File _patchinfo of Package patchinfo.13957

<patchinfo incident="13957">
  <issue tracker="cve" id="2019-3696"/>
  <issue tracker="cve" id="2019-3695"/>
  <issue tracker="bnc" id="1152763">VUL-0: EMBARGOED: CVE-2019-3695: pcp: LPE from pcp user to root in %post</issue>
  <issue tracker="bnc" id="1153921">VUL-0: EMBARGOED: CVE-2019-3696: pcp: LPE through migrate_tempdirs</issue>
  <issue tracker="bnc" id="1129991">SLES15 SP1 RC1 - pcp2csv command fails with 'undefined symbol: pmiDump'</issue>
  <packager>dmdiss</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for pcp</summary>
  <description>This update for pcp fixes the following issues:

Security issue fixed:

- CVE-2019-3696: Fixed a local privilege escalation in migrate_tempdirs() (bsc#1153921).
- CVE-2019-3695: Fixed a local privilege escalation of the pcp user during package update (bsc#1152763).

Non-security issue fixed:

- Fixed an dependency issue with pcp2csv (bsc#1129991).
</description>
</patchinfo>