Vulnerabilities > CVE-2019-12795 - Incorrect Default Permissions vulnerability in Gnome Gvfs

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
gnome
CWE-276
nessus

Summary

daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)

Vulnerable Configurations

Part Description Count
Application
Gnome
193

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Accessing Functionality Not Properly Constrained by ACLs
    In applications, particularly web applications, access to functionality is mitigated by the authorization framework, whose job it is to map ACLs to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application or can run queries for data that he is otherwise not supposed to.
  • Directory Indexing
    An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.
  • Footprinting
    An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
  • Embedding Scripts within Scripts
    An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
  • Web Logs Tampering
    Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4053-1.NASL
    descriptionIt was discovered that GVfs incorrectly handled the admin backend. Files created or moved by the admin backend could end up with the wrong ownership information, contrary to expectations. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-12447, CVE-2019-12448, CVE-2019-12449) It was discovered that GVfs incorrectly handled authentication on its private D-Bus socket. A local attacker could possibly connect to this socket and issue D-Bus calls. (CVE-2019-12795). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126598
    published2019-07-10
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126598
    titleUbuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : gvfs vulnerabilities (USN-4053-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-4053-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126598);
      script_version("1.5");
      script_cvs_date("Date: 2020/01/08");
    
      script_cve_id("CVE-2019-12447", "CVE-2019-12448", "CVE-2019-12449", "CVE-2019-12795");
      script_xref(name:"USN", value:"4053-1");
    
      script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : gvfs vulnerabilities (USN-4053-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that GVfs incorrectly handled the admin backend.
    Files created or moved by the admin backend could end up with the
    wrong ownership information, contrary to expectations. This issue only
    affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04.
    (CVE-2019-12447, CVE-2019-12448, CVE-2019-12449)
    
    It was discovered that GVfs incorrectly handled authentication on its
    private D-Bus socket. A local attacker could possibly connect to this
    socket and issue D-Bus calls. (CVE-2019-12795).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/4053-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected gvfs and / or gvfs-backends packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gvfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gvfs-backends");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.10");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.04");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/29");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/10");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(16\.04|18\.04|18\.10|19\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 18.04 / 18.10 / 19.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"16.04", pkgname:"gvfs", pkgver:"1.28.2-1ubuntu1~16.04.3")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"gvfs-backends", pkgver:"1.28.2-1ubuntu1~16.04.3")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"gvfs", pkgver:"1.36.1-0ubuntu1.3.3")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"gvfs-backends", pkgver:"1.36.1-0ubuntu1.3.3")) flag++;
    if (ubuntu_check(osver:"18.10", pkgname:"gvfs", pkgver:"1.38.1-0ubuntu1.3.2")) flag++;
    if (ubuntu_check(osver:"18.10", pkgname:"gvfs-backends", pkgver:"1.38.1-0ubuntu1.3.2")) flag++;
    if (ubuntu_check(osver:"19.04", pkgname:"gvfs", pkgver:"1.40.1-1ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"19.04", pkgname:"gvfs-backends", pkgver:"1.40.1-1ubuntu0.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gvfs / gvfs-backends");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1907.NASL
    descriptionAccording to the version of the gvfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)(CVE-2019-12795) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-09-16
    plugin id128830
    published2019-09-16
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128830
    titleEulerOS 2.0 SP5 : gvfs (EulerOS-SA-2019-1907)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128830);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/07");
    
      script_cve_id(
        "CVE-2019-12795"
      );
    
      script_name(english:"EulerOS 2.0 SP5 : gvfs (EulerOS-SA-2019-1907)");
      script_summary(english:"Checks the rpm output for the updated package.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing a security update.");
      script_set_attribute(attribute:"description", value:
    "According to the version of the gvfs packages installed, the EulerOS
    installation on the remote host is affected by the following
    vulnerability :
    
      - daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before
        1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3
        opened a private D-Bus server socket without
        configuring an authorization rule. A local attacker
        could connect to this server socket and issue D-Bus
        method calls. (Note that the server socket only accepts
        a single connection, so the attacker would have to
        discover the server and connect to the socket before
        its owner does.)(CVE-2019-12795)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1907
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0a23ba3d");
      script_set_attribute(attribute:"solution", value:
    "Update the affected gvfs package.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/16");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-afc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-afp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-archive");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-client");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-fuse");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-goa");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-gphoto2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-mtp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:gvfs-smb");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(5)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["gvfs-1.30.4-5.h1.eulerosv2r7",
            "gvfs-afc-1.30.4-5.h1.eulerosv2r7",
            "gvfs-afp-1.30.4-5.h1.eulerosv2r7",
            "gvfs-archive-1.30.4-5.h1.eulerosv2r7",
            "gvfs-client-1.30.4-5.h1.eulerosv2r7",
            "gvfs-devel-1.30.4-5.h1.eulerosv2r7",
            "gvfs-fuse-1.30.4-5.h1.eulerosv2r7",
            "gvfs-goa-1.30.4-5.h1.eulerosv2r7",
            "gvfs-gphoto2-1.30.4-5.h1.eulerosv2r7",
            "gvfs-mtp-1.30.4-5.h1.eulerosv2r7",
            "gvfs-smb-1.30.4-5.h1.eulerosv2r7"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"5", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gvfs");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1697.NASL
    descriptionThis update for gvfs fixes the following issues : Security issues fixed : - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls (bsc#1137930). - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of setfsuid (bsc#1136986). - CVE-2019-12449: Fixed an improper handling of file
    last seen2020-06-01
    modified2020-06-02
    plugin id126522
    published2019-07-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126522
    titleopenSUSE Security Update : gvfs (openSUSE-2019-1697)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2019-1697.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126522);
      script_version("1.4");
      script_cvs_date("Date: 2020/01/08");
    
      script_cve_id("CVE-2019-12447", "CVE-2019-12448", "CVE-2019-12449", "CVE-2019-12795");
    
      script_name(english:"openSUSE Security Update : gvfs (openSUSE-2019-1697)");
      script_summary(english:"Check for the openSUSE-2019-1697 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for gvfs fixes the following issues :
    
