Security update for plasma5-workspace SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:0397-1 Final 1 1 2018-02-08T08:16:14Z current 2018-02-08T08:16:14Z 2018-02-08T08:16:14Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for plasma5-workspace This update for plasma5-workspace fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2018-6790: Desktop notifications could have been used to load arbitrary remote images into Plasma, allowing for client IP discovery (boo#1079429) - CVE-2018-6791: A specially crafted file system label may have allowed execution of arbitrary code (boo#1079751) The following bugs were fixed: - Plasma could freeze with certain notifications (boo#1013550) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2018-147 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BT2QPNOSYGV4PRT6334ZOQQEDV2F6DFL/#BT2QPNOSYGV4PRT6334ZOQQEDV2F6DFL E-Mail link for openSUSE-SU-2018:0397-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1013550 SUSE Bug 1013550 https://bugzilla.suse.com/1079429 SUSE Bug 1079429 https://bugzilla.suse.com/1079751 SUSE Bug 1079751 https://www.suse.com/security/cve/CVE-2018-6790/ SUSE CVE CVE-2018-6790 page https://www.suse.com/security/cve/CVE-2018-6791/ SUSE CVE CVE-2018-6791 page SUSE Package Hub 12 SP3 drkonqi5-5.8.7-8.1 plasma5-workspace-5.8.7-8.1 plasma5-workspace-devel-5.8.7-8.1 plasma5-workspace-lang-5.8.7-8.1 plasma5-workspace-libs-5.8.7-8.1 drkonqi5-5.8.7-8.1 as a component of SUSE Package Hub 12 SP3 plasma5-workspace-5.8.7-8.1 as a component of SUSE Package Hub 12 SP3 plasma5-workspace-devel-5.8.7-8.1 as a component of SUSE Package Hub 12 SP3 plasma5-workspace-lang-5.8.7-8.1 as a component of SUSE Package Hub 12 SP3 plasma5-workspace-libs-5.8.7-8.1 as a component of SUSE Package Hub 12 SP3 An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element. CVE-2018-6790 SUSE Package Hub 12 SP3:drkonqi5-5.8.7-8.1 SUSE Package Hub 12 SP3:plasma5-workspace-5.8.7-8.1 SUSE Package Hub 12 SP3:plasma5-workspace-devel-5.8.7-8.1 SUSE Package Hub 12 SP3:plasma5-workspace-lang-5.8.7-8.1 SUSE Package Hub 12 SP3:plasma5-workspace-libs-5.8.7-8.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BT2QPNOSYGV4PRT6334ZOQQEDV2F6DFL/#BT2QPNOSYGV4PRT6334ZOQQEDV2F6DFL https://www.suse.com/security/cve/CVE-2018-6790.html CVE-2018-6790 https://bugzilla.suse.com/1079429 SUSE Bug 1079429 An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder. CVE-2018-6791 SUSE Package Hub 12 SP3:drkonqi5-5.8.7-8.1 SUSE Package Hub 12 SP3:plasma5-workspace-5.8.7-8.1 SUSE Package Hub 12 SP3:plasma5-workspace-devel-5.8.7-8.1 SUSE Package Hub 12 SP3:plasma5-workspace-lang-5.8.7-8.1 SUSE Package Hub 12 SP3:plasma5-workspace-libs-5.8.7-8.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BT2QPNOSYGV4PRT6334ZOQQEDV2F6DFL/#BT2QPNOSYGV4PRT6334ZOQQEDV2F6DFL https://www.suse.com/security/cve/CVE-2018-6791.html CVE-2018-6791 https://bugzilla.suse.com/1079751 SUSE Bug 1079751