{"id":"SUSE-RU-2020:0603-1","summary":"Recommended update for permissions","details":"This update for permissions fixes the following issues:\n\n- CVE-2020-8013: Fixed an improper check which could have allowed the \n  setting of unintented setuid bits (bsc#1163922).\n- Fixed handling of relative directory symlinks in chkstat.\n- Whitelisted postgres sticky directories (bsc#1123886).\n- Fixed regression where chkstat broke when /proc was not available\n  (bsc#1160764, bsc#1160594)\n- Fixed capability handling when doing multiple permission changes\n  at once (bsc#1161779)\n","modified":"2026-02-04T04:31:20.487490Z","published":"2020-03-06T10:01:04Z","related":["CVE-2020-8013"],"upstream":["CVE-2020-8013"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2020-603/suse-ru-20200603-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1123886"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160594"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160764"},{"type":"REPORT","url":"https://bugzilla.suse.com/1161779"},{"type":"REPORT","url":"https://bugzilla.suse.com/1163922"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-8013"}],"affected":[{"package":{"name":"permissions","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP4","purl":"pkg:rpm/suse/permissions&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20170707-3.21.1"}]}],"ecosystem_specific":{"binaries":[{"permissions":"20170707-3.21.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:0603-1.json"}},{"package":{"name":"permissions","ecosystem":"SUSE:Linux Enterprise Server 12 SP4","purl":"pkg:rpm/suse/permissions&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20170707-3.21.1"}]}],"ecosystem_specific":{"binaries":[{"permissions":"20170707-3.21.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:0603-1.json"}},{"package":{"name":"permissions","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","purl":"pkg:rpm/suse/permissions&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20170707-3.21.1"}]}],"ecosystem_specific":{"binaries":[{"permissions":"20170707-3.21.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:0603-1.json"}},{"package":{"name":"permissions","ecosystem":"SUSE:Linux Enterprise Server 12 SP5","purl":"pkg:rpm/suse/permissions&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20170707-3.21.1"}]}],"ecosystem_specific":{"binaries":[{"permissions":"20170707-3.21.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:0603-1.json"}},{"package":{"name":"permissions","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","purl":"pkg:rpm/suse/permissions&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20170707-3.21.1"}]}],"ecosystem_specific":{"binaries":[{"permissions":"20170707-3.21.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:0603-1.json"}}],"schema_version":"1.7.3"}