Moderate: GNOME security, bug fix, and enhancement update

Synopsis

Moderate: GNOME security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Topic

An update is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GNOME is the default desktop environment of Red Hat Enterprise Linux.

Security Fix(es):

• libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames (CVE-2018-12910)
  
• poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service (CVE-2017-18267)
  
• libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c (CVE-2018-10733)
  
• libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c (CVE-2018-10767)
  
• poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF (CVE-2018-10768)
  
• poppler: out of bounds read in pdfunite (CVE-2018-13988)
  

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank chenyuan (NESA Lab) for reporting CVE-2018-10733 and CVE-2018-10767 and Hosein Askari for reporting CVE-2018-13988.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

GDM must be restarted for this update to take effect. The X server must be restarted (log out, then log back in) for this update to take effect. The GNOME session must be restarted (log out, then log back in) for this update to take effect. All running instances of Evolution must be restarted for this update to take effect.

Affected Products

• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat Enterprise Linux for IBM z Systems 7 s390x
• Red Hat Enterprise Linux for Power, big endian 7 ppc64
• Red Hat Enterprise Linux for Scientific Computing 7 x86_64
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le
• Red Hat Enterprise Linux for ARM 64 7 aarch64
• Red Hat Enterprise Linux for Power 9 7 ppc64le
• Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

