OVAL Reference oval:org.opensuse.security:def:45558

Oval Definition:

oval:org.opensuse.security:def:45558

Revision Date:	2020-12-01	Version:	1
Title:	Security update for openssh (Important)
Description:	This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions (bsc#1121571) - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate terminal output via the object name, e.g. by inserting ANSI escape sequences (bsc#1121816) - CVE-2019-6110: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate stderr output, e.g. by inserting ANSI escape sequences (bsc#1121818) - CVE-2019-6111: Fixed an issue where the scp client would allow malicious remote SSH servers to execute directory traversal attacks and overwrite files (bsc#1121821)
Family:	unix	Class:	patch
Status:		Reference(s):	1021364 1026649 1026650 1091041 1101689 1108606 1108813 1111331 1119461 1119465 1121086 1121571 1121626 1121816 1121818 1121821 1122838 1122839 1125113 1131107 1136446 1137597 1137832 1138190 1140747 1146544 1146608 1146612 1150466 1150483 1152631 1153811 1154905 1155689 1155897 1155898 1156187 1157038 1157042 1157070 1157143 1157158 1157191 1157324 1157333 1157464 1158132 1158394 1158398 1158410 1158413 1158417 1158445 1158823 1158824 1158827 1158834 1158900 1158903 1158904 1158954 1161799 1170715 1172698 1172704 1173455 1174633 1174635 1174638 1177211 1178671 983268 CVE-2016-10165 CVE-2016-5102 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-1333 CVE-2018-16435 CVE-2018-17000 CVE-2018-17189 CVE-2018-17199 CVE-2018-20685 CVE-2019-11091 CVE-2019-11477 CVE-2019-11478 CVE-2019-12749 CVE-2019-14895 CVE-2019-14973 CVE-2019-15213 CVE-2019-16231 CVE-2019-18660 CVE-2019-18680 CVE-2019-18683 CVE-2019-18805 CVE-2019-19052 CVE-2019-19062 CVE-2019-19065 CVE-2019-19073 CVE-2019-19074 CVE-2019-19332 CVE-2019-19338 CVE-2019-19523 CVE-2019-19524 CVE-2019-19525 CVE-2019-19527 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19535 CVE-2019-19536 CVE-2019-19537 CVE-2019-3846 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2019-6128 CVE-2019-7663 CVE-2020-12321 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-15049 CVE-2020-26116 CVE-2020-6796 CVE-2020-6797 CVE-2020-6798 CVE-2020-6799 CVE-2020-6800 CVE-2020-8023 CVE-2020-8023 SUSE-SU-2019:0132-1 SUSE-SU-2019:0498-1 SUSE-SU-2019:1235-1 SUSE-SU-2020:0384-1 SUSE-SU-2020:1859-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 42.3 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for SAP Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information kscreenlocker-5.12.5-lp150.1 is installed OR kscreenlocker-lang-5.12.5-lp150.1 is installed OR libKScreenLocker5-5.12.5-lp150.1 is installed
Definition Synopsis
openSUSE Leap 42.3 is installed AND Package Information libXt-devel-1.1.5-4 is installed OR libXt6-1.1.5-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libfreebl3-3.15.3-0.8 is installed OR libfreebl3-32bit-3.15.3-0.8 is installed OR libsoftokn3-3.15.3-0.8 is installed OR libsoftokn3-32bit-3.15.3-0.8 is installed OR mozilla-nspr-4.10.2-0.3 is installed OR mozilla-nspr-32bit-4.10.2-0.3 is installed OR mozilla-nss-3.15.3-0.8 is installed OR mozilla-nss-32bit-3.15.3-0.8 is installed OR mozilla-nss-tools-3.15.3-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND dracut-037-34 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND iputils-s20121221-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information NetworkManager-1.0.12-8 is installed OR NetworkManager-lang-1.0.12-8 is installed OR libnm-glib-vpn1-1.0.12-8 is installed OR libnm-glib4-1.0.12-8 is installed OR libnm-util2-1.0.12-8 is installed OR libnm0-1.0.12-8 is installed OR typelib-1_0-NM-1_0-1.0.12-8 is installed OR typelib-1_0-NMClient-1_0-1.0.12-8 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information freerdp-2.0.0~git.1463131968.4e66df7-12.3 is installed OR libfreerdp2-2.0.0~git.1463131968.4e66df7-12.