    Security issues fixed :
    
      - CVE-2019-12795: Fixed a vulnerability which could have
        allowed attacks via local D-Bus method calls
        (bsc#1137930).
    
      - CVE-2019-12447: Fixed an improper handling of file
        ownership in daemon/gvfsbackendadmin.c due to no use of
        setfsuid (bsc#1136986). 
    
      - CVE-2019-12449: Fixed an improper handling of file's
        user and group ownership in daemon/gvfsbackendadmin.c
        (bsc#1136992).
    
      - CVE-2019-12448: Fixed race conditions in
        daemon/gvfsbackendadmin.c due to implementation of
        query_info_on_read/write at admin backend (bsc#1136981).
    
    Other issue addressed :
    
      - Drop polkit rules files that are only relevant for wheel
        group (bsc#1125433).
    
    This update was imported from the SUSE:SLE-15:Update update project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1125433"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1136981"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1136986"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1136992"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1137930"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected gvfs packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-32bit-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-backend-afc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-backend-afc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-backend-samba");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-backend-samba-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-backends");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-backends-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-fuse");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-fuse-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gvfs-lang");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/29");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/08");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-backend-afc-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-backend-afc-debuginfo-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-backend-samba-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-backend-samba-debuginfo-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-backends-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-backends-debuginfo-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-debuginfo-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-debugsource-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-devel-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-fuse-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-fuse-debuginfo-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"gvfs-lang-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"gvfs-32bit-1.34.2.1-lp151.6.3.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"gvfs-32bit-debuginfo-1.34.2.1-lp151.6.3.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gvfs / gvfs-backend-afc / gvfs-backend-afc-debuginfo / etc");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1768.NASL
    descriptionAccording to the version of the gvfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)(CVE-2019-12795) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-03
    modified2019-07-25
    plugin id127005
    published2019-07-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127005
    titleEulerOS 2.0 SP8 : gvfs (EulerOS-SA-2019-1768)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2039.NASL
    descriptionAccording to the version of the gvfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)(CVE-2019-12795) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-09-24
    plugin id129232
    published2019-09-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129232
    titleEulerOS 2.0 SP3 : gvfs (EulerOS-SA-2019-2039)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3553.NASL
    descriptionAn update for GNOME is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix(es) : * evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459) * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id130552
    published2019-11-06
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130552
    titleRHEL 8 : GNOME (RHSA-2019:3553)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-E6B02AF8B8.NASL
    descriptionUpdate to 1.38.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id127533
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127533
    titleFedora 29 : gvfs (2019-e6b02af8b8)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1749.NASL
    descriptionAccording to the version of the gvfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.)(CVE-2019-12795) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-07-22
    plugin id126876
    published2019-07-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126876
    titleEulerOS 2.0 SP2 : gvfs (EulerOS-SA-2019-1749)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-6ED5523CC0.NASL
    descriptionUpdate to 1.40.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126838
    published2019-07-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126838
    titleFedora 30 : gvfs (2019-6ed5523cc0)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1717-1.NASL
    descriptionThis update for gvfs fixes the following issues : Security issues fixed : CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls (bsc#1137930). CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of setfsuid (bsc#1136986). CVE-2019-12449: Fixed an improper handling of file
    last seen2020-06-01
    modified2020-06-02
    plugin id126444
    published2019-07-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126444
    titleSUSE SLED15 / SLES15 Security Update : gvfs (SUSE-SU-2019:1717-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1699.NASL
    descriptionThis update for gvfs fixes the following issues : Security issues fixed : - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls (bsc#1137930). - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of setfsuid (bsc#1136986). - CVE-2019-12449: Fixed an improper handling of file
    last seen2020-06-01
    modified2020-06-02
    plugin id126523
    published2019-07-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126523
    titleopenSUSE Security Update : gvfs (openSUSE-2019-1699)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1827.NASL
    descriptionSimon McVittie discovered a flaw in gvfs, the Gnome Virtual File System. The gvfsd daemon opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.) For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id126054
    published2019-06-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126054
    titleDebian DLA-1827-1 : gvfs security update

