Release date:
Updated on:
Affected Systems:
OpenSUSE 13.1 KDE
Description:
--------------------------------------------------------------------------------
Bugtraq id: 64786
CVE (CAN) ID: CVE-2013-3713
OpenSUSE is a Linux-based free operating system.
In openSUSE 13.1 and other versions, the image creation configuration in versions earlier than aaa_base 16.26.1 will be added to the "users" group during live image installation, this allows local users to obtain sensitive information.
<* Source: vendor
Link: https://bugzilla.novell.com/show_bug.cgi? Id = 843230
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
OpenSUSE
--------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Www.opensuse.org
Http://lists.opensuse.org/opensuse-updates/2013-12/msg00117.html