[ALSA-2020:1766] Moderate: GNOME security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2021-11-12
Description:
GNOME is the default desktop environment of AlmaLinux. Security Fix(es): * LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp (CVE-2018-20337) * gdm: lock screen bypass when timed login is enabled (CVE-2019-3825) * gvfs: mishandling of file ownership in daemon/gvfsbackendadmin.c (CVE-2019-12447) * gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing query_info_on_read/write (CVE-2019-12448) * gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges (CVE-2019-12449) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 clutter-doc-1.26.2-8.el8.aarch64.rpm 2f39971682d13c5388c34fc7420501e7ae0ee1e810a76e891caed2e51babea90
aarch64 mozjs60-devel-60.9.0-4.el8.aarch64.rpm 2fcc7c993d8d65371087b229d65caab0001866a3d177db9bb42ad1f1ebf27a71
aarch64 gnome-menus-3.13.3-11.el8.aarch64.rpm 4840f718e2f6b32e4ac2babba0b51c06457474308fba24ba8afc0d9f09a71517
aarch64 baobab-3.28.0-4.el8.aarch64.rpm 7f489b34f7bf148f7306795afa1418c49c154734221a4d284bc6cd587a2dcaf0
aarch64 mozjs52-52.9.0-2.el8.aarch64.rpm 98e340aff70fdc117168ad11cd8b15cc7435b9a7347869ca5459c33c8fced779
aarch64 clutter-devel-1.26.2-8.el8.aarch64.rpm b5d45aba30f6224eab8fab62a5b95883abc9b70e9c9ef9cca71457f76c17ebc7
aarch64 clutter-1.26.2-8.el8.aarch64.rpm c07b548271dcc8b754804252836678835239d2c7dc14b2e1786e74013804b89b
aarch64 mozjs60-60.9.0-4.el8.aarch64.rpm e726bf8b4d267ee81caef4d9616b1b1faaf60afe267c869da5346b8c25e023a7
aarch64 mozjs52-devel-52.9.0-2.el8.aarch64.rpm e7b0fabb8b14cc01ac477ebb149cad9202d7f1a8713ddbbf3607ae75693d0ede
aarch64 gnome-menus-devel-3.13.3-11.el8.aarch64.rpm f135d21d3dbd44f1e0bd762d1530df90fb77f3b6c2a1893f8cac586ef6140cb7
i686 gjs-devel-1.56.2-4.el8.i686.rpm 349cfbbebfd0fa901e7a3940bf7215af1a90e9362b996e20ec8e95b07837b423
i686 mozjs52-devel-52.9.0-2.el8.i686.rpm 6bc80be3fa0d73a7130f447b33a61181b5d5128d06a4b3ab801baa951cad8086
i686 clutter-devel-1.26.2-8.el8.i686.rpm 6bcdd54bf1856e09f47d34870851fbb9ff50ad2dafe67254d1f183a89ef3af8c
i686 gnome-menus-3.13.3-11.el8.i686.rpm 6c59842308b6b391a551e0ffd865784cd353276d796b6e76680423b2f49f3281
i686 mozjs60-devel-60.9.0-4.el8.i686.rpm 8fac2a3a00dbfec3eb2344bc112f76acc3e4a8013b958fc8a80ce319e751226d
i686 vala-0.40.19-1.el8.i686.rpm 93138300f1fed4675186536ac2ea598c049572fc6787bacdd1b22ad7560c5104
i686 clutter-1.26.2-8.el8.i686.rpm 96e35afd6d534cb044440bd87ea947f063ae677cf8694c279b5652c78712b7df
i686 accountsservice-devel-0.6.50-8.el8.i686.rpm b08cd92df783298a6bb23cff26171e6be307736ffd5954433f0c54b0b116e005
i686 vala-devel-0.40.19-1.el8.i686.rpm cc77cfcbbd11695b51ef0e8e704fad4a609e40121ba1864875bb22928c4b527e
i686 gnome-menus-devel-3.13.3-11.el8.i686.rpm d01446861f2e5b46f66e7a0d3cad782d42cc204d16309f4cf08a1518e1c8dd29
