Oval Definition:oval:org.opensuse.security:def:2717
Revision Date:2020-12-02Version:1
Title:Security update for flatpak (Moderate)
Description:

This update for flatpak fixes the following issues:

Security issues fixed:

- CVE-2019-8308: Fixed a potential sandbox escape via /proc (bsc#1125431). - CVE-2019-11460: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl (bsc#1133043). - CVE-2019-11461: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl (bsc#1133041).
Family:unixClass:patch
Status:Reference(s):1013882
1027282
1041090
1042670
1061210
1068664
1073269
1073748
1078326
1078485
1079300
1081750
1083507
1084650
1086001
1088004
1088009
1101676
1101677
1101678
1103342
1105173
1105435
1106415
1106996
1109847
1111793
1111858
1111859
1112142
1112143
1112144
1112146
1112147
1112148
1112152
1112153
1112368
1112377
1112384
1112386
1112391
1112397
1112404
1112415
1112417
1112421
1112432
1112767
1113064
1113755
1116686
1116833
1118754
1120041
1120381
1122191
1122198
1122475
1124365
1124366
1124367
1124368
1125230
1125431
1125494
1127027
1128189
1128649
1129346
1130840
1130847
1133041
1133043
1133452
1138459
1141853
1144522
1149792
1149955
1152684
1153238
1153830
1155346
1157775
1158101
1158809
1159035
214983
298378
346490
367853
379534
380942
399190
406051
425138
426563
430761
432677
436966
437293
441088
462375
525295
534721
551715
572673
577032
581765
603255
617751
637176
638233
658604
673071
682554
697251
707667
718009
747125
747794
751718
754447
766778
794139
804978
827982
831442
834601
836739
856835
856836
857470
863741
885882
898572
901715
935856
945401
964182
984751
985177
985348
989523
997436
CVE-2007-2052
CVE-2008-1721
CVE-2008-2315
CVE-2008-2316
CVE-2008-3142
CVE-2008-3143
CVE-2008-3144
CVE-2011-1521
CVE-2011-3389
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150
CVE-2013-1752
CVE-2013-1753
CVE-2013-4238
CVE-2014-1912
CVE-2014-4650
CVE-2014-7185
CVE-2016-0772
CVE-2016-1000110
CVE-2016-5636
CVE-2016-5699
CVE-2016-9843
CVE-2017-1000158
CVE-2017-18207
CVE-2018-1000030
CVE-2018-1000654
CVE-2018-1000802
CVE-2018-1060
CVE-2018-1061
CVE-2018-13785
CVE-2018-14647
CVE-2018-15587
CVE-2018-16412
CVE-2018-16435
CVE-2018-18544
CVE-2018-20467
CVE-2018-20852
CVE-2018-3058
CVE-2018-3060
CVE-2018-3063
CVE-2018-3064
CVE-2018-3066
CVE-2018-3136
CVE-2018-3139
CVE-2018-3143
CVE-2018-3149
CVE-2018-3156
CVE-2018-3162
CVE-2018-3169
CVE-2018-3173
CVE-2018-3174
CVE-2018-3180
CVE-2018-3183
CVE-2018-3185
CVE-2018-3200
CVE-2018-3214
CVE-2018-3251
CVE-2018-3277
CVE-2018-3282
CVE-2018-3284
CVE-2019-10160
CVE-2019-11460
CVE-2019-11461
CVE-2019-1543
CVE-2019-1551
CVE-2019-16056
CVE-2019-16935
CVE-2019-2510
CVE-2019-2537
CVE-2019-5010
CVE-2019-5010
CVE-2019-7175
CVE-2019-7395
CVE-2019-7396
CVE-2019-7397
CVE-2019-7398
CVE-2019-8308
CVE-2019-9636
CVE-2019-9636
CVE-2019-9853
CVE-2019-9947
CVE-2019-9948
CVE-2019-9948
SUSE-SU-2019:0058-1
SUSE-SU-2019:0271-1
SUSE-SU-2019:0555-1
SUSE-SU-2019:0678-1
SUSE-SU-2019:0739-1
SUSE-SU-2019:0972-1
SUSE-SU-2019:1266-2
SUSE-SU-2019:1352-2
SUSE-SU-2019:1372-2
SUSE-SU-2019:2185-1
SUSE-SU-2020:0002-1
SUSE-SU-2020:0234-1
Platform(s):SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for VMWare 11 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Package Hub for SUSE Linux Enterprise 12
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND Package Information
  • python-keystoneclient-1.0.0-14 is installed
  • OR python-keystoneclient-doc-1.0.0-14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND Package Information
  • go-1.5.4-20.3 is installed
  • OR go-doc-1.5.4-20.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-5 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-5 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-5 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-5 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND binutils-2.25.0-13 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libncurses5-5.9-44 is installed
  • OR libncurses5-32bit-5.9-44 is installed
  • OR libncurses6-5.9-44 is installed
  • OR libncurses6-32bit-5.9-44 is installed
  • OR ncurses-5.9-44 is installed
  • OR ncurses-devel-5.9-44 is installed
  • OR ncurses-utils-5.9-44 is installed
  • OR tack-5.9-44 is installed
  • OR terminfo-5.9-44 is installed
  • OR terminfo-base-5.9-44 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND libzypp-16.19.0-2.36 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.4.21-69 is installed
