{"id":"SUSE-RU-2020:14304-1","summary":"Recommended update for permissions","details":"This update for permissions fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2020-8013: Fixed a missing symlink check. Do not follow symlinks that are the final path element (bsc#1163922).\n- Fixed a regression where chkstat broke when /proc was not available (bsc#1160764, bsc#1160594).\n","modified":"2026-02-04T04:32:04.287121Z","published":"2020-02-28T14:54:28Z","related":["CVE-2020-8013"],"upstream":["CVE-2020-8013"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement//suse-ru-202014304-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160594"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160764"},{"type":"REPORT","url":"https://bugzilla.suse.com/1163922"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-8013"}],"affected":[{"package":{"name":"permissions","ecosystem":"SUSE:Linux Enterprise Point of Sale 11 SP3","purl":"pkg:rpm/suse/permissions&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2013.1.7-0.6.12.1"}]}],"ecosystem_specific":{"binaries":[{"permissions":"2013.1.7-0.6.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:14304-1.json"}},{"package":{"name":"permissions","ecosystem":"SUSE:Linux Enterprise Server 11 SP4-LTSS","purl":"pkg:rpm/suse/permissions&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2013.1.7-0.6.12.1"}]}],"ecosystem_specific":{"binaries":[{"permissions":"2013.1.7-0.6.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:14304-1.json"}}],"schema_version":"1.7.3"}