Oval Definition:	oval:org.opensuse.security:def:45624
Revision Date: 2020-12-01 Version: 1 Title: Security update for squid (Moderate) Description: This update for squid fixes the following issues: Security issue fixed: - CVE-2019-12529: Fixed a potential denial of service associated with HTTP Basic Authentication credentials (bsc#1141329). - CVE-2019-12525: Fixed a denial of service during processing of HTTP Digest Authentication credentials (bsc#1141332). - CVE-2019-13345: Fixed a cross site scripting vulnerability via user_name or auth parameter in cachemgr.cgi (bsc#1140738). Family: unix Class: patch Status: Reference(s): 1010399 1010405 1010406 1010408 1010409 1010421 1010423 1010424 1010425 1010426 1025108 1038425 1043008 1047281 1049219 1074235 1092611 1105012 1109961 1113160 1118599 1120374 1128935 1128937 1130746 1133100 1134195 1137990 1138822 1140738 1141329 1141332 1141661 1142038 1143913 1148177 1149429 1149792 1153090 1153277 1154738 1154940 1154968 1155372 1159105 1163871 1165921 1168310 1168930 1169605 1169786 1169936 1170231 1170302 1170557 1170741 1170939 1171687 1172462 1172524 1173274 1173455 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1175194 1178666 1178667 1178668 935393 959933 983922 CVE-2015-3243 CVE-2016-2830 CVE-2016-5289 CVE-2016-5292 CVE-2016-9063 CVE-2016-9067 CVE-2016-9068 CVE-2016-9069 CVE-2016-9071 CVE-2016-9073 CVE-2016-9075 CVE-2016-9076 CVE-2016-9077 CVE-2017-18922 CVE-2017-6318 CVE-2017-7789 CVE-2018-11763 CVE-2018-19869 CVE-2018-21247 CVE-2018-5150 CVE-2018-5151 CVE-2018-5152 CVE-2018-5153 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5160 CVE-2018-5163 CVE-2018-5164 CVE-2018-5165 CVE-2018-5166 CVE-2018-5167 CVE-2018-5168 CVE-2018-5169 CVE-2018-5172 CVE-2018-5173 CVE-2018-5174 CVE-2018-5175 CVE-2018-5176 CVE-2018-5177 CVE-2018-5178 CVE-2018-5179 CVE-2018-5180 CVE-2018-5181 CVE-2018-5182 CVE-2018-5183 CVE-2019-10215 CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-12525 CVE-2019-12529 CVE-2019-13345 CVE-2019-15043 CVE-2019-15903 CVE-2019-20839 CVE-2019-20840 CVE-2019-9704 CVE-2019-9705 CVE-2020-11008 CVE-2020-12245 CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 CVE-2020-13379 CVE-2020-14350 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-14422 CVE-2020-15049 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-5260 SUSE-SU-2018:3582-2 SUSE-SU-2019:1990-1 SUSE-SU-2019:2089-1 SUSE-SU-2019:2872-1 SUSE-SU-2020:1295-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 42.3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libimobiledevice6-1.2.0+git20170122.45fda81-lp150.1 is installed Definition Synopsis openSUSE Leap 42.3 is installed AND libopenjp2-7-2.1.0-14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libecpg6-9.1.9-0.3 is installed OR libpq5-9.1.9-0.3 is installed OR libpq5-32bit-9.1.9-0.3 is installed OR postgresql91-9.1.9-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information xen-4.2.5_08-0.9 is installed OR xen-doc-html-4.2.5_08-0.9 is installed OR xen-doc-pdf-4.2.5_08-0.9 is installed OR xen-kmp-default-4.2.5_08_3.0.101_0.47.55-0.9 is installed OR xen-kmp-pae-4.2.5_08_3.0.101_0.47.55-0.9 is installed OR xen-libs-4.2.5_08-0.9 is installed OR xen-libs-32bit-4.2.5_08-0.9 is installed OR xen-tools-4.2.5_08-0.9 is installed OR xen-tools-domU-4.2.5_08-0.9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND libdmx1-1.1.3-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND libneon27-0.30.0-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information ecryptfs-utils-103-7 is installed OR ecryptfs-utils-32bit-103-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND argyllcms-1.6.3-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libXext6-1.3.2-4.3 is installed OR libXext6-32bit-1.3.2-4.3 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information php7-7.2.5-4.35 is installed OR php7-embed-7.2.5-4.35 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information avahi-0.6.32-3 is installed OR avahi-compat-howl-devel-0.6.32-3 is installed OR avahi-compat-mDNSResponder-devel-0.6.32-3 is installed OR avahi-lang-0.6.32-3 is installed OR avahi-utils-0.6.32-3 is installed OR libavahi-client3-0.6.32-3 is installed OR libavahi-common3-0.6.32-3 is installed OR libavahi-core7-0.6.32-3 is installed OR libavahi-devel-0.6.32-3 is installed OR libdns_sd-0.6.32-3 is installed OR libhowl0-0.6.32-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information audit-devel-2.8.1-3 is installed OR libaudit1-2.8.1-3 is installed OR libaudit1-32bit-2.8.1-3 is installed OR libauparse0-2.8.1-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND nmap-7.70-3.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information conky-1.10.6-1 is installed OR conky-doc-1.10.6-1 is installed OR vim-plugin-conky-1.10.6-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libgme-devel-0.6.2-1 is installed OR libgme0-0.6.2-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-3.3 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-3.3 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-3.3 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_6-default-6-2 is installed OR kernel-livepatch-SLE15_Update_2-6-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information polkit-0.114-3.9 is installed OR polkit-doc-0.114-3.9 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information exempi-2.4.5-3.3 is installed OR exempi-tools-2.4.5-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python2-salt-2019.2.0-6.24 is