SUSE Leap 15.1 Improper Privilege Management Vulnerability
Fixed a symlink attack which could allow to overwrite arbitrary data (boo#1157703).
The information has been provided by Vendor
The original article can be found at:http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp18.104.22.168.
SUSE Leap 15.1