OVAL Reference oval:org.opensuse.security:def:2792

Oval Definition:

oval:org.opensuse.security:def:2792

Revision Date:	2020-12-02	Version:	1
Title:	Security update for gvfs (Important)
Description:	This update for gvfs fixes the following issues: Security issues fixed: - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls (bsc#1137930). - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of setfsuid (bsc#1136986). - CVE-2019-12449: Fixed an improper handling of file's user and group ownership in daemon/gvfsbackendadmin.c (bsc#1136992). - CVE-2019-12448: Fixed race conditions in daemon/gvfsbackendadmin.c due to implementation of query_info_on_read/write at admin backend (bsc#1136981). Other issue addressed: - Drop polkit rules files that are only relevant for wheel group (bsc#1125433).
Family:	unix	Class:	patch
Status:		Reference(s):	1105435 1122794 1125433 1126088 1132666 1132728 1132729 1132732 1132734 1133037 1133135 1134718 1136035 1136981 1136986 1136992 1137835 1137930 1139937 1141688 1141853 1146111 1146115 1146123 1146657 985657 CVE-2016-3189 CVE-2018-1000654 CVE-2018-20843 CVE-2018-20852 CVE-2018-20852 CVE-2018-3639 CVE-2019-10086 CVE-2019-10245 CVE-2019-11459 CVE-2019-12447 CVE-2019-12448 CVE-2019-12449 CVE-2019-12779 CVE-2019-12795 CVE-2019-14809 CVE-2019-2602 CVE-2019-2614 CVE-2019-2627 CVE-2019-2628 CVE-2019-2684 CVE-2019-2697 CVE-2019-2698 CVE-2019-9512 CVE-2019-9514 SUSE-SU-2019:1206-2 SUSE-SU-2019:1211-2 SUSE-SU-2019:1308-2 SUSE-SU-2019:1372-2 SUSE-SU-2019:1648-1 SUSE-SU-2019:1717-1 SUSE-SU-2019:1791-1 SUSE-SU-2019:1835-1 SUSE-SU-2019:2020-1 SUSE-SU-2019:2114-1 SUSE-SU-2019:2213-1 SUSE-SU-2019:2245-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Realtime packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-pycrypto-2.6.1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information bind-libs-9.9.5P1-1 is installed OR bind-libs-32bit-9.9.5P1-1 is installed OR bind-utils-9.9.5P1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR bash-lang-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND SuSEfirewall2-3.6.312-2.13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND telepathy-idle-0.2.0-1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information avahi-0.6.32-5.5 is installed OR python-avahi-0.6.32-5.5 is installed OR samba-4.7.11+git.153.b36ceaf2235-4.27 is installed OR samba-python-4.7.11+git.153.b36ceaf2235-4.27 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information gvfs-1.34.2.1-4.13 is installed OR gvfs-backend-afc-1.34.2.1-4.13 is installed OR gvfs-backend-samba-1.34.2.1-4.13 is installed OR gvfs-backends-1.34.2.1-4.13 is installed OR gvfs-devel-1.34.2.1-4.13 is installed OR gvfs-fuse-1.34.2.1-4.13 is installed OR gvfs-lang-1.34.2.1-4.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed AND Package Information libslurm32-17.11.13-6.18 is installed OR slurm-17.11.13-6.18 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information kernel-default-4.12.14-25.3 is installed OR reiserfs-kmp-default-4.12.14-25.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-openjdk-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.212-3.19 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-25.16 is installed OR kernel-default-livepatch-4.12.14-25.16 is installed OR kernel-livepatch-4_12_14-25_16-default-1-1.3 is installed OR kernel-livepatch-SLE15_Update_4-1-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.4 is installed OR kernel-default-livepatch-4.12.14-197.4 is installed OR kernel-default-livepatch-devel-4.12.14-197.4 is installed OR kernel-livepatch-4_12_14-197_4-default-1-3.3 is installed OR kernel-livepatch-SLE15-SP1_Update_1-1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information bzip2-1.0.6-5.3 is installed OR bzip2-doc-1.0.6-5.3 is installed OR libbz2-devel-32bit-1.0.6-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information perl-5.26.1-7.12 is installed OR perl-32bit-5.26.1-7.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-requests-2.3.0-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information cloud-init-19.2-5.18 is installed OR cloud-init-config-suse-19.2-5.18 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-2.7.14-7.24 is installed OR python-base-2.7.14-7.24 is installed OR python-curses-2.7.14-7.24 is installed OR python-devel-2.7.14-7.24 is installed OR python-gdbm-2.7.14-7.24 is installed OR python-xml-2.7.14-7.24 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Realtime packages 15 SP1 is installed AND Package Information cluster-md-kmp-rt-4.12.14-14.11 is installed OR dlm-kmp-rt-4.12.14-14.11 is installed OR gfs2-kmp-rt-4.12.14-14.11 is installed OR kernel-devel-rt-4.12.14-14.11 is installed OR kernel-rt-4.12.14-14.11 is installed OR kernel-rt-base-4.12.14-14.11 is installed OR kernel-rt-devel-4.12.14-14.11 is installed OR kernel-rt_debug-4.12.14-14.11 is installed OR kernel-rt_debug-devel-4.12.14-14.11 is installed OR kernel-source-rt-4.12.14-14.11 is installed OR kernel-syms-rt-4.12.14-14.11 is installed OR ocfs2-kmp-rt-4.12.14-14.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-5.11 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-5.11 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.11 is installed OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information rmt-server-2.3.1-3.3 is installed OR rmt-server-config-2.3.1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information nodejs6-6.9.5-7 is installed OR nodejs6-devel-6.9.5-7 is installed OR nodejs6-docs-6.9.5-7 is installed OR npm6-6.9.5-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information sysconfig-0.84.0-13 is installed OR sysconfig-netconfig-0.84.0-13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND openexr-devel-2.1.0-4 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information libksba-1.3.0-18.1 is installed OR libksba-devel-1.3.0-18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information libqt4-devel-4.8.6-7.1 is installed OR libqt4-devel-doc-4.8.6-7.3 is installed OR libqt4-devel-doc-data-4.8.6-7.3 is installed OR libqt4-linguist-4.8.6-7.1 is installed OR libqt4-private-headers-devel-4.8.6-7.1 is installed OR libqt4-sql-postgresql-4.8.6-7.1 is installed OR libqt4-sql-postgresql-32bit-4.8.6-7.1 is installed OR libqt4-sql-unixODBC-4.8.6-7.1 is installed OR libqt4-sql-unixODBC-32bit-4.8.6-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND icedtea-web-1.7.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-60.7.2-3.43 is installed OR MozillaThunderbird-translations-common-60.7.2-3.43 is installed OR MozillaThunderbird-translations-other-60.7.2-3.43 is installed

BACK