OVAL Reference oval:org.opensuse.security:def:202124032

Oval Definition:

oval:org.opensuse.security:def:202124032

Revision Date:	2022-09-02	Version:	1
Title:	CVE-2021-24032
Description:	Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	Mitre CVE-2021-24032 SUSE CVE-2021-24032 SUSE-CU-2021:178-1 SUSE-CU-2021:179-1 SUSE-CU-2021:180-1 SUSE-CU-2021:181-1 SUSE-CU-2021:182-1 SUSE-CU-2021:183-1 SUSE-CU-2021:184-1 SUSE-CU-2021:185-1 SUSE-CU-2021:186-1 SUSE-CU-2021:187-1 SUSE-CU-2021:188-1 SUSE-CU-2021:189-1 SUSE-CU-2021:190-1 SUSE-CU-2021:191-1 SUSE-CU-2021:192-1 SUSE-CU-2021:193-1 SUSE-CU-2021:194-1 SUSE-CU-2021:195-1 SUSE-CU-2021:196-1 SUSE-CU-2021:197-1 SUSE-CU-2021:201-1 SUSE-CU-2021:202-1 SUSE-CU-2021:203-1 SUSE-CU-2021:204-1 SUSE-CU-2021:205-1 SUSE-CU-2021:206-1 SUSE-CU-2021:207-1 SUSE-CU-2021:208-1 SUSE-CU-2021:209-1 SUSE-CU-2021:211-1 SUSE-CU-2021:212-1 SUSE-CU-2021:213-1 SUSE-CU-2021:214-1 SUSE-CU-2021:215-1 SUSE-CU-2021:216-1 SUSE-CU-2021:217-1 SUSE-CU-2021:218-1 SUSE-CU-2021:220-1 SUSE-CU-2021:221-1 SUSE-CU-2021:222-1 SUSE-CU-2021:223-1 SUSE-CU-2021:230-1 SUSE-CU-2021:231-1 SUSE-CU-2021:232-1 SUSE-CU-2021:233-1 SUSE-CU-2021:235-1 SUSE-CU-2021:236-1 SUSE-CU-2021:237-1 SUSE-CU-2021:238-1 SUSE-CU-2021:85-1 SUSE-CU-2021:86-1 SUSE-CU-2021:87-1 SUSE-CU-2021:93-1 SUSE-CU-2021:96-1 SUSE-CU-2021:97-1 SUSE-CU-2021:98-1 SUSE-CU-2021:99-1 SUSE-IU-2021:429-1 SUSE-IU-2021:430-1 SUSE-IU-2021:435-1 SUSE-SU-2021:0948-1 openSUSE-SU-2021:0481-1 SUSE-CU-2021:266-1 SUSE-CU-2021:267-1 SUSE-CU-2021:268-1 SUSE-CU-2021:269-1 SUSE-CU-2021:270-1 SUSE-CU-2021:271-1 SUSE-CU-2021:272-1 SUSE-CU-2021:273-1 SUSE-CU-2021:385-1 SUSE-CU-2021:386-1 SUSE-CU-2021:387-1 SUSE-CU-2021:388-1 SUSE-CU-2021:596-1 SUSE-IU-2021:605-1 SUSE-CU-2022:495-1 SUSE-CU-2022:63-1 SUSE-CU-2022:64-1 SUSE-CU-2022:65-1 SUSE-CU-2022:66-1 SUSE-CU-2022:67-1 SUSE-CU-2022:68-1 SUSE-CU-2022:69-1 SUSE-CU-2022:70-1 SUSE-CU-2022:71-1 SUSE-CU-2022:72-1 SUSE-CU-2022:73-1 SUSE-CU-2022:74-1 SUSE-CU-2022:75-1 SUSE-CU-2022:76-1 SUSE-CU-2022:77-1 SUSE-CU-2022:78-1 SUSE-CU-2022:79-1 SUSE-CU-2022:81-1 SUSE-CU-2022:82-1 SUSE-CU-2022:86-1 SUSE-CU-2022:88-1 SUSE-CU-2022:89-1 SUSE-CU-2022:90-1 SUSE-CU-2022:91-1 SUSE-CU-2022:92-1 SUSE-CU-2022:93-1 SUSE-CU-2022:94-1 SUSE-CU-2022:95-1 SUSE-CU-2022:96-1 SUSE-CU-2022:97-1 SUSE-CU-2022:98-1 SUSE-IU-2022:148-1 SUSE-IU-2022:149-1 SUSE-IU-2022:237-1 SUSE-IU-2022:49-1
Platform(s):	Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE openSUSE Leap 15.2 openSUSE Leap 15.3 openSUSE Leap 15.3 SLE Imports SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.1 SUSE Manager Server 4.2	Product(s):
Definition Synopsis
openSUSE Leap 15.3 SLE Imports is installed AND Package Information libzstd-devel-1.4.4-1.6.1 is installed AND libzstd-devel is signed with openSUSE key OR libzstd-devel-static-1.4.4-1.6.1 is installed AND libzstd-devel-static is signed with openSUSE key OR libzstd1-1.4.4-1.6.1 is installed AND libzstd1 is signed with openSUSE key OR libzstd1-32bit-1.4.4-1.6.1 is installed AND libzstd1-32bit is signed with openSUSE key OR libzstd1-64bit-1.4.4-1.6.1 is installed AND libzstd1-64bit is signed with openSUSE key OR zstd-1.4.4-1.6.1 is installed AND zstd is signed with openSUSE key
Definition Synopsis
openSUSE Leap 15.2 is installed AND Package Information libzstd-devel-1.4.4-lp152.2.3.1 is installed AND libzstd-devel is signed with openSUSE key OR libzstd-devel-static-1.4.4-lp152.2.3.1 is installed AND libzstd-devel-static is signed with openSUSE key OR libzstd1-1.4.4-lp152.2.3.1 is installed AND libzstd1 is signed with openSUSE key OR libzstd1-32bit-1.4.4-lp152.2.3.1 is installed AND libzstd1-32bit is signed with openSUSE key OR zstd-1.4.4-lp152.2.3.1 is installed AND zstd is signed with openSUSE key
