ALSA-2020:4451
- Source
- https://errata.almalinux.org/8/ALSA-2020-4451.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4451.json
- Related
-
- CVE-2019-8625
- CVE-2019-8710
- CVE-2019-8720
- CVE-2019-8743
- CVE-2019-8764
- CVE-2019-8766
- CVE-2019-8769
- CVE-2019-8771
- CVE-2019-8782
- CVE-2019-8783
- CVE-2019-8808
- CVE-2019-8811
- CVE-2019-8812
- CVE-2019-8813
- CVE-2019-8814
- CVE-2019-8815
- CVE-2019-8816
- CVE-2019-8819
- CVE-2019-8820
- CVE-2019-8823
- CVE-2019-8835
- CVE-2019-8844
- CVE-2019-8846
- CVE-2020-10018
- CVE-2020-11793
- CVE-2020-14391
- CVE-2020-15503
- CVE-2020-3862
- CVE-2020-3864
- CVE-2020-3865
- CVE-2020-3867
- CVE-2020-3868
- CVE-2020-3885
- CVE-2020-3894
- CVE-2020-3895
- CVE-2020-3897
- CVE-2020-3899
- CVE-2020-3900
- CVE-2020-3901
- CVE-2020-3902
- CVE-2020-9802
- CVE-2020-9803
- CVE-2020-9805
- CVE-2020-9806
- CVE-2020-9807
- CVE-2020-9843
- CVE-2020-9850
- CVE-2020-9862
- CVE-2020-9893
- CVE-2020-9894
- CVE-2020-9895
- CVE-2020-9915
- CVE-2020-9925
- Published
- 2020-11-03T12:05:56Z
- Modified
- 2021-11-12T10:20:56Z
- Summary
- Moderate: GNOME security, bug fix, and enhancement update
- Details
-
GNOME is the default desktop environment of AlmaLinux.
The following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406)
Security Fix(es):
webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793)
gnome-settings-daemon: AlmaLinux Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)
LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
- References
-
- https://errata.almalinux.org/8/ALSA-2020-4451.html
- https://vulners.com/cve/CVE-2019-8625
- https://vulners.com/cve/CVE-2019-8710
- https://vulners.com/cve/CVE-2019-8720
- https://vulners.com/cve/CVE-2019-8743
- https://vulners.com/cve/CVE-2019-8764
- https://vulners.com/cve/CVE-2019-8766
- https://vulners.com/cve/CVE-2019-8769
- https://vulners.com/cve/CVE-2019-8771
- https://vulners.com/cve/CVE-2019-8782
- https://vulners.com/cve/CVE-2019-8783
- https://vulners.com/cve/CVE-2019-8808
- https://vulners.com/cve/CVE-2019-8811
- https://vulners.com/cve/CVE-2019-8812
- https://vulners.com/cve/CVE-2019-8813
- https://vulners.com/cve/CVE-2019-8814
- https://vulners.com/cve/CVE-2019-8815
- https://vulners.com/cve/CVE-2019-8816
- https://vulners.com/cve/CVE-2019-8819
- https://vulners.com/cve/CVE-2019-8820
- https://vulners.com/cve/CVE-2019-8823
- https://vulners.com/cve/CVE-2019-8835
- https://vulners.com/cve/CVE-2019-8844
- https://vulners.com/cve/CVE-2019-8846
- https://vulners.com/cve/CVE-2020-10018
- https://vulners.com/cve/CVE-2020-11793
- https://vulners.com/cve/CVE-2020-14391
- https://vulners.com/cve/CVE-2020-15503
- https://vulners.com/cve/CVE-2020-3862
- https://vulners.com/cve/CVE-2020-3864
- https://vulners.com/cve/CVE-2020-3865
- https://vulners.com/cve/CVE-2020-3867
- https://vulners.com/cve/CVE-2020-3868
- https://vulners.com/cve/CVE-2020-3885
- https://vulners.com/cve/CVE-2020-3894
- https://vulners.com/cve/CVE-2020-3895
- https://vulners.com/cve/CVE-2020-3897
- https://vulners.com/cve/CVE-2020-3899