• BZ - 1309776 - [abrt] gvfs-mtp: sync_transfer_wait_for_completion(): gvfsd-mtp killed by SIGSEGV
• BZ - 1347188 - [abrt] [faf] gnome-shell: gray_record_cell(): /usr/bin/gnome-shell killed by 11
• BZ - 1396775 - Cover art placeholder visible when viewing disabled.
• BZ - 1415697 - No authentication dialog for samba printers
• BZ - 1423374 - gnome-shell crashes with signal 11 due to NULL value passed to _clutter_input_device_reset_scroll_info()
• BZ - 1451211 - File conflicts when updating totem
• BZ - 1473167 - There is a NULL pointer dereference in gxps-archive.c in libgxps library .
• BZ - 1484094 - fontconfig-2.10.95-11.el7 pulls random fonts as a dependency
• BZ - 1486064 - gsd selects incorrect backlight on some DRM PRIME configurations
• BZ - 1491720 - reproducer: failed assertion by input through a pipe and then sudo to: accounts-daemon
• BZ - 1497303 - X no longer activates hotplugged monitors if started without one
• BZ - 1501989 - Need to be able to have different language keyboard layout as the first priority on gdm login screen
• BZ - 1502788 - gdkscreen-x11: Don't try to calculate a refresh rate when the XRRModeInfo doesn't have one
• BZ - 1503624 - webkitgtk4: Crash on Google login page when a11y is active
• BZ - 1504129 - Request for Evolution 3.28 series (latest stable)
• BZ - 1507892 - bad post install scripts
• BZ - 1511454 - Inconsistent shell version shown on multiple places
• BZ - 1514182 - the system menu shows a blank space in the VPN item
• BZ - 1520936 - Unable to authenticate using Kerberos without krb5-auth-dialog package
• BZ - 1521077 - Input of '?', 'ä', 'ö', 'ü', etc with Gnome OSK
• BZ - 1524375 - bashism in /etc/profile.d/flatpak.sh
• BZ - 1541180 - [RFE] Applications with similar icons and names are indistinguishable in the Activities Overview
• BZ - 1542702 - Unexpanded rpm macro in gdm scripts
• BZ - 1559001 - rebase to latest stable version
• BZ - 1567040 - GNOME Tweak Tool still enables user to select scaling factor
• BZ - 1567131 - Rebase adwaita-icon-theme to 3.28.0
• BZ - 1567135 - Rebase at-spi2-atk to 2.26.2
• BZ - 1567145 - Rebase at-spi2-core to 2.28.0
• BZ - 1567158 - Rebase atk to 2.28.1
• BZ - 1567161 - Rebase baobab to 3.28.0
• BZ - 1567170 - Rebase cheese to 3.28.0
• BZ - 1567179 - Rebase control-center to 3.28.1
• BZ - 1567184 - Rebase dconf to 0.28.0
• BZ - 1567185 - Rebase eog to 3.28.1
• BZ - 1567186 - Rebase evince to 3.28.0
• BZ - 1567187 - Rebase file-roller to 3.28.0
• BZ - 1567199 - Rebase gcr to 3.28.0
• BZ - 1567200 - Rebase gdm to 3.28.1
• BZ - 1567311 - Rebase gedit to 3.28.1
• BZ - 1567313 - Rebase geocode-glib to 3.26.0
• BZ - 1567325 - Rebase gjs to 1.52.1
• BZ - 1567374 - Rebase glib-networking to 2.56.0
• BZ - 1567375 - Rebase glib2 to 2.56.1
• BZ - 1567380 - Rebase glibmm24 to 2.54.1
• BZ - 1567381 - Rebase gnome-bluetooth to 3.28.1
• BZ - 1567399 - Rebase gnome-boxes to 3.28.5
• BZ - 1567475 - Rebase gnome-calculator to 3.28.1
• BZ - 1567476 - Rebase gnome-clocks to 3.28.0
• BZ - 1567477 - Rebase gnome-color-manager to 3.28.0
• BZ - 1567478 - Rebase gnome-contacts to 3.28.0
• BZ - 1567479 - Rebase gnome-desktop to 3.28.0
• BZ - 1568169 - Rebase gnome-dicitionary to 3.26.1
• BZ - 1568170 - Rebase gnome-disk-utility to 3.28.1
• BZ - 1568171 - Rebase gnome-documents to 3.28.0
• BZ - 1568172 - Rebase gnome-font-viewer to 3.28.0
• BZ - 1568174 - Rebase gnome-getting-started-docs to 3.28.1
• BZ - 1568175 - Rebase gnome-initial-setup to 3.28.0
• BZ - 1568176 - Rebase gnome-keyring to 3.28.0.2
• BZ - 1568177 - Rebase gnome-online-accounts to 3.28.0
• BZ - 1568229 - Rebase gnome-online-miners to 3.26.0
• BZ - 1568232 - Rebase gnome-packagekit to 3.28.0
• BZ - 1568233 - Rebase gnome-screenshot to 3.26.0
• BZ - 1568618 - exiv2-libs in RHEL 7.5 not backwards compatible with earlier RHEL 7
• BZ - 1568620 - Rebase gnome-session to 3.28.1
• BZ - 1568621 - Rebase gnome-settings-daemon to 3.28.1