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information libzstd-devel-1.4.4-1.6.1 is installed OR libzstd1-1.4.4-1.6.1 is installed OR libzstd1-32bit-1.4.4-1.6.1 is installed OR zstd-1.4.4-1.6.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND libzstd-devel-1.4.4-1.6.1 is installed OR libzstd1-1.4.4-1.6.1 is installed OR libzstd1-32bit-1.4.4-1.6.1 is installed OR zstd-1.4.4-1.6.1 is installed OR Package Information SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND libzstd-devel-1.4.4-1.6.1 is installed OR libzstd1-1.4.4-1.6.1 is installed OR libzstd1-32bit-1.4.4-1.6.1 is installed OR zstd-1.4.4-1.6.1 is installed
Definition Synopsis
Release Information Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure is installed OR Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM is installed OR Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE is installed OR Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure is installed OR Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM is installed OR Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE is installed AND libzstd1-1.4.4-1.6.1 is installed OR Package Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND libzstd-devel-1.4.4-1.6.1 is installed OR libzstd1-1.4.4-1.6.1 is installed OR libzstd1-32bit-1.4.4-1.6.1 is installed OR zstd-1.4.4-1.6.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP2 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Storage 7 is installed OR SUSE Manager Proxy 4.1 is installed OR SUSE Manager Retail Branch Server 4.1 is installed OR SUSE Manager Server 4.1 is installed AND Package Information libzstd-devel-1.4.4-1.6.1 is installed OR libzstd1-1.4.4-1.6.1 is installed OR libzstd1-32bit-1.4.4-1.6.1 is installed OR zstd-1.4.4-1.6.1 is installed
Definition Synopsis
Release Information Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure is installed OR Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM is installed OR Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE is installed OR Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure is installed OR Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM is installed OR Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE is installed AND libzstd1-1.4.4-1.6.1 is installed OR Package Information SUSE Linux Enterprise Desktop 15 SP2 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Storage 7 is installed OR SUSE Manager Proxy 4.1 is installed OR SUSE Manager Retail Branch Server 4.1 is installed OR SUSE Manager Server 4.1 is installed AND libzstd-devel-1.4.4-1.6.1 is installed OR libzstd1-1.4.4-1.6.1 is installed OR libzstd1-32bit-1.4.4-1.6.1 is installed OR zstd-1.4.4-1.6.1 is installed
Definition Synopsis
SUSE Linux Enterprise Micro 5.0 is installed AND libzstd1-1.4.4-1.6.1 is installed
Definition Synopsis
openSUSE Leap 15.3 is installed AND Package Information libzstd1-1.4.4-1.6.1 is installed AND libzstd1 is signed with openSUSE key OR libzstd1-32bit-1.4.4-1.6.1 is installed AND libzstd1-32bit is signed with openSUSE key
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND Package Information libzstd-devel-1.4.4-1.6.1 is installed OR libzstd1-1.4.4-1.6.1 is installed OR libzstd1-32bit-1.4.4-1.6.1 is installed OR zstd-1.4.4-1.6.1 is installed

BACK