Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Moderate: GNOME security, bug fix, and enhancement update

Related Vulnerabilities: CVE-2019-3820   CVE-2019-3820   CVE-2019-3820  

Source

Synopsis

Moderate: GNOME security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Topic

An update for GNOME is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GNOME is the default desktop environment of Red Hat Enterprise Linux.

Security Fix(es):

  • gnome-shell: partial lock screen bypass (CVE-2019-3820)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 1421231 - error in default configurations: Cd-WARNING **: failed to get session [pid 1408]: Unknown error -2
  • BZ - 1474305 - Tracker-extract gives permission denied error in log file
  • BZ - 1506370 - [RFE] disable show text in GDM login screen/lock screen
  • BZ - 1547158 - postsession script not executed on reboot/shutdown
  • BZ - 1556776 - Name "org.gnome.Mutter.DisplayConfig" does not exist
  • BZ - 1556800 - libcanberra-login-sound.desktop: Failed to play sound: File or data not found
  • BZ - 1583836 - Not able to unlock Gnome screen with SmartCard using Coolkey
  • BZ - 1607839 - Invisible panel is made visible on click between Setting and Toggle button
  • BZ - 1624461 - gnome-shell crashes in meta_window_get_monitor, processing an unmanaged window
  • BZ - 1630686 - Window title bar shows garbled characters
  • BZ - 1632904 - On screen keyboard not visible to access with gtk apps
  • BZ - 1638727 - gnome-shell crashed with SIGSEGV in meta_monitor_mode_get_resolution()
  • BZ - 1646345 - tracker-miner-fs killed by SIGABRT when connected from remote machine with XDMCP
  • BZ - 1657887 - mouse buttons stop responding after rapid input
  • BZ - 1669391 - CVE-2019-3820 gnome-shell: partial lock screen bypass
  • BZ - 1672289 - gnome-control-center thunderbolt-cc-panel-WARNING Could not create client Error calling StartServiceByName for org.freedesktop.bolt: GDBus.Error:org.freedesktop.systemd1.UnitMasked: Unit is masked. Memory fault(coredump)
  • BZ - 1674534 - Rebase to 3.28.2
  • BZ - 1678448 - Invalid syntax in /usr/share/applications/org.gnome.font-viewer.desktop [RHEL 7]
  • BZ - 1687745 - Java windows that have a preferred width larger than Short.MAX_VALUE are not properly displayed in RHEL7
  • BZ - 1691197 - 'Error setting up rfkill: Could not open RFKILL control device, please verify your installation' output in message.
  • BZ - 1691474 - Network icon missing in gnome-shell
  • BZ - 1702417 - ctrl,alt keys and arrow keys missing on virtual keyboard
  • BZ - 1720286 - A more traditional workspace switcher for classic mode
  • BZ - 1721562 - daemon: ensure cache files for system users are processed
  • BZ - 1723283 - nautlus should not require brasero-nautilus on ppc64 and s390x
  • BZ - 1728761 - Keyboard and mouse are unresponsive after ~45 days of uptime
  • BZ - 1737367 - Update to latest upstream release
  • BZ - 1737369 - Add 7.8 to the osinfo-db which will be used on 7.8
  • BZ - 1737515 - Abnormally high CPU usage when dragging windows, cursor movement, and applications that cause frequent redraw events
  • BZ - 1741274 - Rebase to 0.19.4
  • BZ - 1743913 - gnome-shell crashes with signal 11
  • BZ - 1749325 - systemd-udevd: failed to execute '/usr/libexec/gdm-disable-wayland' '/usr/libexec/gdm-disable-wayland': No such file or directory
  • BZ - 1750807 - Fedora/RHEL/CentOS JeOS kickstart files for unattended installation are broken
  • BZ - 1752357 - Workspace switcher jumps on secondary display unexpectedly
  • BZ - 1752367 - Type to search entry doesn't show typed letters
  • BZ - 1752378 - Invalid read under idle_monitor_dispatch_timeout()
  • BZ - 1752547 - gnome-shell crashes in tcl/tk saveAs dialog when the user clicks cancel
  • BZ - 1753799 - Unresponsive Gnome Due To JavaScript Errors in RHEL 7.7
  • BZ - 1766501 - Backport performance improvements to gnome-shell in rhel-7.8
  • BZ - 1772896 - Login screen shows dots when entering username
  • BZ - 1778270 - Fix horizontal-workspaces extension in non-classic session
  • BZ - 1789491 - Extensions panel is empty

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started