• BZ - 1568624 - Rebase gnome-shell to 3.28.0
• BZ - 1568625 - Rebase gnome-software to 3.28.1
• BZ - 1568626 - Rebase gnome-system-monitor to 3.28.1
• BZ - 1568632 - Rebase gnome-terminal to 3.28.2
• BZ - 1568633 - Rebase gnome-themes-standard to 3.27.90
• BZ - 1568638 - Rebase gnome-tweak-tool to 3.28.0
• BZ - 1568968 - fc-cache in multilib does not create 32bit cache files
• BZ - 1569268 - Rebase gnome-user-docs to 3.28.1
• BZ - 1569272 - Rebase gobject-introspection to 1.56.1
• BZ - 1569273 - Rebase gsettings-desktop-schemas to 3.28.0
• BZ - 1569277 - Rebase gspell to 1.6,1
• BZ - 1569278 - Rebase gtksourceview3 to 3.24.7
• BZ - 1569279 - Rebase gucharmap to 10.0.4
• BZ - 1569281 - Rebase gvfs to 1.36.1
• BZ - 1569284 - Rebase json-glib to 1.4.2
• BZ - 1569285 - Rebase libgee to 0.20.1
• BZ - 1569288 - Rebase libgepup to 0.5.3
• BZ - 1569289 - Rebase libgnomekbd to 3.26.0
• BZ - 1569294 - Rebase libgtop2 to 2.38.0
• BZ - 1569295 - Rebase libgweather to 3.28.1
• BZ - 1569717 - Rebase gnome-shell-extensions to 3.28.0
• BZ - 1569718 - Rebase dconf-editor to 3.28.0
• BZ - 1569719 - Rebase devhelp to 3.28.1
• BZ - 1569721 - Rebase gedit-plugins to 3.28.1
• BZ - 1569723 - Rebase glade to 3.22.1
• BZ - 1569727 - Rebase gnome-backgrounds to 3.28.0
• BZ - 1569728 - Rebase gnome-devel-docs to 3.28.0
• BZ - 1569730 - Rebase gnote to 3.28.0
• BZ - 1569731 - Rebase libgxps to 0.3.0
• BZ - 1569732 - Rebase libpeas to 1.22.0
• BZ - 1569733 - Rebase librsvg2 to 2.40.20
• BZ - 1569734 - Rebase libsoup to 2.62.1
• BZ - 1569735 - Rebase libwnck3 to 3.24.1
• BZ - 1569736 - Rebase mutter to 3.28.0
• BZ - 1569738 - Rebase nautilus to 3.28.1
• BZ - 1569748 - Rebase pango to 1.42.1
• BZ - 1569757 - Rebase pyatspi to 2.26.0
• BZ - 1569784 - Rebase seahorse-nautilus to 3.11.92
• BZ - 1569785 - Rebase shotwell to 0.28.2
• BZ - 1569786 - Rebase sushi to 3.24.0
• BZ - 1569787 - Rebase totem to 3.26.1
• BZ - 1569789 - Rebase totem-pl-parser to 3.26.0
• BZ - 1569794 - Rebase vala to 0.40.3
• BZ - 1569801 - Rebase vte291 to 0.52.1
• BZ - 1569802 - Rebase yelp to 3.28.1
• BZ - 1569805 - Rebase yelp-tools to 3.28.0
• BZ - 1569806 - Rebase yelp-xsl to 3.28.0
• BZ - 1569809 - Rebase zenity to 3.28.1
• BZ - 1569810 - Rebase brasero to 3.12.2
• BZ - 1569811 - Rebase clutter-gst3 to 3.0.26
• BZ - 1569812 - Rebase empathy to 3.12.13
• BZ - 1569814 - Rebase folks to 0.11.4
• BZ - 1569815 - Rebase gdk-pixbuf2 to 2.36.12
• BZ - 1569961 - Rebase gom to 0.3.3
• BZ - 1569962 - Rebase grilo to 0.3.4
• BZ - 1569963 - Rebase grilo-plugins to 0.3.4
• BZ - 1569965 - Rebase gssdp to 1.0.2
• BZ - 1569971 - Rebase gtk-doc to 1.28
• BZ - 1569975 - Rebase gtk3 to 3.22.30
• BZ - 1569980 - Rebase gupnp to 1.0.2
• BZ - 1569988 - Rebase gupnp-igd to 0.2.5
• BZ - 1569989 - Rebase libchamplain to 0.12.16
• BZ - 1569991 - Rebase libcroco to 0.6.12
• BZ - 1570004 - Rebase libgdata to 0.17.9
• BZ - 1570008 - Rebase libgexiv2 to 0.10.8
• BZ - 1570009 - Rebase libmediaart to 1.9.4
• BZ - 1570013 - Rebase libsecret to 0.18.6
• BZ - 1570015 - Rebase nautilus-sendto to 3.8.6
• BZ - 1570023 - Rebase rest to 0.8.1
• BZ - 1570024 - Rebase rhythmbox to 3.4.2
• BZ - 1570025 - Rebase libappstream-glib to 0.7.8
• BZ - 1570028 - Rebase fwupd to 1.0.6
• BZ - 1570030 - Rebase flatpak to 1.0.x
• BZ - 1570031 - Rebase appstream-data
• BZ - 1570032 - Rebase fwupdate to 12
• BZ - 1570569 - dconf database corrupted with no error messages
• BZ - 1571422 - KVM is no longer responding to mouse & keyboard after lock/unlock
• BZ - 1573622 - dash to dock broken in 7.5
• BZ - 1574844 - Heap Buffer Overflow in ft_font_face_hash of gxps-fonts.c
• BZ - 1575188 - Stack Buffer Overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c
• BZ - 1575495 - Rebase evolution-data-server to 3.28.x
• BZ - 1575499 - Rebase evolution-ews to 3.28.x
• BZ - 1575500 - Rebase evolution-mapi to 3.28.x
