openSUSE Security Update : plasma5-workspace (openSUSE-2018-147)

This script is Copyright (C) 2018 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for plasma5-workspace fixes security issues and bugs.

The following vulnerabilities were fixed :

- CVE-2018-6790: Desktop notifications could have been
used to load arbitrary remote images into Plasma,
allowing for client IP discovery (boo#1079429)

- CVE-2018-6791: A specially crafted file system label may
have allowed execution of arbitrary code (boo#1079751)

The following bugs were fixed :

- Plasma could freeze with certain notifications
(boo#1013550)

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1013550
https://bugzilla.opensuse.org/show_bug.cgi?id=1079429
https://bugzilla.opensuse.org/show_bug.cgi?id=1079751

Solution :

Update the affected plasma5-workspace packages.

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 106702 ()

Bugtraq ID:

CVE ID: CVE-2018-6790
CVE-2018-6791

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now