Redhat

advisories
bugzilla
id1741547
title[abrt] [faf] gnome-shell: meta_window_actor_show(): /usr/bin/gnome-shell killed by 11
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 8 is installed
      ovaloval:com.redhat.rhba:tst:20193384074
    • OR
      • AND
        • commentwayland-protocols-devel is earlier than 0:1.17-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553001
        • commentwayland-protocols-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140496
      • AND
        • commentSDL-debugsource is earlier than 0:1.2.15-35.el8
          ovaloval:com.redhat.rhsa:tst:20193553003
        • commentSDL-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553004
      • AND
        • commentSDL is earlier than 0:1.2.15-35.el8
          ovaloval:com.redhat.rhsa:tst:20193553005
        • commentSDL is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553006
      • AND
        • commentSDL-devel is earlier than 0:1.2.15-35.el8
          ovaloval:com.redhat.rhsa:tst:20193553007
        • commentSDL-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553008
      • AND
        • commentgnome-remote-desktop is earlier than 0:0.1.6-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553009
        • commentgnome-remote-desktop is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553010
      • AND
        • commentgnome-remote-desktop-debugsource is earlier than 0:0.1.6-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553011
        • commentgnome-remote-desktop-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553012
      • AND
        • commentfile-roller-debugsource is earlier than 0:3.28.1-2.el8
          ovaloval:com.redhat.rhsa:tst:20193553013
        • commentfile-roller-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553014
      • AND
        • commentfile-roller is earlier than 0:3.28.1-2.el8
          ovaloval:com.redhat.rhsa:tst:20193553015
        • commentfile-roller is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140706
      • AND
        • commentlibpurple is earlier than 0:2.13.0-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553017
        • commentlibpurple is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044040
      • AND
        • commentpidgin-debugsource is earlier than 0:2.13.0-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553019
        • commentpidgin-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553020
      • AND
        • commentpidgin is earlier than 0:2.13.0-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553021
        • commentpidgin is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044044
      • AND
        • commentpidgin-devel is earlier than 0:2.13.0-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553023
        • commentpidgin-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044034
      • AND
        • commentlibpurple-devel is earlier than 0:2.13.0-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553025
        • commentlibpurple-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044042
      • AND
        • commentgnome-desktop3-devel is earlier than 0:3.32.2-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553027
        • commentgnome-desktop3-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140174
      • AND
        • commentgnome-desktop3-debugsource is earlier than 0:3.32.2-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553029
        • commentgnome-desktop3-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553030
      • AND
        • commentgnome-desktop3 is earlier than 0:3.32.2-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553031
        • commentgnome-desktop3 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140176
      • AND
        • commentevince-libs is earlier than 0:3.28.4-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553033
        • commentevince-libs is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20110009002
      • AND
        • commentevince is earlier than 0:3.28.4-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553035
        • commentevince is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20110009004
      • AND
        • commentevince-browser-plugin is earlier than 0:3.28.4-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553037
        • commentevince-browser-plugin is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20172388004
      • AND
        • commentevince-nautilus is earlier than 0:3.28.4-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553039
        • commentevince-nautilus is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20172388012
      • AND
        • commentevince-debugsource is earlier than 0:3.28.4-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553041
        • commentevince-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553042
      • AND
        • commentaccountsservice is earlier than 0:0.6.50-7.el8
          ovaloval:com.redhat.rhsa:tst:20193553043
        • commentaccountsservice is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044118
      • AND
        • commentaccountsservice-debugsource is earlier than 0:0.6.50-7.el8
          ovaloval:com.redhat.rhsa:tst:20193553045
        • commentaccountsservice-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553046
      • AND
        • commentaccountsservice-libs is earlier than 0:0.6.50-7.el8
          ovaloval:com.redhat.rhsa:tst:20193553047
        • commentaccountsservice-libs is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044116
      • AND
        • commentaccountsservice-devel is earlier than 0:0.6.50-7.el8
          ovaloval:com.redhat.rhsa:tst:20193553049
        • commentaccountsservice-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044120
      • AND
        • commentgnome-tweaks is earlier than 0:3.28.1-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553051
        • commentgnome-tweaks is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553052
      • AND
        • commentnautilus-extensions is earlier than 0:3.28.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553053
        • commentnautilus-extensions is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044112
      • AND
