Synopsis
Low: GNOME security, bug fix, and enhancement update
Type/Severity
Security Advisory: Low
Topic
An update for GNOME is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
GNOME is the default desktop environment of Red Hat Enterprise Linux.
Security Fix(es):
- evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459)
- gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
Affected Products
-
Red Hat Enterprise Linux for x86_64 8 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 8 s390x
-
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
-
Red Hat Enterprise Linux for ARM 64 8 aarch64
-
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
-
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
-
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
-
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Fixes
- BZ - 1662193 - [RFE] Read-Only lockdown for removable drives
- BZ - 1667136 - Backport rename support for desktop icons
- BZ - 1673011 - Appstream-data Needs refresh for RHEL 8
- BZ - 1674382 - Gnome session locks after login
- BZ - 1679127 - tweaks extensions status do not reflect reality
- BZ - 1680164 - gdm-screenshot doesn't work, we should drop it or fix it (or something)
- BZ - 1685811 - pango_fc_font_key_get_variations(key) causing crash when key is null
- BZ - 1687949 - [X11 Session] Pressing any Button on a Wacom Pen Tablet Buttons causes Core Dump
- BZ - 1690506 - [RHEL 8.1] mutter ignores multi-monitor layout defined in xorg.conf
- BZ - 1696708 - Rebase WebKitGTK to 2.24.2
- BZ - 1698520 - rebase gnome-shell to 3.32
- BZ - 1698884 - rebase mutter to 3.32
- BZ - 1698923 - rebase gjs to 3.32
- BZ - 1698929 - rebase gsd to 3.32
- BZ - 1698930 - rebase gsettings-desktop-schemas to 3.32
- BZ - 1704355 - Add an option to disable the hot corner
- BZ - 1704360 - A more traditional workspace switcher for classic mode
- BZ - 1704378 - Bring in disable-screenshield from RHEL7
- BZ - 1705583 - org.gnome.baobab.gschema.xml not valid against DTD
- BZ - 1706793 - circles wallpaper interfers with date and time on lockscreen
- BZ - 1709937 - Add "mount-removable-storage-devices-as-read-only" option
- BZ - 1713080 - [accountsservice] possible memory leak in Gnome
- BZ - 1713330 - Backport password override commit
- BZ - 1713453 - Rebase gnome-shell-extensions to 3.32
- BZ - 1713685 - Rebase wayland-protocols to 1.17
- BZ - 1715738 - right click on the top panel of applications does not open menu
- BZ - 1715761 - ugly default gnome-terminal font aftrer gsettings-desktop-schemas update
- BZ - 1715765 - topicons icons are to big
- BZ - 1716295 - CVE-2019-11459 evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail()
- BZ - 1716771 - Interacting with a wacom pen triggers gnome shell crashes
- BZ - 1718133 - control-center crashes when clicking on Map To Monitor
- BZ - 1719241 - rebase gnome-desktop3 to match the gnome-shell version
- BZ - 1719279 - JS ERROR: TypeError: this._workspacesViews[i] is undefined
- BZ - 1719779 - gnome-software shouldn't show the addon if the package isn't actually available in the repos
- BZ - 1720481 - few gnome-shell-extensions need to go to AppStream
- BZ - 1721195 - Applications Menu fails to replace Activities in gnome panel
- BZ - 1721575 - Tweaks are pointing to wrong extension page in gnome-software
- BZ - 1722047 - Activities and Applications Menu change position in panel randomly
- BZ - 1722844 - <super> shortcut to open window picker not working properly in classic X session
- BZ - 1723467 - Add window thumbnails to the classic workspace switcher
- BZ - 1723836 - New application menu button is not available through accessibility
- BZ - 1724551 - gnome-shell process eat 100% CPU after resume
- BZ - 1725101 - no link to website in about dialog
- BZ - 1725107 - no screenshot in software
- BZ - 1725120 - confusing names
- BZ - 1725555 - animation: fix unintentional loop while polkit dialog is active
- BZ - 1725741 - Reverting workspaces to primary display only not working
- BZ - 1725766 - No man page for nautilus-autorun-software
- BZ - 1725854 - [RFE] <esc> for closing the window picker
- BZ - 1726093 - window list in classic session is barely visible
- BZ - 1726505 - CVE-2019-12795 gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd
- BZ - 1726656 - top-bar: Drop ApplicationMenu tweak
- BZ - 1728277 - Update WebKitGTK to 2.24.3
- BZ - 1731372 - seems the latest gnome-shell-extensions update (-9) changed gnome classic notification color
- BZ - 1735382 - [abrt] [faf] gnome-shell: raise(): /usr/bin/gnome-shell killed by 6
- BZ - 1737326 - [abrt] [faf] gnome-shell: raise(): /usr/bin/gnome-shell killed by 5
- BZ - 1739116 - Cannot browse SMB shares from GNOME
- BZ - 1739117 - Hundreds of gvfsd-trash processes are spawned when user runs Xsession/Gnome after an NFS session failed
- BZ - 1741547 - [abrt] [faf] gnome-shell: meta_window_actor_show(): /usr/bin/gnome-shell killed by 11
CVEs
References
Vulmon