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND libjpeg-turbo-1.5.3-5.7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information apparmor-abstractions-2.12-5 is installed OR apparmor-docs-2.12-5 is installed OR apparmor-parser-2.12-5 is installed OR apparmor-parser-lang-2.12-5 is installed OR apparmor-profiles-2.12-5 is installed OR apparmor-utils-2.12-5 is installed OR apparmor-utils-lang-2.12-5 is installed OR pam_apparmor-2.12-5 is installed OR pam_apparmor-32bit-2.12-5 is installed OR perl-apparmor-2.12-5 is installed OR python3-apparmor-2.12-5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND btrfsmaintenance-0.4.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND libXvnc-devel-1.8.0-11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information gdk-pixbuf-query-loaders-32bit-2.36.11-3 is installed OR libgdk_pixbuf-2_0-0-32bit-2.36.11-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information libncurses5-6.1-5.6 is installed OR libncurses5-32bit-6.1-5.6 is installed OR ncurses-6.1-5.6 is installed OR ncurses5-devel-6.1-5.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-150.35 is installed OR kernel-default-livepatch-4.12.14-150.35 is installed OR kernel-livepatch-4_12_14-150_35-default-1-1.3 is installed OR kernel-livepatch-SLE15_Update_14-1-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_21-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_6-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND libxslt-python-1.1.32-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information libjavascriptcoregtk-4_0-18-32bit-2.28.2-3.54 is installed OR libwebkit2gtk-4_0-37-32bit-2.28.2-3.54 is installed OR webkit-jsc-4-2.28.2-3.54 is installed OR webkit2gtk3-2.28.2-3.54 is installed OR webkit2gtk3-minibrowser-2.28.2-3.54 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-numpy-1.16.1-4.8 is installed OR python2-numpy-1.16.1-4.8 is installed OR python2-numpy-devel-1.16.1-4.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for SAP Applications 15 SP1 is installed AND clamsap-0.99.25-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND apache2-mod_security2-2.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libsndfile-1.0.25-35 is installed OR libsndfile1-1.0.25-35 is installed OR libsndfile1-32bit-1.0.25-35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information icu-52.1-8.7 is installed OR libicu-doc-52.1-8.7 is installed OR libicu52_1-52.1-8.7 is installed OR libicu52_1-32bit-52.1-8.7 is installed OR libicu52_1-data-52.1-8.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND openssh-7.2p2-74.35 is installed OR openssh-askpass-gnome-7.2p2-74.35 is installed OR openssh-fips-7.2p2-74.35 is installed OR openssh-helpers-7.2p2-74.35 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND openssh-7.2p2-74.35 is installed OR openssh-askpass-gnome-7.2p2-74.35 is installed OR openssh-fips-7.2p2-74.35 is installed OR openssh-helpers-7.2p2-74.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND libusbmuxd4-1.0.10-2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND kernel-default-4.4.180-94.113 is installed OR kernel-default-base-4.4.180-94.113 is installed OR kernel-default-devel-4.4.180-94.113 is installed OR kernel-default-kgraft-4.4.180-94.113 is installed OR kernel-devel-4.4.180-94.113 is installed OR kernel-macros-4.4.180-94.113 is installed OR kernel-source-4.4.180-94.113 is installed OR kernel-syms-4.4.180-94.113 is installed OR kgraft-patch-4_4_180-94_113-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_30-1-4.5 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS is installed AND kernel-default-4.4.180-94.113 is installed OR kernel-default-base-4.4.180-94.113 is installed OR kernel-default-devel-4.4.180-94.113 is installed OR kernel-default-kgraft-4.4.180-94.113 is installed OR kernel-devel-4.4.180-94.113 is installed OR kernel-macros-4.4.180-94.113 is installed OR kernel-source-4.4.180-94.113 is installed OR kernel-syms-4.4.180-94.113 is installed OR kgraft-patch-4_4_180-94_113-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_30-1-4.