        • commentnautilus is earlier than 0:3.28.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553055
        • commentnautilus is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044110
      • AND
        • commentnautilus-debugsource is earlier than 0:3.28.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553057
        • commentnautilus-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553058
      • AND
        • commentnautilus-devel is earlier than 0:3.28.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553059
        • commentnautilus-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044114
      • AND
        • commentbaobab is earlier than 0:3.28.0-2.el8
          ovaloval:com.redhat.rhsa:tst:20193553061
        • commentbaobab is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140022
      • AND
        • commentbaobab-debugsource is earlier than 0:3.28.0-2.el8
          ovaloval:com.redhat.rhsa:tst:20193553063
        • commentbaobab-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553064
      • AND
        • commentgnome-settings-daemon-debugsource is earlier than 0:3.32.0-4.el8
          ovaloval:com.redhat.rhsa:tst:20193553065
        • commentgnome-settings-daemon-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553066
      • AND
        • commentgnome-settings-daemon is earlier than 0:3.32.0-4.el8
          ovaloval:com.redhat.rhsa:tst:20193553067
        • commentgnome-settings-daemon is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044126
      • AND
        • commentwebkit2gtk3-debugsource is earlier than 0:2.24.3-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553069
        • commentwebkit2gtk3-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553070
      • AND
        • commentwebkit2gtk3-plugin-process-gtk2 is earlier than 0:2.24.3-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553071
        • commentwebkit2gtk3-plugin-process-gtk2 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553072
      • AND
        • commentwebkit2gtk3 is earlier than 0:2.24.3-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553073
        • commentwebkit2gtk3 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553074
      • AND
        • commentwebkit2gtk3-jsc is earlier than 0:2.24.3-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553075
        • commentwebkit2gtk3-jsc is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553076
      • AND
        • commentwebkit2gtk3-jsc-devel is earlier than 0:2.24.3-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553077
        • commentwebkit2gtk3-jsc-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553078
      • AND
        • commentwebkit2gtk3-devel is earlier than 0:2.24.3-1.el8
          ovaloval:com.redhat.rhsa:tst:20193553079
        • commentwebkit2gtk3-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553080
      • AND
        • commentgnome-software-editor is earlier than 0:3.30.6-2.el8
          ovaloval:com.redhat.rhsa:tst:20193553081
        • commentgnome-software-editor is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140794
      • AND
        • commentgnome-software-debugsource is earlier than 0:3.30.6-2.el8
          ovaloval:com.redhat.rhsa:tst:20193553083
        • commentgnome-software-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553084
      • AND
        • commentgnome-software is earlier than 0:3.30.6-2.el8
          ovaloval:com.redhat.rhsa:tst:20193553085
        • commentgnome-software is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140798
      • AND
        • commentchrome-gnome-shell is earlier than 0:10.1-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553087
        • commentchrome-gnome-shell is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553088
      • AND
        • commentgnome-control-center-filesystem is earlier than 0:3.28.2-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553089
        • commentgnome-control-center-filesystem is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553090
      • AND
        • commentgnome-control-center is earlier than 0:3.28.2-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553091
        • commentgnome-control-center is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553092
      • AND
        • commentgnome-control-center-debugsource is earlier than 0:3.28.2-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553093
        • commentgnome-control-center-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553094
      • AND
        • commentgsettings-desktop-schemas is earlier than 0:3.32.0-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553095
        • commentgsettings-desktop-schemas is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140756
      • AND
        • commentgsettings-desktop-schemas-devel is earlier than 0:3.32.0-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553097
        • commentgsettings-desktop-schemas-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140754
      • AND
        • commentgnome-shell-extension-windowsNavigator is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553099
        • commentgnome-shell-extension-windowsNavigator is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044166
      • AND
        • commentgnome-shell-extension-systemMonitor is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553101
        • commentgnome-shell-extension-systemMonitor is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044164
      • AND
        • commentgnome-shell-extension-top-icons is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553103
        • commentgnome-shell-extension-top-icons is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044144
      • AND
        • commentgnome-shell-extension-desktop-icons is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553105
        • commentgnome-shell-extension-desktop-icons is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553106
      • AND
        • commentgnome-shell-extension-panel-favorites is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553107
        • commentgnome-shell-extension-panel-favorites is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044152
      • AND