- https://vulners.com/cve/CVE-2020-3900
- https://vulners.com/cve/CVE-2020-3901
- https://vulners.com/cve/CVE-2020-3902
- https://vulners.com/cve/CVE-2020-9802
- https://vulners.com/cve/CVE-2020-9803
- https://vulners.com/cve/CVE-2020-9805
- https://vulners.com/cve/CVE-2020-9806
- https://vulners.com/cve/CVE-2020-9807
- https://vulners.com/cve/CVE-2020-9843
- https://vulners.com/cve/CVE-2020-9850
- https://vulners.com/cve/CVE-2020-9862
- https://vulners.com/cve/CVE-2020-9893
- https://vulners.com/cve/CVE-2020-9894
- https://vulners.com/cve/CVE-2020-9895
- https://vulners.com/cve/CVE-2020-9915
- https://vulners.com/cve/CVE-2020-9925
- https://vulners.com/cve/CVE-2020-9952
- https://vulners.com/cve/CVE-2021-30666
- https://vulners.com/cve/CVE-2021-30761
- https://vulners.com/cve/CVE-2021-30762
Affected packages
AlmaLinux:8 / LibRaw-devel
Package
- Name
- LibRaw-devel
AlmaLinux:8 / PackageKit
Package
- Name
- PackageKit
AlmaLinux:8 / PackageKit-command-not-found
Package
- Name
- PackageKit-command-not-found
AlmaLinux:8 / PackageKit-cron
Package
- Name
- PackageKit-cron
AlmaLinux:8 / PackageKit-glib
Package
- Name
- PackageKit-glib
AlmaLinux:8 / PackageKit-glib-devel
Package
- Name
- PackageKit-glib-devel
AlmaLinux:8 / PackageKit-gstreamer-plugin
Package
- Name
- PackageKit-gstreamer-plugin
AlmaLinux:8 / PackageKit-gtk3-module
Package
- Name
- PackageKit-gtk3-module
AlmaLinux:8 / dleyna-renderer
Package
- Name
- dleyna-renderer
AlmaLinux:8 / frei0r-devel
Package
- Name
- frei0r-devel
AlmaLinux:8 / frei0r-plugins
Package
- Name
- frei0r-plugins
AlmaLinux:8 / frei0r-plugins-opencv
Package
- Name
- frei0r-plugins-opencv
AlmaLinux:8 / gnome-remote-desktop
Package
- Name
- gnome-remote-desktop
AlmaLinux:8 / gtk-doc
Package
- Name
- gtk-doc
AlmaLinux:8 / gvfs
Package
- Name
- gvfs
AlmaLinux:8 / libsoup
Package
- Name
- libsoup
AlmaLinux:8 / libsoup-devel
Package
- Name
- libsoup-devel
AlmaLinux:8 / mutter-devel
Package
- Name
- mutter-devel
AlmaLinux:8 / nautilus
Package
- Name
- nautilus
AlmaLinux:8 / nautilus-devel
Package
- Name
- nautilus-devel
AlmaLinux:8 / pipewire
Package
- Name
- pipewire
AlmaLinux:8 / pipewire-devel
Package
- Name
- pipewire-devel
AlmaLinux:8 / pipewire-doc
Package
- Name
- pipewire-doc
AlmaLinux:8 / pipewire-libs
Package
- Name
- pipewire-libs
AlmaLinux:8 / pipewire-utils
Package
- Name
- pipewire-utils
AlmaLinux:8 / pipewire0.2-devel
Package
- Name
- pipewire0.2-devel
AlmaLinux:8 / pipewire0.2-libs
Package
- Name
- pipewire0.2-libs
AlmaLinux:8 / potrace
Package
- Name
- potrace
AlmaLinux:8 / pygobject3-devel
Package
- Name
- pygobject3-devel
AlmaLinux:8 / python3-gobject
Package
- Name
- python3-gobject
AlmaLinux:8 / python3-gobject-base
Package
- Name
- python3-gobject-base
AlmaLinux:8 / tracker
Package
- Name
- tracker
AlmaLinux:8 / tracker-devel
Package
- Name
- tracker-devel
AlmaLinux:8 / vte-profile
Package
- Name
- vte-profile
AlmaLinux:8 / vte291
Package
- Name
- vte291
AlmaLinux:8 / vte291-devel
Package
- Name
- vte291-devel
AlmaLinux:8 / webrtc-audio-processing
Package
- Name
- webrtc-audio-processing