openSUSE-SU-2018:0398-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2018:0398-1.json

JSON Data

https://api.osv.dev/v1/vulns/openSUSE-SU-2018:0398-1

Related

Published

2018-02-08T08:16:14Z

Modified

2025-05-02T04:30:00.254894Z

Upstream

CVE-2018-6790

CVE-2018-6791

Summary

Security update for plasma5-workspace

Details

This update for plasma5-workspace fixes security issues and bugs.

The following vulnerabilities were fixed:

CVE-2018-6790: Desktop notifications could have been used to load arbitrary remote images into Plasma, allowing for client IP discovery (boo#1079429)
CVE-2018-6791: A specially crafted file system label may have allowed execution of arbitrary code (boo#1079751)

The following bugs were fixed:

Plasma could freeze with certain notifications (boo#1013550)

References

Affected packages

SUSE:Package Hub 12 SP3 / plasma5-workspace

Package

Name: plasma5-workspace
Purl: pkg:rpm/suse/plasma5-workspace&distro=SUSE%20Package%20Hub%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.8.7-8.1

Ecosystem specific

{
    "binaries": [
        {
            "drkonqi5": "5.8.7-8.1",
            "plasma5-workspace-devel": "5.8.7-8.1",
            "plasma5-workspace": "5.8.7-8.1",
            "plasma5-workspace-lang": "5.8.7-8.1",
            "plasma5-workspace-libs": "5.8.7-8.1"
        }
    ]
}