Oval Definition:oval:org.opensuse.security:def:100759
Revision Date:2022-03-04Version:1
Title: (Moderate)
Description:

This security update for libeconf, shadow and util-linux fix the following issues:

libeconf:

- Add libeconf to SLE-Module-Basesystem_15-SP3 because needed by 'util-linux' and 'shadow' to fix autoyast handling of security related parameters (bsc#1192954, jsc#SLE-23384, jsc#SLE-23402)

Issues fixed in libeconf: - Reading numbers with different bases (e.g. oktal) (bsc#1193632) (#157) - Fixed different issues while writing string values to file. - Writing comments to file too. - Fixed crash while merging values. - Added econftool cat option (#146) - new API call: econf_readDirsHistory (showing ALL locations) - new API call: econf_getPath (absolute path of the configuration file) - Man pages libeconf.3 and econftool.8. - Handling multiline strings. - Added libeconf_ext which returns more information like line_nr, comments, path of the configuration file,... - Econftool, an command line interface for handling configuration files. - Generating HTML API documentation with doxygen. - Improving error handling and semantic file check. - Joining entries with the same key to one single entry if env variable ECONF_JOIN_SAME_ENTRIES has been set.

shadow:

- The legacy code does not support /etc/login.defs.d used by YaST. Enable libeconf to read it (bsc#1192954, jsc#SLE-23384, jsc#SLE-23402)

util-linux:

- The legacy code does not support /etc/login.defs.d used by YaST. Enable libeconf to read it (bsc#1192954, jsc#SLE-23384, jsc#SLE-23402) - Allow use of larger values for start sector to prevent `blockdev --report` aborting (bsc#1188507) - Fixed `blockdev --report` using non-space characters as a field separator (bsc#1188507) - CVE-2021-3995: Fixed unauthorized unmount in util-linux's libmount. (bsc#1194976) - CVE-2021-3996: Fixed unauthorized unmount in util-linux's libmount. (bsc#1194976)
Family:unixClass:patch
Status:Reference(s):1188507
1192954
1193632
1194976
CVE-2011-4349
CVE-2021-3995
CVE-2021-3996
Platform(s):Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • libcolord-gtk-devel-0.1.26-1.48 is installed
  • OR libcolord-gtk1-0.1.26-1.48 is installed
  • OR typelib-1_0-ColordGtk-1_0-0.1.26-1.48 is installed
  • Definition Synopsis
  • Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE is installed
  • AND Package Information
  • libblkid1-2.36.2-150300.4.14.3 is installed
  • OR libeconf0-0.4.4+git20220104.962774f-150300.3.6.2 is installed
  • OR libfdisk1-2.36.2-150300.4.14.3 is installed
  • OR libmount1-2.36.2-150300.4.14.3 is installed
  • OR libsmartcols1-2.36.2-150300.4.14.3 is installed
  • OR libuuid1-2.36.2-150300.4.14.3 is installed
  • OR login_defs-4.8.1-150300.4.3.8 is installed
  • OR shadow-4.8.1-150300.4.3.8 is installed
  • OR util-linux-2.36.2-150300.4.14.3 is installed
  • OR util-linux-systemd-2.36.2-150300.4.14.2 is installed
  • BACK