Red Hat Security Advisory 2020-4264-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
7805f03df9c390692d08feead451abb3bf3b927c8c3392ce18ac74af42634150
Red Hat Security Advisory 2020-4255-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
5fa2b0edd19c548995fa81b56ae17dd75bbbcf0b7a9fd43d5777ad177066c16a
Red Hat Security Advisory 2020-4254-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.
95b6f149ed6564a7dba27bae8b6b98f52d801a1eb8ced363663ee391a124f69c
Red Hat Security Advisory 2020-3978-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The Intelligent Input Bus is an input method framework for multilingual input in Unix-like operating systems. Issues addressed include an improper authorization vulnerability.
9f8cb2f43abb3d2471b7b4e9313f38c01a7d953f41039370948b252d4b0dbbcc
Red Hat Security Advisory 2020-3194-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include a man-in-the-middle vulnerability.
ab12a5414b74ae4ec0875438bd155092413bb637cd1033a63c83f8057805a037
Red Hat Security Advisory 2020-1880-01 - GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The Intelligent Input Bus is an input method framework for multilingual input in Unix-like operating systems. Issues addressed include an improper authorization vulnerability.
dcd9244e46b7464edb51858f84453edbd81ace5c46730cfafc16a82751d66c7e
Ubuntu Security Notice 4134-3 - USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2. The regression has since been resolved and so this update fixes the original vulnerability. Various other issues were also addressed.
2bce0168c26fd6d896cf0cea3a7d16f22e6d4e0ffb39f1595761303cd15a138e
Debian Linux Security Advisory 4525-1 - Simon McVittie reported a flaw in ibus, the Intelligent Input Bus. Due to a misconfiguration during the setup of the DBus, any unprivileged user could monitor and send method calls to the ibus bus of another user, if able to discover the UNIX socket used by another user connected on a graphical environment. The attacker can take advantage of this flaw to intercept keystrokes of the victim user or modify input related configurations through DBus method calls.
31d489a5bebac71abdc3f0ab3fc8c5ed659bf01c8d9d73d9e23f3dd1dda2087d
Ubuntu Security Notice 4134-1 - Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user.
ed92e9e046984937207054328dcbba793eb2ef62bdf1c54b81a17f9db3ef13c2