Oval Definition:oval:org.opensuse.security:def:102350
Revision Date:2022-04-19Version:1
Title:Security update for icedtea-web (Important)
Description:

This update for icedtea-web fixes the following issues:

- CVE-2019-10181: Fixed an issue where an attacker could inject unsigned code in a signed JAR file (bsc#1142835). - CVE-2019-10182: Fixed a path traversal issue where an attacker could upload arbritrary files by tricking a victim into running a specially crafted application(bsc#1142825). - CVE-2019-10185: Fixed an issue where an attacker could write files to arbitrary locations during JAR auto-extraction (bsc#1142832).
Family:unixClass:patch
Status:Reference(s):1047233
1065729
1113295
1142825
1142832
1142835
1152472
1152489
1153274
1154353
1155518
1156256
1156395
1159280
1160634
1167574
1167773
1168777
1169514
1169709
1171295
1173485
1175995
1177326
1178163
1178181
1178330
1179454
1180197
1180980
1181383
1181507
1181674
1181862
1182011
1182077
1182485
1182552
1182574
1182591
1182595
1182715
1182716
1182717
1182770
1182989
1183015
1183018
1183022
1183023
1183048
1183252
1183277
1183278
1183279
1183280
1183281
1183282
1183283
1183284
1183285
1183286
1183287
1183288
1183366
1183369
1183386
1183405
1183412
1183416
1183427
1183428
1183445
1183447
1183501
1183509
1183530
1183534
1183540
1183593
1183596
1183598
1183637
1183646
1183662
1183686
1183692
1183696
1183750
1183757
1183775
1183843
1183859
1183871
1184074
1184120
1184167
1184168
1184170
1184176
1184192
1184193
1184194
1184196
1184198
1184211
1184217
1184218
1184219
1184220
1184224
1184388
1184391
1184393
1184485
1184509
1184511
1184512
1184514
1184583
1184585
1184647
CVE-2019-10181
CVE-2019-10182
CVE-2019-10185
CVE-2019-18814
CVE-2019-19769
CVE-2020-25670
CVE-2020-25671
CVE-2020-25672
CVE-2020-25673
CVE-2020-27170
CVE-2020-27171
CVE-2020-27815
CVE-2020-35519
CVE-2020-36310
CVE-2020-36311
CVE-2020-36312
CVE-2020-36322
CVE-2021-27363
CVE-2021-27364
CVE-2021-27365
CVE-2021-28038
CVE-2021-28375
CVE-2021-28660
CVE-2021-28688
CVE-2021-28950
CVE-2021-28964
CVE-2021-28971
CVE-2021-28972
CVE-2021-29154
CVE-2021-29264
CVE-2021-29265
CVE-2021-29647
CVE-2021-30002
CVE-2021-3428
CVE-2021-3444
CVE-2021-3483
SUSE-SU-2021:1238-1
SUSE-SU-2022:1259-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Live Patching 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Workstation Extension 15 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed
  • AND Package Information
  • kernel-default-livepatch-5.3.18-24.61.1 is installed
  • OR kernel-default-livepatch-devel-5.3.18-24.61.1 is installed
  • OR kernel-livepatch-5_3_18-24_61-default-1-5.3.4 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed
  • AND icedtea-web-1.7.2-150100.7.3.1 is installed
    • BACK