pcp-4.3.1-3.5.3 SUSE Linux Enterprise Module for Development Tools 15-SP1 (src): pcp-4.3.1-3.5.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:0356-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1129991,1152763,1153921 CVE References: CVE-2019-3695,CVE-2019-3696 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP5 (src): pcp-3.11.9-6.14.1 SUSE Linux Enterprise Software Development Kit 12-SP4 (src): pcp-3.11.9-6.14.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:0357-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1129991,1152763,1153921 CVE References: CVE-2019-3695,CVE-2019-3696 Sources used: SUSE Linux Enterprise Server for SAP 15 (src): pcp-3.11.9-5.8.1 SUSE Linux Enterprise Server 15-LTSS (src): pcp-3.11.9-5.8.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): pcp-3.11.9-5.8.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): pcp-3.11.9-5.8.1 SUSE Linux Enterprise Module for Development Tools 15 (src): pcp-3.11.9-5.8.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): pcp-3.11.9-5.8.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): pcp-3.11.9-5.8.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2020:0213-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1129991,1152763,1153921 CVE References: CVE-2019-3695,CVE-2019-3696 Sources used: openSUSE Leap 15.1 (src): pcp-4.3.1-lp151.2.3.1
this still is in Factory, can you please fix it there? Then we should be done here. Thanks
(In reply to Johannes Segitz from comment #16) > this still is in Factory, can you please fix it there? Then we should be > done here. Thanks Factory is fixed, closing.