• BZ - 1576111 - CVE-2018-10733 libgxps: heap based buffer over read in ft_font_face_hash function of gxps-fonts.c
• BZ - 1576169 - CVE-2018-10768 poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF
• BZ - 1576175 - CVE-2018-10767 libgxps: Stack-based buffer overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c
• BZ - 1576494 - Rebase PackageKit to 1.1.10
• BZ - 1576501 - rebase fontconfig to 2.13.0
• BZ - 1576504 - Rebase freetype to 2.8
• BZ - 1576535 - Rebase cairo to 1.15.12
• BZ - 1576536 - Rebase harfbuzz to 1.7.5
• BZ - 1576537 - Rebase fribidi to 1.0.2
• BZ - 1576538 - Rebase accountsservice to 0.6.48
• BZ - 1576541 - Rebase geoclue2 to 2.4.8
• BZ - 1576544 - Rebase webkitgtk4 to 2.20.2
• BZ - 1578777 - CVE-2017-18267 poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service
• BZ - 1580577 - Vino binds to all interfaces when network interface configuration is invalid
• BZ - 1581308 - port fix for 1510089 to 7.4.z
• BZ - 1581454 - mutter crash
• BZ - 1584245 - Rebase upower to 0.99.7
• BZ - 1584263 - Rebase libosinfo to 1.1.0
• BZ - 1584266 - Rebase libgovirt to 0.3.4
• BZ - 1584655 - Rebase libical to 3.x version
• BZ - 1585230 - mutter overrides xorg.conf
• BZ - 1590537 - Race between gnome-pty-helper and VteTerminal leads to a defunct child process
• BZ - 1590848 - tweak tool fails to start
• BZ - 1591614 - missing "GNOME on Wayland' option
• BZ - 1591638 - WebKitWebProcess crashes when a11y is active
• BZ - 1591792 - Can't "Compress..." with nautilus-3.26.3.1-2.el7
• BZ - 1592809 - missing source entries in search results
• BZ - 1593215 - 'org.gnome.SettingsDaemon.DiskUtilityNotify.desktop' failed to register before timeout
• BZ - 1593244 - evince prints "GLib-CRITICAL **: g_variant_new_string: assertion 'string != NULL' failed" while entering presentation mode
• BZ - 1593356 - systemd-udevd complains about invalid key/value pair in 61-gdm.rules
• BZ - 1593782 - gnome-shell crash after mutter update
• BZ - 1594725 - Fails to modify meeting component
• BZ - 1594814 - GDM killed by SIGABRT after login
• BZ - 1594880 - Missing icon for thunderbolt
• BZ - 1596735 - accountsservice system account misclassification
• BZ - 1597339 - User session is terminated after User Switch
• BZ - 1597350 - Switch User is missing in System Menu
• BZ - 1597353 - Settings schema 'org.gnome.settings-daemon.plugins.account' is not installed
• BZ - 1597764 - adwaita-lock.jpg is missing
• BZ - 1597860 - Evince is sometimes rendered incorrectly and cannot be controlled
• BZ - 1597980 - CVE-2018-12910 libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames
• BZ - 1599841 - corrupt application icon in gnome classic theme
• BZ - 1600079 - Wrong entry in secure log when user login Description
• BZ - 1600560 - gnome-session-xsession ships gnome-session-custom-session xsession file
• BZ - 1601598 - gdm upgrade problem
• BZ - 1602838 - CVE-2018-13988 poppler: out of bounds read in pdfunite
• BZ - 1608936 - Garbage collector complains during shutdown
• BZ - 1610324 - Rebuild openchange against updated samba
• BZ - 1611565 - Crash on right-click on local collection
• BZ - 1612983 - Keyboard disfunction on gnome screen
• BZ - 1613813 - [abrt] [faf] Crash under config_lookup_thread() at e-config-lookup.c:179
• BZ - 1616185 - meson: Loss of -pie compared to traditional builds [rhel-7]
• BZ - 1624842 - multilib regression in json-glib
• BZ - 1625700 - On screen keyboard not visible to access with gtk apps
• BZ - 1625906 - [RHEl7.6] google-noto-emoji fonts doesn't input color emoji
• BZ - 1626104 - Obsolete gnome-shell-browser-plugin
• BZ - 1628587 - include default lock screen background to redhat-logos
• BZ - 1633828 - Add missing Obsoletes for evolution-mapi-devel subpackage

CVEs

• CVE-2017-18267
• CVE-2018-10733
• CVE-2018-10767
• CVE-2018-10768
• CVE-2018-12910
• CVE-2018-13988

References

• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index