        • commentgnome-shell-extension-launch-new-instance is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553109
        • commentgnome-shell-extension-launch-new-instance is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044142
      • AND
        • commentgnome-shell-extension-workspace-indicator is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553111
        • commentgnome-shell-extension-workspace-indicator is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044158
      • AND
        • commentgnome-shell-extension-window-list is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553113
        • commentgnome-shell-extension-window-list is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044134
      • AND
        • commentgnome-shell-extension-horizontal-workspaces is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553115
        • commentgnome-shell-extension-horizontal-workspaces is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553116
      • AND
        • commentgnome-classic-session is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553117
        • commentgnome-classic-session is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044146
      • AND
        • commentgnome-shell-extension-apps-menu is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553119
        • commentgnome-shell-extension-apps-menu is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044132
      • AND
        • commentgnome-shell-extension-drive-menu is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553121
        • commentgnome-shell-extension-drive-menu is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044150
      • AND
        • commentgnome-shell-extension-no-hot-corner is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553123
        • commentgnome-shell-extension-no-hot-corner is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044154
      • AND
        • commentgnome-shell-extension-screenshot-window-sizer is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553125
        • commentgnome-shell-extension-screenshot-window-sizer is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044168
      • AND
        • commentgnome-shell-extension-updates-dialog is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553127
        • commentgnome-shell-extension-updates-dialog is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044160
      • AND
        • commentgnome-shell-extension-places-menu is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553129
        • commentgnome-shell-extension-places-menu is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044140
      • AND
        • commentgnome-shell-extension-auto-move-windows is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553131
        • commentgnome-shell-extension-auto-move-windows is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044148
      • AND
        • commentgnome-shell-extension-window-grouper is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553133
        • commentgnome-shell-extension-window-grouper is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553134
      • AND
        • commentgnome-shell-extension-common is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553135
        • commentgnome-shell-extension-common is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044138
      • AND
        • commentgnome-shell-extension-disable-screenshield is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553137
        • commentgnome-shell-extension-disable-screenshield is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553138
      • AND
        • commentgnome-shell-extension-dash-to-dock is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553139
        • commentgnome-shell-extension-dash-to-dock is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044162
      • AND
        • commentgnome-shell-extension-native-window-placement is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553141
        • commentgnome-shell-extension-native-window-placement is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044156
      • AND
        • commentgnome-shell-extension-user-theme is earlier than 0:3.32.1-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553143
        • commentgnome-shell-extension-user-theme is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044136
      • AND
        • commentgdm-debugsource is earlier than 1:3.28.3-22.el8
          ovaloval:com.redhat.rhsa:tst:20193553145
        • commentgdm-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553146
      • AND
        • commentgdm is earlier than 1:3.28.3-22.el8
          ovaloval:com.redhat.rhsa:tst:20193553147
        • commentgdm is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20110395006
      • AND
        • commentappstream-data is earlier than 0:8-20190805.el8
          ovaloval:com.redhat.rhsa:tst:20193553149
        • commentappstream-data is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140008
      • AND
        • commentgvfs-debugsource is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553151
        • commentgvfs-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20191517012
      • AND
        • commentgvfs-smb is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553153
        • commentgvfs-smb is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140298
      • AND
        • commentgvfs-mtp is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553155
        • commentgvfs-mtp is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140296
      • AND
        • commentgvfs-gphoto2 is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553157
        • commentgvfs-gphoto2 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140306
      • AND
        • commentgvfs-fuse is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553159
        • commentgvfs-fuse is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140310
      • AND
        • commentgvfs-devel is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553161
        • commentgvfs-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140294
      • AND
        • commentgvfs-client is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553163
