Oval Definition:oval:org.opensuse.security:def:2667
Revision Date:2020-12-02Version:1
Title:Security update for openssh (Moderate)
Description:

This update for openssh fixes the following issues:

- CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration (or 'oracle') as a vulnerability. (bsc#1106163) - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010)

The following non-security issues were fixed:

- Stop leaking File descriptors (bsc#964336) - sftp-client.c returns wrong error code upon failure (bsc#1091396) - added pam_keyinit to pam configuration file (bsc#1081947)

Family:unixClass:patch
Status:Reference(s):1004220
1010783
1081947
1083630
1087320
1091045
1091396
1096328
1099874
1105010
1106163
1108889
1113455
1117505
1117511
1118595
1118596
1119991
1120281
1120639
1120852
1121759
1125277
1125601
1127153
1127838
1128525
1130245
1134452
1144902
1146873
1152506
1154289
1154598
1155321
1155812
1156318
964336
CVE-2016-9396
CVE-2017-12627
CVE-2017-6888
CVE-2018-1000845
CVE-2018-12207
CVE-2018-15473
CVE-2018-15518
CVE-2018-15919
CVE-2018-18444
CVE-2018-19539
CVE-2018-19542
CVE-2018-19873
CVE-2018-20126
CVE-2019-0804
CVE-2019-10218
CVE-2019-11135
CVE-2019-12068
CVE-2019-14833
CVE-2019-14847
CVE-2019-3811
CVE-2019-8551
CVE-2019-8558
CVE-2019-8559
CVE-2019-8563
CVE-2019-8625
CVE-2019-8674
CVE-2019-8681
CVE-2019-8684
CVE-2019-8686
CVE-2019-8687
CVE-2019-8688
CVE-2019-8689
CVE-2019-8690
CVE-2019-8707
CVE-2019-8710
CVE-2019-8719
CVE-2019-8720
CVE-2019-8726
CVE-2019-8733
CVE-2019-8735
CVE-2019-8743
CVE-2019-8763
CVE-2019-8764
CVE-2019-8765
CVE-2019-8766
CVE-2019-8768
CVE-2019-8769
CVE-2019-8771
CVE-2019-8782
CVE-2019-8783
CVE-2019-8808
CVE-2019-8811
CVE-2019-8812
CVE-2019-8813
CVE-2019-8814
CVE-2019-8815
CVE-2019-8816
CVE-2019-8819
CVE-2019-8820
CVE-2019-8821
CVE-2019-8822
CVE-2019-8823
CVE-2019-8936
SUSE-SU-2018:3686-1
SUSE-SU-2019:0285-1
SUSE-SU-2019:0447-1
SUSE-SU-2019:0542-1
SUSE-SU-2019:0603-1
SUSE-SU-2019:0777-1
SUSE-SU-2019:0920-1
SUSE-SU-2019:0954-1
SUSE-SU-2019:0977-1
SUSE-SU-2019:1018-1
SUSE-SU-2019:2868-1
SUSE-SU-2019:2954-1
SUSE-SU-2019:3044-1
Platform(s):SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise for SAP 12 SP1
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Advanced Systems Management 12
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for High Performance Computing 15
SUSE Linux Enterprise Module for High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for VMWare 11 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP2
SUSE Linux Enterprise Workstation Extension 15
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND Package Information
  • openstack-neutron-2014.2.2.dev26-3 is installed
  • OR openstack-neutron-dhcp-agent-2014.2.2.dev26-3 is installed
  • OR openstack-neutron-ha-tool-2014.2.2.dev26-3 is installed
  • OR openstack-neutron-l3-agent-2014.2.2.dev26-3 is installed
  • OR openstack-neutron-lbaas-agent-2014.2.2.dev26-3 is installed
  • OR openstack-neutron-linuxbridge-agent-2014.2.2.dev26-3 is installed
  • OR openstack-neutron-metadata-agent-2014.2.2.dev26-3 is installed
  • OR openstack-neutron-metering-agent-2014.2.2.dev26-3 is installed
  • OR openstack-neutron-openvswitch-agent-2014.2.2.dev26-3 is installed
  • OR openstack-neutron-vpn-agent-2014.2.2.dev26-3 is installed
  • OR python-neutron-2014.2.2.dev26-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • MozillaFirefox-31.1.0esr-1 is installed
  • OR MozillaFirefox-translations-31.1.0esr-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • alsa-1.0.27.2-11 is installed
  • OR libasound2-1.0.27.2-11 is installed
  • OR libasound2-32bit-1.0.27.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-45.5.0esr-88 is installed
  • OR MozillaFirefox-translations-45.5.0esr-88 is installed
  • OR libfreebl3-3.21.3-50 is installed
  • OR libfreebl3-32bit-3.21.3-50 is installed
  • OR libsoftokn3-3.21.3-50 is installed
  • OR libsoftokn3-32bit-3.21.3-50 is installed
  • OR mozilla-nss-3.21.3-50 is installed
  • OR mozilla-nss-32bit-3.21.3-50 is installed
  • OR mozilla-nss-certs-3.21.3-50 is installed
  • OR mozilla-nss-certs-32bit-3.21.3-50 is installed
  • OR mozilla-nss-sysinit-3.21.3-50 is installed
  • OR mozilla-nss-sysinit-32bit-3.21.3-50 is installed
