Security update for gnuhealth SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:0534-1 Final 1 1 2020-04-17T10:15:42Z current 2020-04-17T10:15:42Z 2020-04-17T10:15:42Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for gnuhealth This update for gnuhealth fixes the following issues: - Fixed a local privilege escalation in gnuhealth-control, use of static tmp file/http transport (bsc#1167126) - Fixed a local DoS of backup functionality in gnuhealth-control due to use of static tmp files (bsc#1167128) This update was imported from the openSUSE:Leap:15.1:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-534 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DANL66BPH4W4SPQ64Q3JI7TIH7CSU7QN/ E-Mail link for openSUSE-SU-2020:0534-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1167126 SUSE Bug 1167126 https://bugzilla.suse.com/1167128 SUSE Bug 1167128 SUSE Package Hub 15 SP1 gnuhealth-3.4.1-bp151.3.9.4 gnuhealth-3.4.1-bp151.3.9.4 as a component of SUSE Package Hub 15 SP1