colord-1.3.4-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10103-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z colord-1.3.4-1.1 on GA media These are all security issues fixed in the colord-1.3.4-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10103 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2011-4349/ SUSE CVE CVE-2011-4349 page openSUSE Tumbleweed colord-1.3.4-1.1 colord-gtk-0.1.26-2.4 colord-gtk-lang-0.1.26-2.4 colord-lang-1.3.4-1.1 libcolord-devel-1.3.4-1.1 libcolord-gtk-devel-0.1.26-2.4 libcolord-gtk1-0.1.26-2.4 libcolord-gtk1-32bit-0.1.26-2.4 libcolord2-1.3.4-1.1 libcolord2-32bit-1.3.4-1.1 libcolorhug2-1.3.4-1.1 typelib-1_0-ColorHug-1_0-1.3.4-1.1 typelib-1_0-Colord-1_0-1.3.4-1.1 typelib-1_0-ColordGtk-1_0-0.1.26-2.4 colord-1.3.4-1.1 as a component of openSUSE Tumbleweed colord-gtk-0.1.26-2.4 as a component of openSUSE Tumbleweed colord-gtk-lang-0.1.26-2.4 as a component of openSUSE Tumbleweed colord-lang-1.3.4-1.1 as a component of openSUSE Tumbleweed libcolord-devel-1.3.4-1.1 as a component of openSUSE Tumbleweed libcolord-gtk-devel-0.1.26-2.4 as a component of openSUSE Tumbleweed libcolord-gtk1-0.1.26-2.4 as a component of openSUSE Tumbleweed libcolord-gtk1-32bit-0.1.26-2.4 as a component of openSUSE Tumbleweed libcolord2-1.3.4-1.1 as a component of openSUSE Tumbleweed libcolord2-32bit-1.3.4-1.1 as a component of openSUSE Tumbleweed libcolorhug2-1.3.4-1.1 as a component of openSUSE Tumbleweed typelib-1_0-ColorHug-1_0-1.3.4-1.1 as a component of openSUSE Tumbleweed typelib-1_0-Colord-1_0-1.3.4-1.1 as a component of openSUSE Tumbleweed typelib-1_0-ColordGtk-1_0-0.1.26-2.4 as a component of openSUSE Tumbleweed Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and (a) device id, (b) property, or (c) profile id. CVE-2011-4349 openSUSE Tumbleweed:colord-1.3.4-1.1 openSUSE Tumbleweed:colord-gtk-0.1.26-2.4 openSUSE Tumbleweed:colord-gtk-lang-0.1.26-2.4 openSUSE Tumbleweed:colord-lang-1.3.4-1.1 openSUSE Tumbleweed:libcolord-devel-1.3.4-1.1 openSUSE Tumbleweed:libcolord-gtk-devel-0.1.26-2.4 openSUSE Tumbleweed:libcolord-gtk1-0.1.26-2.4 openSUSE Tumbleweed:libcolord-gtk1-32bit-0.1.26-2.4 openSUSE Tumbleweed:libcolord2-1.3.4-1.1 openSUSE Tumbleweed:libcolord2-32bit-1.3.4-1.1 openSUSE Tumbleweed:libcolorhug2-1.3.4-1.1 openSUSE Tumbleweed:typelib-1_0-ColorHug-1_0-1.3.4-1.1 openSUSE Tumbleweed:typelib-1_0-Colord-1_0-1.3.4-1.1 openSUSE Tumbleweed:typelib-1_0-ColordGtk-1_0-0.1.26-2.4 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-4349.html CVE-2011-4349 https://bugzilla.suse.com/698250 SUSE Bug 698250 https://bugzilla.suse.com/732996 SUSE Bug 732996