  • OR mozilla-nss-tools-3.21.3-50 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.11 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.11 is installed
  • OR python-base-2.7.13-28.11 is installed
  • OR python-devel-2.7.13-28.11 is installed
  • OR python-xml-2.7.13-28.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 SP1 is installed
  • AND Package Information
  • compat-openssl098-0.9.8j-97.1 is installed
  • OR libopenssl0_9_8-0.9.8j-97.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND Package Information
  • libpacemaker3-1.1.15-19 is installed
  • OR pacemaker-1.1.15-19 is installed
  • OR pacemaker-cli-1.1.15-19 is installed
  • OR pacemaker-cts-1.1.15-19 is installed
  • OR pacemaker-remote-1.1.15-19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND python-requests-2.8.1-6.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-94.41 is installed
  • OR dlm-kmp-default-4.12.14-94.41 is installed
  • OR gfs2-kmp-default-4.12.14-94.41 is installed
  • OR ocfs2-kmp-default-4.12.14-94.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND Package Information
  • drbd-9.0.13+git.b83ade31-3.2 is installed
  • OR drbd-kmp-default-9.0.13+git.b83ade31_k4.12.14_23-3.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • glib2-2.54.3-4.15 is installed
  • OR glib2-devel-32bit-2.54.3-4.15 is installed
  • OR glib2-tools-32bit-2.54.3-4.15 is installed
  • OR libgthread-2_0-0-32bit-2.54.3-4.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed
  • AND Package Information
  • puppet-3.6.2-3 is installed
  • OR puppet-server-3.6.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND docker-1.6.2-31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND openssh-askpass-gnome-7.6p1-9.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 is installed
  • AND Package Information
  • libpmi0-17.11.7-6.3 is installed
  • OR libslurm32-17.11.7-6.3 is installed
  • OR perl-slurm-17.11.7-6.3 is installed
  • OR slurm-17.11.7-6.3 is installed
  • OR slurm-auth-none-17.11.7-6.3 is installed
  • OR slurm-config-17.11.7-6.3 is installed
  • OR slurm-devel-17.11.7-6.3 is installed
  • OR slurm-doc-17.11.7-6.3 is installed
  • OR slurm-lua-17.11.7-6.3 is installed
  • OR slurm-munge-17.11.7-6.3 is installed
  • OR slurm-node-17.11.7-6.3 is installed
  • OR slurm-pam_slurm-17.11.7-6.3 is installed
  • OR slurm-plugins-17.11.7-6.3 is installed
  • OR slurm-slurmdbd-17.11.7-6.3 is installed
  • OR slurm-sql-17.11.7-6.3 is installed
  • OR slurm-torque-17.11.7-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed
  • AND Package Information
  • python-numpy_1_16_1-gnu-hpc-1.16.1-4.8 is installed
  • OR python2-numpy-gnu-hpc-1.16.1-4.8 is installed
  • OR python2-numpy-gnu-hpc-devel-1.16.1-4.8 is installed
  • OR python3-numpy-gnu-hpc-1.16.1-4.8 is installed
  • OR python3-numpy-gnu-hpc-devel-1.16.1-4.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • cups154-1.5.4-2 is installed
  • OR cups154-client-1.5.4-2 is installed
  • OR cups154-filters-1.5.4-2 is installed
  • OR cups154-libs-1.5.4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-3.3 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-3.3 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-3.3 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.35-3.20 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.35-3.20 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.35-3.20 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.35-3.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_6-default-2-2 is installed
  • OR kernel-livepatch-SLE15_Update_2-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-195-default-2-4 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_0-2-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • avahi-0.6.32-5.3 is installed
  • OR avahi-glib2-0.6.32-5.3 is installed
  • OR python-avahi-0.6.32-5.3 is installed
  • OR python-avahi-gtk-0.6.32-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • 389-ds-1.4.0.3-4.7 is installed
  • OR 389-ds-snmp-1.4.0.3-4.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND python-requests-2.3.0-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND Package Information
  • kernel-azure-4.12.14-5.16 is installed
