Oval Definition:oval:org.opensuse.security:def:202139360
Revision Date:2022-09-02Version:1
Title:CVE-2021-39360
Description:

In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-39360
SUSE CVE-2021-39360
Platform(s):openSUSE Tumbleweed
SUSE Linux Enterprise Desktop 12 SP5
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Workstation Extension 12 SP5
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP3
SUSE Linux Enterprise Workstation Extension 15 SP4
Product(s):
Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libzapojit-0_0-0-0.0.3-7.1 is installed
  • OR libzapojit-devel-0.0.3-7.1 is installed
  • OR typelib-1_0-Zpj-0_0-0.0.3-7.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND libzapojit is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed
  • AND Package Information
  • libzapojit-0_0-0 is affected
  • OR typelib-1_0-Zpj-0_0 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND libzapojit is affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed
  • AND
  • libzapojit-0_0-0 is affected
  • OR typelib-1_0-Zpj-0_0 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP4 is installed
  • AND Package Information
  • libzapojit-0_0-0-0.0.3-150400.13.8 is installed
  • OR typelib-1_0-Zpj-0_0-0.0.3-150400.13.8 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP5 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • OR SUSE Linux Enterprise Workstation Extension 12 SP5 is installed
  • AND Package Information
  • libzapojit-0_0-0 is affected
  • OR typelib-1_0-Zpj-0_0 is affected
    • BACK