OVAL Reference oval:org.opensuse.security:def:20181000156

Oval Definition:

oval:org.opensuse.security:def:20181000156

Revision Date:	2023-06-22	Version:	1
Title:	CVE-2018-1000156
Description:	GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-1000156 SUSE-SU-2018:1128-1 SUSE-SU-2018:1162-1 openSUSE-SU-2018:1137-1 Mitre CVE-2018-1000156 SUSE CVE-2018-1000156 SUSE-SU-2018:1128-1 SUSE-SU-2018:1162-1 openSUSE-SU-2018:1137-1
Platform(s):	openSUSE Leap 42.3 openSUSE Tumbleweed SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Linux Enterprise Storage 6 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.0 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.0 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.0 SUSE Manager Server 4.1 SUSE Manager Server 4.2 SUSE Manager Server 4.3 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND patch-2.5.9-252.22.7 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND patch-2.5.9-252.22.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed AND patch-2.7.5-8.5 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND patch-2.5.9-252.22.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Point of Sale 11 SP3 is installed AND patch-2.5.9-252.22.7 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND patch-2.5.9-252.22.7 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND patch-2.5.9-252.22.7 is installed
Definition Synopsis
openSUSE Leap 42.3 is installed AND Package Information patch-2.7.5-9.3 is installed AND patch is signed with openSUSE key
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND patch-2.7.6-3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Point of Sale 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND patch-2.5.9-252.22.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed AND patch-2.7.5-8.5 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3 is installed AND patch-2.7.5-8.5 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND patch-2.5.9-252.22.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND patch-2.7.5-8.5 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Desktop 12 SP4 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed AND patch-2.5.9-252.22.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Point of Sale 11 SP3 is installed OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND patch-2.5.9-252.22.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND patch-2.5.9-252.22.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed OR SUSE Linux Enterprise Module for Development Tools 15 is installed AND patch-2.7.6-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise High Performance Computing 12 SP5 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND patch-2.7.5-8.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND patch-2.7.6-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND patch-2.7.6-3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed OR SUSE Linux Enterprise Module for Development Tools 15 is installed AND patch-2.7.6-3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed AND patch-2.7.5-8.5.1 is installed OR Package Information SUSE Linux Enterprise Desktop 12 SP2 is installed AND patch is affected OR Package Information SUSE Linux Enterprise Desktop 12 SP3 is installed AND patch-2.7.5-8.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND patch-2.7.6-3.5 is installed
Definition Synopsis
openSUSE Tumbleweed is installed AND Package Information bosh-2021.09.01-44.2 is installed OR btcflash-2021.09.01-44.2 is installed OR cdda2wav-3.02~a10-44.2 is installed OR cdrecord-3.02~a10-44.2 is installed OR libcdrdeflt1_0-3.02~a10-44.2 is installed OR libdeflt1_0-2021.09.01-44.2 is installed OR libedc_ecc1_0-3.02~a10-44.2 is installed OR libedc_ecc_dec1_0-3.02~a10-44.2 is installed OR libfile1_0-2021.09.01-44.2 is installed OR libfind4_0-1.8-44.2 is installed OR libparanoia1_0-3.02~a10-44.2 is installed OR librmt-devel-doc-2021.09.01-44.2 is installed OR librmt1_0-2021.09.01-44.2 is installed OR librscg1_0-2021.09.01-44.2 is installed OR libscg-devel-2021.09.01-44.2 is installed OR libscg1_0-2021.09.01-44.2 is installed OR libscgcmd1_0-2021.09.01-44.2 is installed OR libschily-devel-2021.09.01-44.2 is installed OR libschily-devel-doc-2021.09.01-44.2 is installed OR libschily2_0-2021.09.01-44.2 is installed OR libxtermcap1_0-2021.09.01-44.2 is installed OR mkisofs-3.02~a10-44.2 is installed OR patch-2.7.6-3.43 is installed OR readcd-3.02~a10-44.2 is installed OR rscsi-2021.09.01-44.2 is installed OR sccs-2021.09.01-44.2 is installed OR schily-ctags-2021.09.01-44.2 is installed OR schily-mt-2021.09.01-44.2 is installed OR schily-rmt-2021.09.01-44.2 is installed OR smake-2021.09.01-44.2 is installed OR spax-1.6.1-44.2 is installed OR star-1.6.1-44.2 is installed OR ved-1.8-44.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND patch-2.7.6-3.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed OR SUSE Linux Enterprise Module for Development Tools 15 is installed AND patch-2.7.6-3.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND patch-2.7.6-3.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed AND patch-2.5.9-252.22.7.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3-LTSS is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed AND patch-2.5.9-252.22.7.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND patch-2.5.9-252.22.7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND patch is affected
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed AND patch-2.7.5-8.5.1 is installed OR Package Information SUSE Linux Enterprise Server 12 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND patch is affected OR Package Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND patch-2.7.5-8.5.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP1 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP1 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed OR SUSE Linux Enterprise Server 15 SP1 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed OR SUSE Linux Enterprise Storage 6 is installed OR SUSE Manager Proxy 4.0 is installed OR SUSE Manager Retail Branch Server 4.0 is installed OR SUSE Manager Server 4.0 is installed AND patch-2.7.6-3.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP2 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Storage 7 is installed OR SUSE Manager Proxy 4.1 is installed OR SUSE Manager Retail Branch Server 4.1 is installed OR SUSE Manager Server 4.1 is installed AND patch-2.7.6-3.5 is installed
Definition Synopsis
Release Information SUSE OpenStack Cloud 8 is installed OR SUSE OpenStack Cloud Crowbar 8 is installed AND patch is affected OR Package Information SUSE Linux Enterprise Server 12 SP3 is installed AND patch-2.7.5-8.5.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4 is installed AND patch-2.7.5-8.5.1 is installed OR Package Information SUSE OpenStack Cloud 9 is installed OR SUSE OpenStack Cloud Crowbar 9 is installed AND patch is affected
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP2 is installed OR SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.1 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.1 is installed OR SUSE Manager Server 4.2 is installed AND patch-2.7.6-3.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP4 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed OR SUSE Linux Enterprise Server 15 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed OR SUSE Manager Proxy 4.3 is installed OR SUSE Manager Retail Branch Server 4.3 is installed OR SUSE Manager Server 4.3 is installed AND patch-2.7.6-3.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 12 SP5 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed AND patch-2.7.5-8.5.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 12 SP5 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed AND patch-2.7.5-8.5.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND patch is affected
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed AND patch-2.7.5-8.5.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed AND patch-2.7.5-8.5.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND patch is affected
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP5 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP5 is installed OR SUSE Linux Enterprise Server 15 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed AND patch-2.7.6-150000.5.3.1 is installed

BACK