  • OR kernel-azure-base-4.12.14-5.16 is installed
  • OR kernel-azure-devel-4.12.14-5.16 is installed
  • OR kernel-devel-azure-4.12.14-5.16 is installed
  • OR kernel-source-azure-4.12.14-5.16 is installed
  • OR kernel-syms-azure-4.12.14-5.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • libecpg6-10.10-8.6 is installed
  • OR postgresql10-10.10-8.6 is installed
  • OR postgresql10-contrib-10.10-8.6 is installed
  • OR postgresql10-devel-10.10-8.6 is installed
  • OR postgresql10-docs-10.10-8.6 is installed
  • OR postgresql10-plperl-10.10-8.6 is installed
  • OR postgresql10-plpython-10.10-8.6 is installed
  • OR postgresql10-pltcl-10.10-8.6 is installed
  • OR postgresql10-server-10.10-8.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php5-5.5.14-4 is installed
  • OR php5-5.5.14-4 is installed
  • OR php5-bcmath-5.5.14-4 is installed
  • OR php5-bz2-5.5.14-4 is installed
  • OR php5-calendar-5.5.14-4 is installed
  • OR php5-ctype-5.5.14-4 is installed
  • OR php5-curl-5.5.14-4 is installed
  • OR php5-dba-5.5.14-4 is installed
  • OR php5-dom-5.5.14-4 is installed
  • OR php5-enchant-5.5.14-4 is installed
  • OR php5-exif-5.5.14-4 is installed
  • OR php5-fastcgi-5.5.14-4 is installed
  • OR php5-fileinfo-5.5.14-4 is installed
  • OR php5-fpm-5.5.14-4 is installed
  • OR php5-ftp-5.5.14-4 is installed
  • OR php5-gd-5.5.14-4 is installed
  • OR php5-gettext-5.5.14-4 is installed
  • OR php5-gmp-5.5.14-4 is installed
  • OR php5-iconv-5.5.14-4 is installed
  • OR php5-intl-5.5.14-4 is installed
  • OR php5-json-5.5.14-4 is installed
  • OR php5-ldap-5.5.14-4 is installed
  • OR php5-mbstring-5.5.14-4 is installed
  • OR php5-mcrypt-5.5.14-4 is installed
  • OR php5-mysql-5.5.14-4 is installed
  • OR php5-odbc-5.5.14-4 is installed
  • OR php5-openssl-5.5.14-4 is installed
  • OR php5-pcntl-5.5.14-4 is installed
  • OR php5-pdo-5.5.14-4 is installed
  • OR php5-pear-5.5.14-4 is installed
  • OR php5-pgsql-5.5.14-4 is installed
  • OR php5-pspell-5.5.14-4 is installed
  • OR php5-shmop-5.5.14-4 is installed
  • OR php5-snmp-5.5.14-4 is installed
  • OR php5-soap-5.5.14-4 is installed
  • OR php5-sockets-5.5.14-4 is installed
  • OR php5-sqlite-5.5.14-4 is installed
  • OR php5-suhosin-5.5.14-4 is installed
  • OR php5-sysvmsg-5.5.14-4 is installed
  • OR php5-sysvsem-5.5.14-4 is installed
  • OR php5-sysvshm-5.5.14-4 is installed
  • OR php5-tokenizer-5.5.14-4 is installed
  • OR php5-wddx-5.5.14-4 is installed
  • OR php5-xmlreader-5.5.14-4 is installed
  • OR php5-xmlrpc-5.5.14-4 is installed
  • OR php5-xmlwriter-5.5.14-4 is installed
  • OR php5-xsl-5.5.14-4 is installed
  • OR php5-zip-5.5.14-4 is installed
  • OR php5-zlib-5.5.14-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • nodejs8-8.15.1-3.14 is installed
  • OR nodejs8-devel-8.15.1-3.14 is installed
  • OR nodejs8-docs-8.15.1-3.14 is installed
  • OR npm8-8.15.1-3.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • automake-1.13.4-4 is installed
  • OR m4-1.4.16-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • DirectFB-1.7.1-4 is installed
  • OR lib++dfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-1.7.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.12.5-1 is installed
  • OR libwebkit2gtk-4_0-37-2.12.5-1 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.12.5-1 is installed
  • OR typelib-1_0-WebKit2-4_0-2.12.5-1 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.12.5-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • bash-4.3-82 is installed
  • OR bash-doc-4.3-82 is installed
  • OR libreadline6-6.3-82 is installed
  • OR libreadline6-32bit-6.3-82 is installed
  • OR readline-doc-6.3-82 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND coolkey-devel-1.1.0-147 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND Package Information
  • binutils-devel-2.26.1-9.12.1 is installed
  • OR binutils-gold-2.26.1-9.12.1 is installed
  • OR cross-ppc-binutils-2.26.1-9.12.1 is installed
  • OR cross-spu-binutils-2.26.1-9.12.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP2 is installed
  • AND libuuid-devel-2.28-40.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.25 is installed
  • OR kernel-default-extra-4.12.14-25.25 is installed
    • BACK