installed OR salt-2019.2.0-6.24 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information qemu-2.11.2-9.28 is installed OR qemu-arm-2.11.2-9.28 is installed OR qemu-block-curl-2.11.2-9.28 is installed OR qemu-block-iscsi-2.11.2-9.28 is installed OR qemu-block-rbd-2.11.2-9.28 is installed OR qemu-block-ssh-2.11.2-9.28 is installed OR qemu-guest-agent-2.11.2-9.28 is installed OR qemu-ipxe-1.0.0+-9.28 is installed OR qemu-kvm-2.11.2-9.28 is installed OR qemu-lang-2.11.2-9.28 is installed OR qemu-ppc-2.11.2-9.28 is installed OR qemu-s390-2.11.2-9.28 is installed OR qemu-seabios-1.11.0-9.28 is installed OR qemu-sgabios-8-9.28 is installed OR qemu-vgabios-1.11.0-9.28 is installed OR qemu-x86-2.11.2-9.28 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information dpdk-18.11-2 is installed OR dpdk-devel-18.11-2 is installed OR dpdk-kmp-default-18.11_k4.12.14_195-2 is installed OR dpdk-tools-18.11-2 is installed OR libdpdk-18_11-18.11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20180703-13.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libsnmp30-5.7.3-6.3 is installed OR libsnmp30-32bit-5.7.3-6.3 is installed OR net-snmp-5.7.3-6.3 is installed OR perl-SNMP-5.7.3-6.3 is installed OR snmp-mibs-5.7.3-6.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND ucode-intel-20180703-13.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information fetchmail-6.3.26-12 is installed OR fetchmailconf-6.3.26-12 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND squid-3.5.21-26.29 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS is installed AND squid-3.5.21-26.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND squid-3.5.21-26.17 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS is installed AND squid-3.5.21-26.17 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND rsyslog-8.24.0-3.7 is installed OR rsyslog-diag-tools-8.24.0-3.7 is installed OR rsyslog-doc-8.24.0-3.7 is installed OR rsyslog-module-gssapi-8.24.0-3.7 is installed OR rsyslog-module-gtls-8.24.0-3.7 is installed OR rsyslog-module-mysql-8.24.0-3.7 is installed OR rsyslog-module-pgsql-8.24.0-3.7 is installed OR rsyslog-module-relp-8.24.0-3.7 is installed OR rsyslog-module-snmp-8.24.0-3.7 is installed OR rsyslog-module-udpspoof-8.24.0-3.7 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed AND rsyslog-8.24.0-3.7 is installed OR rsyslog-diag-tools-8.24.0-3.7 is installed OR rsyslog-doc-8.24.0-3.7 is installed OR rsyslog-module-gssapi-8.24.0-3.7 is installed OR rsyslog-module-gtls-8.24.0-3.7 is installed OR rsyslog-module-mysql-8.24.0-3.7 is installed OR rsyslog-module-pgsql-8.24.0-3.7 is installed OR rsyslog-module-relp-8.24.0-3.7 is installed OR rsyslog-module-snmp-8.24.0-3.7 is installed OR rsyslog-module-udpspoof-8.24.0-3.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.21 is installed OR apache2-doc-2.4.23-29.21 is installed OR apache2-example-pages-2.4.23-29.21 is installed OR apache2-prefork-2.4.23-29.21 is installed OR apache2-utils-2.4.23-29.21 is installed OR apache2-worker-2.4.23-29.21 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP4 is installed AND apache2-2.4.23-29.27 is installed OR apache2-doc-2.4.23-29.27 is installed OR apache2-example-pages-2.4.23-29.27 is installed OR apache2-prefork-2.4.23-29.27 is installed OR apache2-utils-2.4.23-29.27 is installed OR apache2-worker-2.4.23-29.27 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND apache2-2.4.23-29.27 is installed OR apache2-doc-2.4.23-29.27 is installed OR apache2-example-pages-2.4.23-29.27 is installed OR apache2-prefork-2.4.23-29.27 is installed OR apache2-utils-2.4.23-29.27 is installed OR apache2-worker-2.4.23-29.27 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND golang-github-prometheus-node_exporter-0.18.1-1.6 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4-ESPOS is installed AND golang-github-prometheus-node_exporter-0.18.1-1.6 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND strongswan-5.1.3-26.13 is installed OR strongswan-doc-5.1.3-26.13 is installed OR strongswan-hmac-5.1.3-26.13 is installed OR strongswan-ipsec-5.1.3-26.13 is installed OR strongswan-libs0-5.1.3-26.13 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND strongswan-5.1.3-26.13 is installed OR strongswan-doc-5.1.3-26.13 is installed OR strongswan-hmac-5.1.3-26.13 is installed OR strongswan-ipsec-5.1.3-26.13 is installed OR strongswan-libs0-5.1.3-26.13 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information gegl-0.2.0-10.3 is installed OR gegl-0_2-0.2.0-10.3 is installed OR gegl-0_2-lang-0.2.0-10.3 is installed OR libgegl-0_2-0-0.2.0-10.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information libcares2-1.9.1-8 is installed OR libcares2-32bit-1.9.1-8 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information kernel-default-4.4.82-6.3 is installed OR kernel-default-extra-4.4.82-6.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information kernel-default-4.12.14-95.3 is installed OR kernel-default-extra-4.12.14-95.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information ffmpeg-3.4.2-4.12 is installed OR libavcodec-devel-3.4.2-4.12 is installed OR libavformat-devel-3.4.2-4.12 is installed OR libavformat57-3.4.2-4.12 is installed OR libavresample-devel-3.4.2-4.12 is installed OR libavresample3-3.4.2-4.12 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.4 is installed OR kernel-default-extra-4.12.14-197.4 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.17.0-11.27 is installed
BACK