Oval Definition:	oval:org.opensuse.security:def:2606
Revision Date: 2020-12-02 Version: 1 Title: Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (Important) Description: This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues: Security issues fixed: - CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967). - CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013). - CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897). - CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898). - CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899). Other changes and bug fixes: - Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068). - Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce (bsc#1128376, bsc#1134068). - Update to Docker 18.09.5-ce see upstream changelog in the packaged (bsc#1128376, bsc#1134068). - docker-test: Improvements to test packaging (bsc#1128746). - Move daemon.json file to /etc/docker directory (bsc#1114832). - Revert golang(API) removal since it turns out this breaks >= requires in certain cases (bsc#1114209). - Fix go build failures (bsc#1121397). Family: unix Class: patch Status: Reference(s): 1071995 1079730 1098403 1107424 1111025 1114209 1114832 1118897 1118898 1118899 1119115 1121397 1121967 1123013 1128376 1128746 1129403 1134068 1134883 1135902 1136540 1136778 1138459 1139884 1139885 1139886 1140100 1140102 1140103 1140104 1140105 1140106 1140110 1140111 1140402 1140501 1140513 1140520 1140534 1140538 1140543 1140545 1140547 1140549 1140552 1140554 1140664 1140665 1140666 1140667 1140668 1140669 1140673 1141171 1141688 1141689 1141897 1142649 1143794 1144348 1144352 1146111 1146115 1146123 1148517 1149145 1149742 1150137 1152082 1153163 1153164 1154091 1154402 1156669 1172377 CVE-2018-16548 CVE-2018-16873 CVE-2018-16874 CVE-2018-16875 CVE-2019-10160 CVE-2019-12155 CVE-2019-12974 CVE-2019-12975 CVE-2019-12976 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979 CVE-2019-13133 CVE-2019-13134 CVE-2019-13135 CVE-2019-13136 CVE-2019-13137 CVE-2019-13164 CVE-2019-13295 CVE-2019-13296 CVE-2019-13297 CVE-2019-13298 CVE-2019-13299 CVE-2019-13300 CVE-2019-13301 CVE-2019-13302 CVE-2019-13303 CVE-2019-13304 CVE-2019-13305 CVE-2019-13306 CVE-2019-13307 CVE-2019-13308 CVE-2019-13309 CVE-2019-13310 CVE-2019-13311 CVE-2019-13391 CVE-2019-13454 CVE-2019-14250 CVE-2019-14378 CVE-2019-14491 CVE-2019-14492 CVE-2019-14809 CVE-2019-15847 CVE-2019-15939 CVE-2019-16168 CVE-2019-16276 CVE-2019-17177 CVE-2019-17178 CVE-2019-17596 CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2758 CVE-2019-2805 CVE-2019-2938 CVE-2019-2974 CVE-2019-5736 CVE-2019-6486 CVE-2019-9512 CVE-2019-9514 CVE-2020-13401 SUSE-SU-2019:1234-2 SUSE-SU-2019:2064-1 SUSE-SU-2019:2106-1 SUSE-SU-2019:2213-1 SUSE-SU-2019:2246-1 SUSE-SU-2019:2533-1 SUSE-SU-2019:2702-1 SUSE-SU-2019:2750-1 SUSE-SU-2019:2940-1 SUSE-SU-2019:3078-1 SUSE-SU-2019:3192-1 SUSE-SU-2019:3306-1 SUSE-SU-2020:1657-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for Rasperry Pi 12 SP2 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Package Hub for SUSE Linux Enterprise 12 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information ruby2.1-rubygem-chef-10.32.2-3 is installed OR rubygem-chef-10.32.2-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libpng15-1.5.22-9 is installed OR libpng15-15-1.5.22-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information jasper-1.900.14-181 is installed OR libjasper1-1.900.14-181 is installed OR libjasper1-32bit-1.900.14-181 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND libgme0-0.6.0-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND ctdb-4.4.2-29 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 is installed AND Package Information cluster-md-kmp-default-4.12.14-25.6 is installed OR dlm-kmp-default-4.12.14-25.6 is installed OR gfs2-kmp-default-4.12.14-25.6 is installed OR kernel-default-4.12.14-25.6 is installed OR ocfs2-kmp-default-4.12.14-25.