openSUSE Security Update : syncthing / syncthing-gtk (openSUSE-2017-30)

medium Nessus Plugin ID 96375

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This updates syncthing to version 0.14.16 and fixes the following issues :

The following security issue was fixed :

- A remote device that was already accepted by syncthing could perform arbitrary reads and writes outside of the configured directories (boo#1016161) This update also contains a number of upstream improvements in the 0.14.14 version, including :

- improved performance

- UI improvements

- prevention of data inconsistencies syncthing-gtk was updated to 0.9.2.3 to fix reading the configuration with non-ASCII locales. The new version is compatible with syncthing 0.14.x and includes various improvement and fixes.

Solution

Update the affected syncthing / syncthing-gtk packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1016161

Plugin Details

Severity: Medium

ID: 96375

File Name: openSUSE-2017-30.nasl

Version: 3.3

Type: local

Agent: unix

Published: 1/10/2017

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:syncthing, p-cpe:/a:novell:opensuse:syncthing-gtk, p-cpe:/a:novell:opensuse:syncthing-gtk-lang, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 1/7/2017