OVAL Reference oval:org.opensuse.security:def:1508

Oval Definition:

oval:org.opensuse.security:def:1508

Revision Date:	2022-04-19	Version:	1
Title:	Security update for icedtea-web (Important)
Description:	This update for icedtea-web fixes the following issues: - CVE-2019-10181: Fixed an issue where an attacker could inject unsigned code in a signed JAR file (bsc#1142835). - CVE-2019-10182: Fixed a path traversal issue where an attacker could upload arbritrary files by tricking a victim into running a specially crafted application(bsc#1142825). - CVE-2019-10185: Fixed an issue where an attacker could write files to arbitrary locations during JAR auto-extraction (bsc#1142832).
Family:	unix	Class:	patch
Status:		Reference(s):	1084671 1092920 1106383 1133495 1142825 1142832 1142835 1151377 1154256 1155207 1155574 1156213 1156482 1158485 1159814 1161436 1162108 CVE-2014-3158 CVE-2015-3310 CVE-2017-5884 CVE-2017-5885 CVE-2019-10181 CVE-2019-10182 CVE-2019-10185 CVE-2019-20386 CVE-2019-20386 CVE-2020-1712 CVE-2020-1712 SUSE-SU-2020:0335-1 SUSE-SU-2022:1259-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for CAP 15 SP1 SUSE Linux Enterprise Module for Containers 15 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Package Hub 15 SP3 SUSE Linux Enterprise Module for Realtime packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Storage 6 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND radvd-1.9.7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-28 is installed OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information ppp-2.4.7-3.28 is installed OR ppp-devel-2.4.7-3.28 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libsystemd0-234-24.39 is installed OR libsystemd0-32bit-234-24.39 is installed OR libudev-devel-234-24.39 is installed OR libudev1-234-24.39 is installed OR libudev1-32bit-234-24.39 is installed OR systemd-234-24.39 is installed OR systemd-32bit-234-24.39 is installed OR systemd-bash-completion-234-24.39 is installed OR systemd-container-234-24.39 is installed OR systemd-coredump-234-24.39 is installed OR systemd-devel-234-24.39 is installed OR systemd-sysvinit-234-24.39 is installed OR udev-234-24.39 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information libxslt-1.1.32-3.3 is installed OR libxslt-devel-1.1.32-3.3 is installed OR libxslt-tools-1.1.32-3.3 is installed OR libxslt1-1.1.32-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for CAP 15 SP1 is installed AND cf-cli-6.43.0-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 is installed AND Package Information containerd-1.2.5-5.13 is installed OR docker-18.09.6_ce-6.17 is installed OR docker-bash-completion-18.09.6_ce-6.17 is installed OR docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed OR docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 SP1 is installed AND Package Information fuse-overlayfs-0.4.1-3.3 is installed OR fuse3-3.6.1-3.3 is installed OR libfuse3-3-3.6.1-3.3 is installed OR podman-1.4.4-4.8 is installed OR podman-cni-config-1.4.4-4.8 is installed OR slirp4netns-0.3.0-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information libmodplug-devel-0.3.9-3.3 is installed OR libmodplug1-0.3.9-3.3 is installed OR libopenmpt-0.3.9-3.3 is installed OR libopenmpt-devel-0.3.9-3.3 is installed OR libopenmpt0-0.3.9-3.3 is installed OR libopenmpt_modplug1-0.3.9-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libtag-devel-1.11.1-4.3 is installed OR libtag_c0-1.11.1-4.3 is installed OR taglib-1.11.1-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information libsolv-0.6.35-3.5 is installed OR perl-solv-0.6.35-3.5 is installed OR python3-solv-0.6.35-3.5 is installed OR ruby-solv-0.6.35-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Package Hub 15 SP3 is installed AND Package Information icedtea-web-1.7.2-150100.7.3.1 is installed OR icedtea-web-javadoc-1.7.2-150100.7.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Realtime packages 15 SP1 is installed AND Package Information cluster-md-kmp-rt-4.12.14-14.14 is installed OR dlm-kmp-rt-4.12.14-14.14 is installed OR gfs2-kmp-rt-4.12.14-14.14 is installed OR kernel-devel-rt-4.12.14-14.14 is installed OR kernel-rt-4.12.14-14.14 is installed OR kernel-rt-base-4.12.14-14.14 is installed OR kernel-rt-devel-4.12.14-14.14 is installed OR kernel-rt_debug-4.12.14-14.14 is installed OR kernel-rt_debug-devel-4.12.14-14.14 is installed OR kernel-source-rt-4.12.14-14.14 is installed OR kernel-syms-rt-4.12.14-14.14 is installed OR ocfs2-kmp-rt-4.12.14-14.14 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information gtk-vnc-devel-0.7.2-1 is installed OR libgvncpulse-1_0-0-0.7.2-1 is installed OR typelib-1_0-GVnc-1_0-0.7.2-1 is installed OR typelib-1_0-GVncPulse-1_0-0.7.2-1 is installed OR typelib-1_0-GtkVnc-1_0-0.7.2-1 is installed OR typelib-1_0-GtkVnc-2_0-0.7.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libXext6-1.3.2-3 is installed OR libXext6-32bit-1.3.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libpulse-mainloop-glib0-5.0-2.7 is installed OR libpulse-mainloop-glib0-32bit-5.0-2.7 is installed OR libpulse0-5.0-2.7 is installed OR libpulse0-32bit-5.0-2.7 is installed OR pulseaudio-5.0-2.7 is installed OR pulseaudio-esound-compat-5.0-2.7 is installed OR pulseaudio-gdm-hooks-5.0-2.7 is installed OR pulseaudio-lang-5.0-2.7 is installed OR pulseaudio-module-x11-5.0-2.7 is installed OR pulseaudio-module-zeroconf-5.0-2.7 is installed OR pulseaudio-utils-5.0-2.7 is installed

BACK