Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
openSUSE: Security Advisory for barrier (openSUSE-SU-2021:1498-1)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'barrier' package(s) announced via the openSUSE-SU-2021:1498-1 advisory.
Insight
Insight
This update for barrier fixes the following issues: Updated to version 2.4.0: Barrier now supports client identity verification (fixes CVE-2021-42072, CVE-2021-42073). Previously a malicious client could connect to Barrier server without any authentication and send application-level messages. This made the attack surface of Barrier significantly larger. Additionally, in case the malicious client got possession of a valid screen name by brute forcing or other means it could modify the clipboard contents of the server. To support seamless upgrades from older versions of Barrier this is currently disabled by default. The feature can be enabled in the settings dialog. If enabled, older clients of Barrier will be rejected. Barrier now uses SHA256 fingerprints for establishing security of encrypted SSL connections. After upgrading client to new version the existing server fingerprint will need to be approved again. Client and server will show both SHA1 and SHA256 server fingerprints to allow interoperability with older versions of Barrier. Bugfixes: * Fixed build failure on mips*el and riscv64 architecture. * Barrier no longer uses openssl CLI tool for any operations and hooks into the openssl library directly. * More X11 clipboard MIME types have been mapped to corresponding converters (#344). * Fixed setup of multiple actions associated with a hotkey. * Fixed setup of hotkeys with special characters such as comma and semicolon (#778). * Fixed transfer of non-ASCII characters coming from a Windows server in certain cases (#527). * Barrier will now regenerate server certificate if it' s invalid instead of failing to launch (#802) * Added support for additional keys on Sun Microsystems USB keyboards (#784). * Updated Chinese translation. * Updated Slovak translation. * Theme icons are now preferred to icons distributed together with Barrier (#471). Features: * Added --drop-target option that improves drag and drop support on Windows when Barrier is being run as a portable app. * The --enable-crypto command line option has been made the default to reduce chances of accidental security mishaps when configuring Barrier from command line. A new --disable-crypto command line option has been added to explicitly disable encryption. * Added support for randomart images for easier comparison of SSL certificate fingerprints. The algorithm is identica ... Description truncated. Please see the references for more information.
Affected Software
Affected Software
'barrier' package(s) on openSUSE Leap 15.2.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
Please install the updated package(s).