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 15 SP1 is installed AND Package Information containerd-1.2.5-5.13 is installed OR docker-18.09.6_ce-6.17 is installed OR docker-bash-completion-18.09.6_ce-6.17 is installed OR docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed OR docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed Definition Synopsis SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed AND Package Information libpmi0-18.08.8-3.4 is installed OR libslurm33-18.08.8-3.4 is installed OR perl-Switch-2.17-3.2 is installed OR perl-slurm-18.08.8-3.4 is installed OR slurm-18.08.8-3.4 is installed OR slurm-auth-none-18.08.8-3.4 is installed OR slurm-config-18.08.8-3.4 is installed OR slurm-config-man-18.08.8-3.4 is installed OR slurm-devel-18.08.8-3.4 is installed OR slurm-doc-18.08.8-3.4 is installed OR slurm-lua-18.08.8-3.4 is installed OR slurm-munge-18.08.8-3.4 is installed OR slurm-node-18.08.8-3.4 is installed OR slurm-pam_slurm-18.08.8-3.4 is installed OR slurm-plugins-18.08.8-3.4 is installed OR slurm-slurmdbd-18.08.8-3.4 is installed OR slurm-sql-18.08.8-3.4 is installed OR slurm-sview-18.08.8-3.4 is installed OR slurm-torque-18.08.8-3.4 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information java-1_8_0-openjdk-1.8.0.181-3.10 is installed OR java-1_8_0-openjdk-demo-1.8.0.181-3.10 is installed OR java-1_8_0-openjdk-devel-1.8.0.181-3.10 is installed OR java-1_8_0-openjdk-headless-1.8.0.181-3.10 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.35-3.20 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.35-3.20 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.35-3.20 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.35-3.20 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-3-2 is installed OR kernel-livepatch-SLE15_Update_1-3-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.4 is installed OR kernel-default-livepatch-4.12.14-197.4 is installed OR kernel-default-livepatch-devel-4.12.14-197.4 is installed OR kernel-livepatch-4_12_14-197_4-default-1-3.3 is installed OR kernel-livepatch-SLE15-SP1_Update_1-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information python-2.7.14-7.14 is installed OR python-demo-2.7.14-7.14 is installed OR python-doc-2.7.14-7.14 is installed OR python-doc-pdf-2.7.14-7.14 is installed OR python-idle-2.7.14-7.14 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information bzip2-1.0.6-5.3 is installed OR bzip2-doc-1.0.6-5.3 is installed OR libbz2-devel-32bit-1.0.6-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information MozillaFirefox-68.6.0-3.75 is installed OR MozillaFirefox-branding-upstream-68.6.0-3.75 is installed OR MozillaFirefox-buildsymbols-68.6.0-3.75 is installed OR MozillaFirefox-devel-68.6.0-3.75 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-requests-2.3.0-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information subversion-1.10.0-3.3 is installed OR subversion-server-1.10.0-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND squid-4.8-5.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-4.6 is installed OR php7-7.2.5-4.6 is installed OR php7-bcmath-7.2.5-4.6 is installed OR php7-bz2-7.2.5-4.6 is installed OR php7-calendar-7.2.5-4.6 is installed OR php7-ctype-7.2.5-4.6 is installed OR php7-curl-7.2.5-4.6 is installed OR php7-dba-7.2.5-4.6 is installed OR php7-devel-7.2.5-4.6 is installed OR php7-dom-7.2.5-4.6 is installed OR php7-enchant-7.2.5-4.6 is installed OR php7-exif-7.2.5-4.6 is installed OR php7-fastcgi-7.2.5-4.6 is installed OR php7-fileinfo-7.2.5-4.6 is installed OR php7-fpm-7.2.5-4.6 is installed OR php7-ftp-7.2.5-4.6 is installed OR php7-gd-7.2.5-4.6 is installed OR php7-gettext-7.2.5-4.6 is installed OR php7-gmp-7.2.5-4.6 is installed OR php7-iconv-7.2.5-4.6 is installed OR php7-intl-7.2.5-4.6 is installed OR php7-json-7.2.5-4.6 is installed OR php7-ldap-7.2.5-4.6 is installed OR php7-mbstring-7.2.5-4.6 is installed OR php7-mysql-7.2.5-4.6 is installed OR php7-odbc-7.2.5-4.6 is installed OR php7-opcache-7.2.5-4.6 is installed OR php7-openssl-7.2.5-4.6 is installed OR php7-pcntl-7.2.5-4.6 is installed OR php7-pdo-7.2.5-4.6 is installed OR php7-pear-7.2.5-4.6 is installed OR php7-pear-Archive_Tar-7.2.5-4.6 is installed OR php7-pgsql-7.2.5-4.6 is installed OR php7-phar-7.2.5-4.6 is installed OR php7-posix-7.2.5-4.6 is installed OR php7-shmop-7.2.5-4.6 is installed OR php7-snmp-7.2.5-4.6 is installed OR php7-soap-7.2.5-4.6 is installed OR php7-sockets-7.2.5-4.6 is installed OR php7-sqlite-7.2.5-4.6 is installed OR php7-sysvmsg-7.2.5-4.6 is installed OR php7-sysvsem-7.2.5-4.6 is installed OR php7-sysvshm-7.2.5-4.6 is installed OR php7-tokenizer-7.2.5-4.6 is installed OR php7-wddx-7.2.5-4.6 is installed OR php7-xmlreader-7.2.5-4.6 is installed OR php7-xmlrpc-7.2.5-4.6 is installed OR php7-xmlwriter-7.2.5-4.6 is installed OR php7-xsl-7.2.5-4.6 is installed OR php7-zip-7.2.5-4.6 is installed OR php7-zlib-7.2.5-4.