Oval Definition:	oval:org.opensuse.security:def:100280
Revision Date: 2021-01-20 Version: 1 Title: (Important) Description: This update for xstream fixes the following issues: xstream was updated to version 1.4.15. - CVE-2020-26217: Fixed a remote code execution due to insecure XML deserialization when relying on blocklists (bsc#1180994). - CVE-2020-26258: Fixed a server-side request forgery vulnerability (bsc#1180146). - CVE-2020-26259: Fixed an arbitrary file deletion vulnerability (bsc#1180145). Family: unix Class: patch Status: Reference(s): 1162766 1162775 1162776 1162781 1162782 1162784 1180145 1180146 1180994 CVE-2019-15613 CVE-2019-15621 CVE-2019-15623 CVE-2019-15624 CVE-2020-26217 CVE-2020-26258 CVE-2020-26259 CVE-2020-8118 CVE-2020-8119 openSUSE-SU-2020:0229-1 Platform(s): Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0 SUSE Package Hub for SUSE Linux Enterprise 15 SP1 Product(s): Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 15 SP1 is installed AND nextcloud-15.0.14-bp151.3.6.1 is installed Definition Synopsis Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM is installed AND xstream-1.4.15-3.3.2 is installed
BACK