OVAL Reference oval:org.opensuse.security:def:1613

Oval Definition:

oval:org.opensuse.security:def:1613

Revision Date:	2021-06-11	Version:	1
Title:	Security update for squid (Important)
Description:	This update for squid fixes the following issues: - update to 4.15: - CVE-2021-28652: Broken cache manager URL parsing (bsc#1185918) - CVE-2021-28651: Memory leak in RFC 2169 response parsing (bsc#1185921) - CVE-2021-28662: Limit HeaderLookupTable_t::lookup() to BadHdr and specific IDs (bsc#1185919) - CVE-2021-31806: Handle more Range requests (bsc#1185916) - CVE-2020-25097: HTTP Request Smuggling vulnerability (bsc#1183436) - Handle more partial responses (bsc#1185923) - fix previous change to reinstante permissions macros, because the wrong path has been used (bsc#1171569). - use libexecdir instead of libdir to conform to recent changes in Factory (bsc#1171164). - Reinstate permissions macros for pinger binary, because the permissions package is also responsible for setting up the cap_net_raw capability, currently a fresh squid install doesn't get a capability bit at all (bsc#1171569). - Change pinger and basic_pam_auth helper to use standard permissions. pinger uses cap_net_raw=ep instead (bsc#1171569)
Family:	unix	Class:	patch
Status:		Reference(s):	1150733 1171164 1171569 1183436 1185916 1185918 1185919 1185921 1185923 CVE-2015-8605 CVE-2017-12678 CVE-2017-3144 CVE-2018-11439 CVE-2018-5732 CVE-2018-5733 CVE-2019-3689 CVE-2019-3689 CVE-2019-6470 CVE-2020-25097 CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 SUSE-SU-2019:2782-1 SUSE-SU-2021:1961-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.1 SUSE Manager Server 4.2	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information hplip-3.14.6-3 is installed OR hplip-hpijs-3.14.6-3 is installed OR hplip-sane-3.14.6-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed AND Package Information libtag-devel-1.11.1-4.6.1 is installed OR libtag_c0-1.11.1-4.6.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information cluster-md-kmp-default-4.12.14-25.6 is installed OR dlm-kmp-default-4.12.14-25.6 is installed OR gfs2-kmp-default-4.12.14-25.6 is installed OR kernel-default-4.12.14-25.6 is installed OR ocfs2-kmp-default-4.12.14-25.6 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP1 is installed AND Package Information cluster-md-kmp-default-4.12.14-197.21 is installed OR dlm-kmp-default-4.12.14-197.21 is installed OR gfs2-kmp-default-4.12.14-197.21 is installed OR kernel-default-4.12.14-197.21 is installed OR ocfs2-kmp-default-4.12.14-197.21 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Server Applications 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND squid-4.15-5.26.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information nfs-client-2.1.1-10.4 is installed OR nfs-doc-2.1.1-10.4 is installed OR nfs-kernel-server-2.1.1-10.4 is installed OR nfs-utils-2.1.1-10.4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information typelib-1_0-JavaScriptCore-4_0-2.20.5-3.8 is installed OR typelib-1_0-WebKit2-4_0-2.20.5-3.8 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.20.5-3.8 is installed OR webkit2gtk3-2.20.5-3.8 is installed OR webkit2gtk3-devel-2.20.5-3.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libtag-devel-1.11.1-4.3 is installed OR libtag_c0-1.11.1-4.3 is installed OR taglib-1.11.1-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information crash-7.2.1-3.2 is installed OR crash-devel-7.2.1-3.2 is installed OR crash-kmp-default-7.2.1_k4.12.14_23-3.2 is installed OR lttng-modules-2.10.0-5.2 is installed OR lttng-modules-kmp-default-2.10.0_k4.12.14_23-5.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information python3-base-3.6.8-3.16 is installed OR python3-tools-3.6.8-3.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information kernel-default-4.12.14-25.25 is installed OR kernel-default-base-4.12.14-25.25 is installed OR kernel-docs-4.12.14-25.25 is installed OR kernel-docs-html-4.12.14-25.25 is installed OR kernel-obs-qa-4.12.14-25.25 is installed OR kselftests-kmp-default-4.12.14-25.25 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information sysstat-12.0.2-3.15 is installed OR sysstat-isag-12.0.2-3.15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information dhcp-relay-4.3.5-6.3 is installed OR dhcp-server-4.3.5-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND jakarta-commons-fileupload-1.1.1-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND p7zip-9.20.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information vino-3.20.2-5.8 is installed OR vino-lang-3.20.2-5.8 is installed

BACK