noarch gnome-tweaks-3.28.1-7.el8.noarch.rpm c81e864ff35743514cd46f380b65bec1ebcb28fc261a0ccb1e1567113872546a
ppc64le mozjs52-devel-52.9.0-2.el8.alma.ppc64le.rpm 096778b4a28513f7bbddf14f3c2dcddfa45d8ebe237604541a5671b7bb1bdd9a
ppc64le clutter-1.26.2-8.el8.ppc64le.rpm 2b90d163aaa70c5bfcb3012173c82d54120b0ceeeecc8364cc5992e9be385d92
ppc64le gnome-menus-devel-3.13.3-11.el8.ppc64le.rpm 48e5e3bb80c23876e0a41718c42ca1cdd6093029265d9907baa77fd05290a5ac
ppc64le mozjs52-52.9.0-2.el8.alma.ppc64le.rpm 78a1594f7a2e286e08db6caeb0bb81ce7c46f43e701f9b265b2ceb0be1a458b8
ppc64le baobab-3.28.0-4.el8.ppc64le.rpm 8e522dc5fd9a4ebb175ca0363be8cd6540d7acd4ca1511554b3153b083d849fb
ppc64le clutter-devel-1.26.2-8.el8.ppc64le.rpm 94d8333d7dc8fdbd551654638c67a1e6b91cb56317c04a6c4cbd2e8e32debd14
ppc64le mozjs60-devel-60.9.0-4.el8.alma.ppc64le.rpm ac23ce2dd44563dad6f2fdd361c289ab3017b5f07bdbcff45ce4c093bfe2579c
ppc64le gnome-menus-3.13.3-11.el8.ppc64le.rpm d2ad722673f272f045f04cbf1fd254b6c35b674a6589a6656d1b5085560165f6
ppc64le mozjs60-60.9.0-4.el8.alma.ppc64le.rpm d8fa17ca6154828bc53b4c8c5bfcd5f69561b248f737baa6b9e1242d929a15b5
ppc64le clutter-doc-1.26.2-8.el8.ppc64le.rpm e71c106e6397fd09d61cadbfae833b25a6f22bb272e84f16d89227e0f1eab60e
x86_64 clutter-1.26.2-8.el8.x86_64.rpm 050d78b1b3946460e64b18ab90f478a167ce90d2f859204092267ff5c7b09ac4
x86_64 vala-0.40.19-1.el8.x86_64.rpm 29ed7e032a1a8f966c069814188f4ee5d7671762261a80af26e5f73187888c54
x86_64 accountsservice-devel-0.6.50-8.el8.x86_64.rpm 39844719e5169607803c2d89a06164f90e6b3894b4219564e4422ce730872ea2
x86_64 gnome-menus-3.13.3-11.el8.x86_64.rpm 3a6ca94d54398f89805817c5334a355124c152e04ad6eb911200aa2609947687
x86_64 baobab-3.28.0-4.el8.x86_64.rpm 4e03ef70171dafc26c25d849cf08161a21eb5201c2d0c5d136c74b1b4bcae76b
x86_64 mozjs52-devel-52.9.0-2.el8.x86_64.rpm 685f009107485ec920db4360c44f01cb33cfff984d678ef986b2f9e164983641
x86_64 mozjs60-devel-60.9.0-4.el8.x86_64.rpm 7189aecf72771dde71b651298db93160cf15d46cefa98d93db6c311db728c90a
x86_64 gnome-menus-devel-3.13.3-11.el8.x86_64.rpm 81620071d46e3d94c1d28c452ca3f7d71960c1143306d6d4582c31e9dc0410bc
x86_64 mozjs52-52.9.0-2.el8.x86_64.rpm 872a1d732e93a341ec5eb320bfd2ec17f9cee5f83ef71971798c91cfbc06c93e
x86_64 clutter-doc-1.26.2-8.el8.x86_64.rpm b181d866166cde2078f089da89a27c928def4c1197693f7cb9ff9134bb4a7732
x86_64 vala-devel-0.40.19-1.el8.x86_64.rpm cbefdc01ca0380f56c49833b9d6819dd939bc21fa553ec5062ef389c45d394b6
x86_64 gjs-devel-1.56.2-4.el8.x86_64.rpm ce86b010904f170105efb422bdd487916c05d663cbb183b15b5a5937c0a4aad5
x86_64 mozjs60-60.9.0-4.el8.x86_64.rpm e09a084e686fa4f90a7a6658215421ce9ada1b443b13d117c6ee47e19eae6a7c
x86_64 clutter-devel-1.26.2-8.el8.x86_64.rpm e3a9a98dd74f8dbbcf5b859be5f43b13720fe3bbd90e60af9f151a34437d7152
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.