ibus-1.5.25-1.2 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10853 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z ibus-1.5.25-1.2 on GA media These are all security issues fixed in the ibus-1.5.25-1.2 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10853 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10853 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2019-14822/ SUSE CVE CVE-2019-14822 page openSUSE Tumbleweed ibus-1.5.25-1.2 ibus-devel-1.5.25-1.2 ibus-dict-emoji-1.5.25-1.2 ibus-gtk-1.5.25-1.2 ibus-gtk-32bit-1.5.25-1.2 ibus-gtk3-1.5.25-1.2 ibus-gtk3-32bit-1.5.25-1.2 ibus-lang-1.5.25-1.2 libibus-1_0-5-1.5.25-1.2 libibus-1_0-5-32bit-1.5.25-1.2 typelib-1_0-IBus-1_0-1.5.25-1.2 ibus-1.5.25-1.2 as a component of openSUSE Tumbleweed ibus-devel-1.5.25-1.2 as a component of openSUSE Tumbleweed ibus-dict-emoji-1.5.25-1.2 as a component of openSUSE Tumbleweed ibus-gtk-1.5.25-1.2 as a component of openSUSE Tumbleweed ibus-gtk-32bit-1.5.25-1.2 as a component of openSUSE Tumbleweed ibus-gtk3-1.5.25-1.2 as a component of openSUSE Tumbleweed ibus-gtk3-32bit-1.5.25-1.2 as a component of openSUSE Tumbleweed ibus-lang-1.5.25-1.2 as a component of openSUSE Tumbleweed libibus-1_0-5-1.5.25-1.2 as a component of openSUSE Tumbleweed libibus-1_0-5-32bit-1.5.25-1.2 as a component of openSUSE Tumbleweed typelib-1_0-IBus-1_0-1.5.25-1.2 as a component of openSUSE Tumbleweed A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user. CVE-2019-14822 openSUSE Tumbleweed:ibus-1.5.25-1.2 openSUSE Tumbleweed:ibus-devel-1.5.25-1.2 openSUSE Tumbleweed:ibus-dict-emoji-1.5.25-1.2 openSUSE Tumbleweed:ibus-gtk-1.5.25-1.2 openSUSE Tumbleweed:ibus-gtk-32bit-1.5.25-1.2 openSUSE Tumbleweed:ibus-gtk3-1.5.25-1.2 openSUSE Tumbleweed:ibus-gtk3-32bit-1.5.25-1.2 openSUSE Tumbleweed:ibus-lang-1.5.25-1.2 openSUSE Tumbleweed:libibus-1_0-5-1.5.25-1.2 openSUSE Tumbleweed:libibus-1_0-5-32bit-1.5.25-1.2 openSUSE Tumbleweed:typelib-1_0-IBus-1_0-1.5.25-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-14822.html CVE-2019-14822 https://bugzilla.suse.com/1150011 SUSE Bug 1150011