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs10-10.16.0-1.9 is installed OR nodejs10-devel-10.16.0-1.9 is installed OR nodejs10-docs-10.16.0-1.9 is installed OR npm10-10.16.0-1.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information accountsservice-0.6.35-1 is installed OR accountsservice-lang-0.6.35-1 is installed OR libaccountsservice0-0.6.35-1 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr3.0-10 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr3.0-10 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr3.0-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND rpcbind-0.2.3-21 is installed Definition Synopsis SUSE Linux Enterprise Server for Rasperry Pi 12 SP2 is installed AND gd-2.1.0-20.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information MozillaFirefox-31.4.0esr-20.1 is installed OR MozillaFirefox-devel-31.4.0esr-20.1 is installed OR mozilla-nss-3.17.3-16.1 is installed OR mozilla-nss-devel-3.17.3-16.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND libxerces-c-devel-3.1.1-4.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information libreoffice-5.0.2.2-13.14 is installed OR libreoffice-base-5.0.2.2-13.14 is installed OR libreoffice-base-drivers-mysql-5.0.2.2-13.14 is installed OR libreoffice-base-drivers-postgresql-5.0.2.2-13.14 is installed OR libreoffice-calc-5.0.2.2-13.14 is installed OR libreoffice-calc-extensions-5.0.2.2-13.14 is installed OR libreoffice-draw-5.0.2.2-13.14 is installed OR libreoffice-filters-optional-5.0.2.2-13.14 is installed OR libreoffice-gnome-5.0.2.2-13.14 is installed OR libreoffice-icon-theme-tango-5.0.2.2-13.14 is installed OR libreoffice-impress-5.0.2.2-13.14 is installed OR libreoffice-l10n-af-5.0.2.2-13.14 is installed OR libreoffice-l10n-ar-5.0.2.2-13.14 is installed OR libreoffice-l10n-ca-5.0.2.2-13.14 is installed OR libreoffice-l10n-cs-5.0.2.2-13.14 is installed OR libreoffice-l10n-da-5.0.2.2-13.14 is installed OR libreoffice-l10n-de-5.0.2.2-13.14 is installed OR libreoffice-l10n-en-5.0.2.2-13.14 is installed OR libreoffice-l10n-es-5.0.2.2-13.14 is installed OR libreoffice-l10n-fi-5.0.2.2-13.14 is installed OR libreoffice-l10n-fr-5.0.2.2-13.14 is installed OR libreoffice-l10n-gu-5.0.2.2-13.14 is installed OR libreoffice-l10n-hi-5.0.2.2-13.14 is installed OR libreoffice-l10n-hu-5.0.2.2-13.14 is installed OR libreoffice-l10n-it-5.0.2.2-13.14 is installed OR libreoffice-l10n-ja-5.0.2.2-13.14 is installed OR libreoffice-l10n-ko-5.0.2.2-13.14 is installed OR libreoffice-l10n-nb-5.0.2.2-13.14 is installed OR libreoffice-l10n-nl-5.0.2.2-13.14 is installed OR libreoffice-l10n-nn-5.0.2.2-13.14 is installed OR libreoffice-l10n-pl-5.0.2.2-13.14 is installed OR libreoffice-l10n-pt-BR-5.0.2.2-13.14 is installed OR libreoffice-l10n-pt-PT-5.0.2.2-13.14 is installed OR libreoffice-l10n-ru-5.0.2.2-13.14 is installed OR libreoffice-l10n-sk-5.0.2.2-13.14 is installed OR libreoffice-l10n-sv-5.0.2.2-13.14 is installed OR libreoffice-l10n-xh-5.0.2.2-13.14 is installed OR libreoffice-l10n-zh-Hans-5.0.2.2-13.14 is installed OR libreoffice-l10n-zh-Hant-5.0.2.2-13.14 is installed OR libreoffice-l10n-zu-5.0.2.2-13.14 is installed OR libreoffice-mailmerge-5.0.2.2-13.14 is installed OR libreoffice-math-5.0.2.2-13.14 is installed OR libreoffice-officebean-5.0.2.2-13.14 is installed OR libreoffice-pyuno-5.0.2.2-13.14 is installed OR libreoffice-writer-5.0.2.2-13.14 is installed OR libreoffice-writer-extensions-5.0.2.2-13.14 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-150.17 is installed OR kernel-default-extra-4.12.14-150.17 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information gnome-shell-3.26.2+20180130.0d9c74212-4.19 is installed OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-4.19 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information irssi-0.8.20-9 is installed OR irssi-devel-0.8.20-9 is installed
BACK