        • commentgvfs-client is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140300
      • AND
        • commentgvfs is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553165
        • commentgvfs is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140304
      • AND
        • commentgvfs-goa is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553167
        • commentgvfs-goa is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140308
      • AND
        • commentgvfs-archive is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553169
        • commentgvfs-archive is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140302
      • AND
        • commentgvfs-afp is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553171
        • commentgvfs-afp is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140312
      • AND
        • commentgvfs-afc is earlier than 0:1.36.2-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553173
        • commentgvfs-afc is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140314
      • AND
        • commentgnome-shell-debugsource is earlier than 0:3.32.2-9.el8
          ovaloval:com.redhat.rhsa:tst:20193553175
        • commentgnome-shell-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553176
      • AND
        • commentgnome-shell is earlier than 0:3.32.2-9.el8
          ovaloval:com.redhat.rhsa:tst:20193553177
        • commentgnome-shell is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044170
      • AND
        • commentgtk3-debugsource is earlier than 0:3.22.30-4.el8
          ovaloval:com.redhat.rhsa:tst:20193553179
        • commentgtk3-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553180
      • AND
        • commentgtk3-immodule-xim is earlier than 0:3.22.30-4.el8
          ovaloval:com.redhat.rhsa:tst:20193553181
        • commentgtk3-immodule-xim is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152116106
      • AND
        • commentgtk3-devel is earlier than 0:3.22.30-4.el8
          ovaloval:com.redhat.rhsa:tst:20193553183
        • commentgtk3-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152116104
      • AND
        • commentgtk3 is earlier than 0:3.22.30-4.el8
          ovaloval:com.redhat.rhsa:tst:20193553185
        • commentgtk3 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152116108
      • AND
        • commentgtk-update-icon-cache is earlier than 0:3.22.30-4.el8
          ovaloval:com.redhat.rhsa:tst:20193553187
        • commentgtk-update-icon-cache is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140772
      • AND
        • commentmutter-debugsource is earlier than 0:3.32.2-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553189
        • commentmutter-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553190
      • AND
        • commentmutter is earlier than 0:3.32.2-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553191
        • commentmutter is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044106
      • AND
        • commentmutter-devel is earlier than 0:3.32.2-10.el8
          ovaloval:com.redhat.rhsa:tst:20193553193
        • commentmutter-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044108
      • AND
        • commentpango-debugsource is earlier than 0:1.42.4-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553195
        • commentpango-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20192582002
      • AND
        • commentpango-devel is earlier than 0:1.42.4-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553197
        • commentpango-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152116012
      • AND
        • commentpango is earlier than 0:1.42.4-6.el8
          ovaloval:com.redhat.rhsa:tst:20193553199
        • commentpango is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152116010
      • AND
        • commentgdk-pixbuf2-debugsource is earlier than 0:2.36.12-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553201
        • commentgdk-pixbuf2-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553202
      • AND
        • commentgdk-pixbuf2 is earlier than 0:2.36.12-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553203
        • commentgdk-pixbuf2 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152116098
      • AND
        • commentgdk-pixbuf2-modules is earlier than 0:2.36.12-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553205
        • commentgdk-pixbuf2-modules is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553206
      • AND
        • commentgdk-pixbuf2-devel is earlier than 0:2.36.12-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553207
        • commentgdk-pixbuf2-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152116100
      • AND
        • commentgdk-pixbuf2-xlib-devel is earlier than 0:2.36.12-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553209
        • commentgdk-pixbuf2-xlib-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553210
      • AND
        • commentgdk-pixbuf2-xlib is earlier than 0:2.36.12-5.el8
          ovaloval:com.redhat.rhsa:tst:20193553211
        • commentgdk-pixbuf2-xlib is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553212
      • AND
        • commentplymouth-plugin-label is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553213
        • commentplymouth-plugin-label is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044070
      • AND
        • commentplymouth-plugin-fade-throbber is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553215
        • commentplymouth-plugin-fade-throbber is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044088
      • AND
        • commentplymouth-graphics-libs is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553217
        • commentplymouth-graphics-libs is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044076
      • AND
        • commentplymouth-core-libs is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553219
        • commentplymouth-core-libs is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044078
      • AND
        • commentplymouth is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553221
        • commentplymouth is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044084
