libgnomesu-2.0.0-2.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10076-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libgnomesu-2.0.0-2.3 on GA media These are all security issues fixed in the libgnomesu-2.0.0-2.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10076 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2011-1946/ SUSE CVE CVE-2011-1946 page openSUSE Tumbleweed libgnomesu-2.0.0-2.3 libgnomesu-devel-2.0.0-2.3 libgnomesu-lang-2.0.0-2.3 libgnomesu0-2.0.0-2.3 libgnomesu-2.0.0-2.3 as a component of openSUSE Tumbleweed libgnomesu-devel-2.0.0-2.3 as a component of openSUSE Tumbleweed libgnomesu-lang-2.0.0-2.3 as a component of openSUSE Tumbleweed libgnomesu0-2.0.0-2.3 as a component of openSUSE Tumbleweed gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of these accounts. CVE-2011-1946 openSUSE Tumbleweed:libgnomesu-2.0.0-2.3 openSUSE Tumbleweed:libgnomesu-devel-2.0.0-2.3 openSUSE Tumbleweed:libgnomesu-lang-2.0.0-2.3 openSUSE Tumbleweed:libgnomesu0-2.0.0-2.3 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-1946.html CVE-2011-1946 https://bugzilla.suse.com/695627 SUSE Bug 695627