  • OR cluster-network-kmp-default-4.4.21-69 is installed
  • OR dlm-kmp-default-4.4.21-69 is installed
  • OR gfs2-kmp-default-4.4.21-69 is installed
  • OR ocfs2-kmp-default-4.4.21-69 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND lighttpd-1.4.35-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND haproxy-1.6.11-10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-25.25 is installed
  • OR dlm-kmp-default-4.12.14-25.25 is installed
  • OR gfs2-kmp-default-4.12.14-25.25 is installed
  • OR kernel-default-4.12.14-25.25 is installed
  • OR ocfs2-kmp-default-4.12.14-25.25 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-197.10 is installed
  • OR dlm-kmp-default-4.12.14-197.10 is installed
  • OR gfs2-kmp-default-4.12.14-197.10 is installed
  • OR kernel-default-4.12.14-197.10 is installed
  • OR ocfs2-kmp-default-4.12.14-197.10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • samba-4.7.11+git.140.6bd0e5b30d8-4.21 is installed
  • OR samba-python-4.7.11+git.140.6bd0e5b30d8-4.21 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND Package Information
  • python-Werkzeug-0.14.1-6.3 is installed
  • OR python2-Werkzeug-0.14.1-6.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • flatpak-0.10.4-4.10 is installed
  • OR flatpak-devel-0.10.4-4.10 is installed
  • OR libflatpak0-0.10.4-4.10 is installed
  • OR typelib-1_0-Flatpak-1_0-0.10.4-4.10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • java-1_6_0-ibm-1.6.0_sr16.1-5 is installed
  • OR java-1_6_0-ibm-fonts-1.6.0_sr16.1-5 is installed
  • OR java-1_6_0-ibm-jdbc-1.6.0_sr16.1-5 is installed
  • OR java-1_6_0-ibm-plugin-1.6.0_sr16.1-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.171-3.3 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.171-3.3 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.171-3.3 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.171-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.212-3.19 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.212-3.19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.6 is installed
  • OR kernel-default-livepatch-4.12.14-25.6 is installed
  • OR kernel-livepatch-4_12_14-25_6-default-1-1.3 is installed
  • OR kernel-livepatch-SLE15_Update_2-1-1.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-195-default-3-7 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_0-3-7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • mariadb-10.2.22-3.14 is installed
  • OR mariadb-bench-10.2.22-3.14 is installed
  • OR mariadb-galera-10.2.22-3.14 is installed
  • OR mariadb-test-10.2.22-3.14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • evolution-3.26.6-4.3 is installed
  • OR glade-catalog-evolution-3.26.6-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • MozillaFirefox-68.6.1-3.81 is installed
  • OR MozillaFirefox-branding-upstream-68.6.1-3.81 is installed
  • OR MozillaFirefox-buildsymbols-68.6.1-3.81 is installed
  • OR MozillaFirefox-devel-68.6.1-3.81 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND python-pycrypto-2.6.1-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND python-azure-agent-2.2.36-7.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
  • AND Package Information
  • python-urllib3-1.24-9.4 is installed
  • OR python2-urllib3-1.24-9.4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND squid-4.4-5.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • alsa-1.0.27.2-11 is installed
  • OR alsa-docs-1.0.27.2-11 is installed
  • OR libasound2-1.0.27.2-11 is installed
  • OR libasound2-32bit-1.0.27.2-11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libthai-data-0.1.25-4 is installed
  • OR libthai0-0.1.25-4 is installed
  • OR libthai0-32bit-0.1.25-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND apache2-mod_nss-1.0.14-10.14.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND libXxf86dga-devel-1.1.4-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND Package Information
  • lhasa-devel-0.2.0-5.1 is installed
  • OR liblhasa0-0.2.0-5.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND enigmail-2.0.7-3.7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.0-3.36 is installed
  • OR MozillaThunderbird-translations-common-60.7.0-3.36 is installed
  • OR MozillaThunderbird-translations-other-60.7.0-3.36 is installed
  • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • irssi-0.8.20-9 is installed
  • OR irssi-devel-0.8.20-9 is installed
  • BACK