      • AND
        • commentplymouth-debugsource is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553223
        • commentplymouth-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553224
      • AND
        • commentplymouth-theme-spinner is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553225
        • commentplymouth-theme-spinner is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044096
      • AND
        • commentplymouth-theme-spinfinity is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553227
        • commentplymouth-theme-spinfinity is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044086
      • AND
        • commentplymouth-theme-solar is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553229
        • commentplymouth-theme-solar is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044090
      • AND
        • commentplymouth-theme-script is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553231
        • commentplymouth-theme-script is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044094
      • AND
        • commentplymouth-theme-fade-in is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553233
        • commentplymouth-theme-fade-in is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044102
      • AND
        • commentplymouth-theme-charge is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553235
        • commentplymouth-theme-charge is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044080
      • AND
        • commentplymouth-system-theme is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553237
        • commentplymouth-system-theme is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044082
      • AND
        • commentplymouth-scripts is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553239
        • commentplymouth-scripts is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044074
      • AND
        • commentplymouth-plugin-two-step is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553241
        • commentplymouth-plugin-two-step is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044072
      • AND
        • commentplymouth-plugin-throbgress is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553243
        • commentplymouth-plugin-throbgress is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044104
      • AND
        • commentplymouth-plugin-space-flares is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553245
        • commentplymouth-plugin-space-flares is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044098
      • AND
        • commentplymouth-plugin-script is earlier than 0:0.9.3-15.el8
          ovaloval:com.redhat.rhsa:tst:20193553247
        • commentplymouth-plugin-script is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20192044092
      • AND
        • commentmozjs60-debugsource is earlier than 0:60.9.0-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553249
        • commentmozjs60-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553250
      • AND
        • commentmozjs60 is earlier than 0:60.9.0-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553251
        • commentmozjs60 is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553252
      • AND
        • commentmozjs60-devel is earlier than 0:60.9.0-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553253
        • commentmozjs60-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553254
      • AND
        • commentgjs-debugsource is earlier than 0:1.56.2-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553255
        • commentgjs-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20193553256
      • AND
        • commentgjs is earlier than 0:1.56.2-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553257
        • commentgjs is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140144
      • AND
        • commentgjs-devel is earlier than 0:1.56.2-3.el8
          ovaloval:com.redhat.rhsa:tst:20193553259
        • commentgjs-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20183140140
rhsa
idRHSA-2019:3553
released2019-11-05
severityLow
titleRHSA-2019:3553: GNOME security, bug fix, and enhancement update (Low)
rpms
  • SDL-0:1.2.15-35.el8
  • SDL-debuginfo-0:1.2.15-35.el8
  • SDL-debugsource-0:1.2.15-35.el8
  • SDL-devel-0:1.2.15-35.el8
  • accountsservice-0:0.6.50-7.el8
  • accountsservice-debuginfo-0:0.6.50-7.el8
  • accountsservice-debugsource-0:0.6.50-7.el8
  • accountsservice-devel-0:0.6.50-7.el8
  • accountsservice-libs-0:0.6.50-7.el8
  • accountsservice-libs-debuginfo-0:0.6.50-7.el8
  • appstream-data-0:8-20190805.el8
  • baobab-0:3.28.0-2.el8
  • baobab-debuginfo-0:3.28.0-2.el8
  • baobab-debugsource-0:3.28.0-2.el8
  • chrome-gnome-shell-0:10.1-6.el8
  • evince-0:3.28.4-3.el8
  • evince-browser-plugin-0:3.28.4-3.el8
  • evince-browser-plugin-debuginfo-0:3.28.4-3.el8
  • evince-debuginfo-0:3.28.4-3.el8
  • evince-debugsource-0:3.28.4-3.el8
  • evince-libs-0:3.28.4-3.el8
  • evince-libs-debuginfo-0:3.28.4-3.el8
  • evince-nautilus-0:3.28.4-3.el8
  • evince-nautilus-debuginfo-0:3.28.4-3.el8
  • file-roller-0:3.28.1-2.el8
  • file-roller-debuginfo-0:3.28.1-2.el8
  • file-roller-debugsource-0:3.28.1-2.el8
  • finch-debuginfo-0:2.13.0-5.el8
  • gdk-pixbuf2-0:2.36.12-5.el8
  • gdk-pixbuf2-debuginfo-0:2.36.12-5.el8
  • gdk-pixbuf2-debugsource-0:2.36.12-5.el8
  • gdk-pixbuf2-devel-0:2.36.12-5.el8
  • gdk-pixbuf2-devel-debuginfo-0:2.36.12-5.el8
  • gdk-pixbuf2-modules-0:2.36.12-5.el8
  • gdk-pixbuf2-modules-debuginfo-0:2.36.12-5.el8
  • gdk-pixbuf2-tests-debuginfo-0:2.36.12-5.el8
  • gdk-pixbuf2-xlib-0:2.36.12-5.el8
  • gdk-pixbuf2-xlib-debuginfo-0:2.36.12-5.el8
  • gdk-pixbuf2-xlib-devel-0:2.36.12-5.el8
  • gdm-1:3.28.3-22.el8
  • gdm-debuginfo-1:3.28.3-22.el8
  • gdm-debugsource-1:3.28.3-22.el8
  • gjs-0:1.56.2-3.el8
  • gjs-debuginfo-0:1.56.2-3.el8
  • gjs-debugsource-0:1.56.2-3.el8
  • gjs-devel-0:1.56.2-3.el8
  • gjs-tests-debuginfo-0:1.56.2-3.el8
  • gnome-classic-session-0:3.32.1-10.el8
  • gnome-control-center-0:3.28.2-5.el8
  • gnome-control-center-debuginfo-0:3.28.2-5.el8
  • gnome-control-center-debugsource-0:3.28.2-5.el8
  • gnome-control-center-filesystem-0:3.28.2-5.el8
