Upstream information

CVE-2012-3466 at MITRE

Description

GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.38
Vector AV:L/AC:M/Au:N/C:P/I:P/A:P
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 775235 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • gnome-keyring >= 3.10.1-4.1
  • gnome-keyring-32bit >= 3.10.1-4.1
  • gnome-keyring-lang >= 3.10.1-4.1
  • gnome-keyring-pam >= 3.10.1-4.1
  • gnome-keyring-pam-32bit >= 3.10.1-4.1
  • libgck-modules-gnome-keyring >= 3.10.1-4.1
Patchnames:
SUSE Linux Enterprise Desktop 12 GA gnome-keyring
SUSE Linux Enterprise Desktop 12 SP1
  • gnome-keyring >= 3.10.1-11.1
  • gnome-keyring-32bit >= 3.10.1-11.1
  • gnome-keyring-lang >= 3.10.1-11.1
  • gnome-keyring-pam >= 3.10.1-11.1
  • gnome-keyring-pam-32bit >= 3.10.1-11.1
  • libgck-modules-gnome-keyring >= 3.10.1-11.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA gnome-keyring
SUSE Linux Enterprise Desktop 12 SP2
  • gnome-keyring >= 3.20.0-27.2
  • gnome-keyring-32bit >= 3.20.0-27.2
  • gnome-keyring-lang >= 3.20.0-27.2
  • gnome-keyring-pam >= 3.20.0-27.2
  • gnome-keyring-pam-32bit >= 3.20.0-27.2
  • libgck-modules-gnome-keyring >= 3.20.0-27.2
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA gnome-keyring
SUSE Linux Enterprise Server 12 SP2
  • gnome-keyring >= 3.20.0-27.2
  • gnome-keyring-32bit >= 3.20.0-27.2
  • gnome-keyring-lang >= 3.20.0-27.2
  • gnome-keyring-pam >= 3.20.0-27.2
  • gnome-keyring-pam-32bit >= 3.20.0-27.2
  • libgck-modules-gnome-keyring >= 3.20.0-27.2
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA gnome-keyring
openSUSE 13.2
  • gnome-keyring >= 3.14.0-1.1
  • gnome-keyring-32bit >= 3.14.0-1.1
  • gnome-keyring-pam >= 3.14.0-1.1
  • gnome-keyring-pam-32bit >= 3.14.0-1.1
  • libgck-modules-gnome-keyring >= 3.14.0-1.1
Patchnames:
openSUSE 13.2 GA gnome-keyring
openSUSE Leap 42.1
  • gnome-keyring >= 3.16.0-4.3
  • gnome-keyring-32bit >= 3.16.0-4.3
  • gnome-keyring-lang >= 3.16.0-4.3
  • gnome-keyring-pam >= 3.16.0-4.3
  • gnome-keyring-pam-32bit >= 3.16.0-4.3
  • libgck-modules-gnome-keyring >= 3.16.0-4.3
Patchnames:
openSUSE Leap 42.1 GA gnome-keyring
openSUSE Leap 42.2
  • gnome-keyring >= 3.20.0-3.1
  • gnome-keyring-32bit >= 3.20.0-3.1
  • gnome-keyring-lang >= 3.20.0-3.1
  • gnome-keyring-pam >= 3.20.0-3.1
  • gnome-keyring-pam-32bit >= 3.20.0-3.1
  • libgck-modules-gnome-keyring >= 3.20.0-3.1
Patchnames:
openSUSE Leap 42.2 GA gnome-keyring