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND kgraft-patch-4_4_156-94_57-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_18-7-2 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS is installed AND kgraft-patch-4_4_156-94_57-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_18-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND squid-3.5.21-26.17 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND apache2-2.4.23-29.21 is installed OR apache2-doc-2.4.23-29.21 is installed OR apache2-example-pages-2.4.23-29.21 is installed OR apache2-prefork-2.4.23-29.21 is installed OR apache2-utils-2.4.23-29.21 is installed OR apache2-worker-2.4.23-29.21 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed AND apache2-2.4.23-29.21 is installed OR apache2-doc-2.4.23-29.21 is installed OR apache2-example-pages-2.4.23-29.21 is installed OR apache2-prefork-2.4.23-29.21 is installed OR apache2-utils-2.4.23-29.21 is installed OR apache2-worker-2.4.23-29.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libXcursor-1.1.14-4.6 is installed OR libXcursor1-1.1.14-4.6 is installed OR libXcursor1-32bit-1.1.14-4.6 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4 is installed AND ucode-intel-20190507-13.41 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND ucode-intel-20190507-13.41 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND java-1_8_0-ibm-1.8.0_sr6.15-30.72 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-30.72 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.15-30.72 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-30.72 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS is installed AND java-1_8_0-ibm-1.8.0_sr6.15-30.72 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-30.72 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.15-30.72 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-30.72 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND python-xdg-0.25-9.3 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND python-xdg-0.25-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libmaxminddb-1.4.2-1.3 is installed OR libmaxminddb-devel-1.4.2-1.3 is installed OR libmaxminddb0-1.4.2-1.3 is installed OR libmaxminddb0-32bit-1.4.2-1.3 is installed OR libspandsp2-0.0.6-3.2 is installed OR libwireshark13-3.2.2-3.35 is installed OR libwiretap10-3.2.2-3.35 is installed OR libwsutil11-3.2.2-3.35 is installed OR mmdblookup-1.4.2-1.3 is installed OR spandsp-0.0.6-3.2 is installed OR wireshark-3.2.2-3.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information cups-2.2.7-3.17 is installed OR cups-client-2.2.7-3.17 is installed OR cups-config-2.2.7-3.17 is installed OR cups-ddk-2.2.7-3.17 is installed OR cups-devel-2.2.7-3.17 is installed OR libcups2-2.2.7-3.17 is installed OR libcups2-32bit-2.2.7-3.17 is installed OR libcupscgi1-2.2.7-3.17 is installed OR libcupsimage2-2.2.7-3.17 is installed OR libcupsmime1-2.2.7-3.17 is installed OR libcupsppdc1-2.2.7-3.17 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information flash-player-11.2.202.632-137 is installed OR flash-player-gnome-11.2.202.632-137 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information gcc48-gij-4.8.5-31.3 is installed OR gcc48-gij-32bit-4.8.5-31.3 is installed OR libgcj48-4.8.5-31.3 is installed OR libgcj48-32bit-4.8.5-31.3 is installed OR libgcj48-jar-4.8.5-31.3 is installed OR libgcj_bc1-4.8.5-31.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information gnome-shell-3.20.4-77.7 is installed OR gnome-shell-calendar-3.20.4-77.7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information openconnect-7.08-3.12 is installed OR openconnect-lang-7.08-3.12 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP5 is installed AND Package Information gd-2.1.0-24.17 is installed OR gd-32bit-2.1.0-24.17 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.19 is installed OR kernel-default-extra-4.12.14-25.19 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND squid-3.5.21-26.17 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed

BACK