  • gnome-desktop3-0:3.32.2-1.el8
  • gnome-desktop3-debuginfo-0:3.32.2-1.el8
  • gnome-desktop3-debugsource-0:3.32.2-1.el8
  • gnome-desktop3-devel-0:3.32.2-1.el8
  • gnome-desktop3-tests-debuginfo-0:3.32.2-1.el8
  • gnome-remote-desktop-0:0.1.6-5.el8
  • gnome-remote-desktop-debuginfo-0:0.1.6-5.el8
  • gnome-remote-desktop-debugsource-0:0.1.6-5.el8
  • gnome-settings-daemon-0:3.32.0-4.el8
  • gnome-settings-daemon-debuginfo-0:3.32.0-4.el8
  • gnome-settings-daemon-debugsource-0:3.32.0-4.el8
  • gnome-shell-0:3.32.2-9.el8
  • gnome-shell-debuginfo-0:3.32.2-9.el8
  • gnome-shell-debugsource-0:3.32.2-9.el8
  • gnome-shell-extension-apps-menu-0:3.32.1-10.el8
  • gnome-shell-extension-auto-move-windows-0:3.32.1-10.el8
  • gnome-shell-extension-common-0:3.32.1-10.el8
  • gnome-shell-extension-dash-to-dock-0:3.32.1-10.el8
  • gnome-shell-extension-desktop-icons-0:3.32.1-10.el8
  • gnome-shell-extension-disable-screenshield-0:3.32.1-10.el8
  • gnome-shell-extension-drive-menu-0:3.32.1-10.el8
  • gnome-shell-extension-horizontal-workspaces-0:3.32.1-10.el8
  • gnome-shell-extension-launch-new-instance-0:3.32.1-10.el8
  • gnome-shell-extension-native-window-placement-0:3.32.1-10.el8
  • gnome-shell-extension-no-hot-corner-0:3.32.1-10.el8
  • gnome-shell-extension-panel-favorites-0:3.32.1-10.el8
  • gnome-shell-extension-places-menu-0:3.32.1-10.el8
  • gnome-shell-extension-screenshot-window-sizer-0:3.32.1-10.el8
  • gnome-shell-extension-systemMonitor-0:3.32.1-10.el8
  • gnome-shell-extension-top-icons-0:3.32.1-10.el8
  • gnome-shell-extension-updates-dialog-0:3.32.1-10.el8
  • gnome-shell-extension-user-theme-0:3.32.1-10.el8
  • gnome-shell-extension-window-grouper-0:3.32.1-10.el8
  • gnome-shell-extension-window-list-0:3.32.1-10.el8
  • gnome-shell-extension-windowsNavigator-0:3.32.1-10.el8
  • gnome-shell-extension-workspace-indicator-0:3.32.1-10.el8
  • gnome-software-0:3.30.6-2.el8
  • gnome-software-debuginfo-0:3.30.6-2.el8
  • gnome-software-debugsource-0:3.30.6-2.el8
  • gnome-software-editor-0:3.30.6-2.el8
  • gnome-software-editor-debuginfo-0:3.30.6-2.el8
  • gnome-tweaks-0:3.28.1-6.el8
  • gsettings-desktop-schemas-0:3.32.0-3.el8
  • gsettings-desktop-schemas-devel-0:3.32.0-3.el8
  • gtk-update-icon-cache-0:3.22.30-4.el8
  • gtk-update-icon-cache-debuginfo-0:3.22.30-4.el8
  • gtk3-0:3.22.30-4.el8
  • gtk3-debuginfo-0:3.22.30-4.el8
  • gtk3-debugsource-0:3.22.30-4.el8
  • gtk3-devel-0:3.22.30-4.el8
  • gtk3-devel-debuginfo-0:3.22.30-4.el8
  • gtk3-immodule-xim-0:3.22.30-4.el8
  • gtk3-immodule-xim-debuginfo-0:3.22.30-4.el8
  • gtk3-immodules-debuginfo-0:3.22.30-4.el8
  • gtk3-tests-debuginfo-0:3.22.30-4.el8
  • gvfs-0:1.36.2-6.el8
  • gvfs-afc-0:1.36.2-6.el8
  • gvfs-afc-debuginfo-0:1.36.2-6.el8
  • gvfs-afp-0:1.36.2-6.el8
  • gvfs-afp-debuginfo-0:1.36.2-6.el8
  • gvfs-archive-0:1.36.2-6.el8
  • gvfs-archive-debuginfo-0:1.36.2-6.el8
  • gvfs-client-0:1.36.2-6.el8
  • gvfs-client-debuginfo-0:1.36.2-6.el8
  • gvfs-debuginfo-0:1.36.2-6.el8
  • gvfs-debugsource-0:1.36.2-6.el8
  • gvfs-devel-0:1.36.2-6.el8
  • gvfs-fuse-0:1.36.2-6.el8
  • gvfs-fuse-debuginfo-0:1.36.2-6.el8
  • gvfs-goa-0:1.36.2-6.el8
  • gvfs-goa-debuginfo-0:1.36.2-6.el8
  • gvfs-gphoto2-0:1.36.2-6.el8
  • gvfs-gphoto2-debuginfo-0:1.36.2-6.el8
  • gvfs-mtp-0:1.36.2-6.el8
  • gvfs-mtp-debuginfo-0:1.36.2-6.el8
  • gvfs-smb-0:1.36.2-6.el8
  • gvfs-smb-debuginfo-0:1.36.2-6.el8
  • libpurple-0:2.13.0-5.el8
  • libpurple-debuginfo-0:2.13.0-5.el8
  • libpurple-devel-0:2.13.0-5.el8
  • libpurple-perl-debuginfo-0:2.13.0-5.el8
  • libpurple-tcl-debuginfo-0:2.13.0-5.el8
  • mozjs60-0:60.9.0-3.el8
  • mozjs60-debuginfo-0:60.9.0-3.el8
  • mozjs60-debugsource-0:60.9.0-3.el8
  • mozjs60-devel-0:60.9.0-3.el8
  • mutter-0:3.32.2-10.el8
  • mutter-debuginfo-0:3.32.2-10.el8
  • mutter-debugsource-0:3.32.2-10.el8
  • mutter-devel-0:3.32.2-10.el8
  • mutter-tests-debuginfo-0:3.32.2-10.el8
  • nautilus-0:3.28.1-10.el8
  • nautilus-debuginfo-0:3.28.1-10.el8
  • nautilus-debugsource-0:3.28.1-10.el8
  • nautilus-devel-0:3.28.1-10.el8
  • nautilus-extensions-0:3.28.1-10.el8
  • nautilus-extensions-debuginfo-0:3.28.1-10.el8
  • pango-0:1.42.4-6.el8
  • pango-debuginfo-0:1.42.4-6.el8
  • pango-debugsource-0:1.42.4-6.el8
  • pango-devel-0:1.42.4-6.el8
  • pango-tests-debuginfo-0:1.42.4-6.el8
  • pidgin-0:2.13.0-5.el8
  • pidgin-debuginfo-0:2.13.0-5.el8
  • pidgin-debugsource-0:2.13.0-5.el8
  • pidgin-devel-0:2.13.0-5.el8
  • pidgin-perl-debuginfo-0:2.13.0-5.el8
  • plymouth-0:0.9.3-15.el8
  • plymouth-core-libs-0:0.9.3-15.el8
  • plymouth-core-libs-debuginfo-0:0.9.3-15.el8
  • plymouth-debuginfo-0:0.9.3-15.el8
  • plymouth-debugsource-0:0.9.3-15.el8
  • plymouth-devel-debuginfo-0:0.9.3-15.el8
  • plymouth-graphics-libs-0:0.9.3-15.el8
  • plymouth-graphics-libs-debuginfo-0:0.9.3-15.el8
  • plymouth-plugin-fade-throbber-0:0.9.3-15.el8
  • plymouth-plugin-fade-throbber-debuginfo-0:0.9.3-15.el8
  • plymouth-plugin-label-0:0.9.3-15.el8
  • plymouth-plugin-label-debuginfo-0:0.9.3-15.el8
  • plymouth-plugin-script-0:0.9.3-15.el8
  • plymouth-plugin-script-debuginfo-0:0.9.3-15.el8
  • plymouth-plugin-space-flares-0:0.9.3-15.el8
  • plymouth-plugin-space-flares-debuginfo-0:0.9.3-15.el8
  • plymouth-plugin-throbgress-0:0.9.3-15.el8
  • plymouth-plugin-throbgress-debuginfo-0:0.9.3-15.el8
  • plymouth-plugin-two-step-0:0.9.3-15.el8
  • plymouth-plugin-two-step-debuginfo-0:0.9.3-15.el8
  • plymouth-scripts-0:0.9.3-15.el8
  • plymouth-system-theme-0:0.9.3-15.el8
  • plymouth-theme-charge-0:0.9.3-15.el8
  • plymouth-theme-fade-in-0:0.9.3-15.el8
  • plymouth-theme-script-0:0.9.3-15.el8
  • plymouth-theme-solar-0:0.9.3-15.el8
  • plymouth-theme-spinfinity-0:0.9.3-15.el8
  • plymouth-theme-spinner-0:0.9.3-15.el8
  • wayland-protocols-devel-0:1.17-1.el8
  • webkit2gtk3-0:2.24.3-1.el8
  • webkit2gtk3-debuginfo-0:2.24.3-1.el8
  • webkit2gtk3-debugsource-0:2.24.3-1.el8
  • webkit2gtk3-devel-0:2.24.3-1.el8
  • webkit2gtk3-devel-debuginfo-0:2.24.3-1.el8
  • webkit2gtk3-jsc-0:2.24.3-1.el8
  • webkit2gtk3-jsc-debuginfo-0:2.24.3-1.el8
  • webkit2gtk3-jsc-devel-0:2.24.3-1.el8
  • webkit2gtk3-jsc-devel-debuginfo-0:2.24.3-1.el8
  • webkit2gtk3-plugin-process-gtk2-0:2.24.3-1.el8
  • webkit2gtk3-plugin-process-gtk2-debuginfo-0:2.24.3-1.el8

References