Oval Definition:	oval:org.opensuse.security:def:4752
Revision Date: 2021-03-03 Version: 1 Title: Security update for openldap2 (Important) Description: This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. Family: unix Class: patch Status: Reference(s): 1051510 1055117 1055186 1058115 1065600 1065729 1071995 1083647 1083710 1091610 1094244 1100356 1102247 1102687 1102688 1102689 1102899 1103991 1103992 1104199 1104202 1104745 1106531 1109837 1111666 1112374 1119222 1123080 1125401 1127034 1127315 1127611 1129770 1130972 1132091 1133021 1134090 1134097 1134390 1134399 1135335 1135642 1136217 1136342 1136460 1136461 1136462 1136467 1136666 1137458 1137534 1137535 1137584 1137609 1137811 1137827 1138874 1139358 1139619 1140133 1140139 1140322 1140559 1140652 1140676 1140903 1140945 1140948 1141312 1141401 1141402 1141452 1141453 1141454 1141478 1141558 1142023 1142052 1142083 1142112 1142115 1142119 1142220 1142221 1142254 1142350 1142351 1142354 1142359 1142450 1142623 1142673 1142701 1142825 1142832 1142835 1142868 1143003 1143045 1143105 1143185 1143189 1143191 1143209 1143507 1143650 1144524 1146848 1152148 1152472 1152489 1153274 1154353 1155518 1155798 1156395 1162689 1162691 1164692 1164825 1164860 1166847 1167373 1167527 1169659 1169740 1170232 1170313 1170603 1170774 1171000 1171068 1171073 1171355 1171558 1171688 1171742 1172419 1172651 1172757 1172873 1173017 1173060 1173115 1173267 1173334 1173746 1174029 1174110 1174111 1174358 1174484 1174486 1174538 1174899 1175193 1175194 1175263 1175667 1175718 1175749 1175787 1175882 1175952 1175996 1175997 1175998 1175999 1176000 1176001 1176019 1176022 1176038 1176063 1176137 1176235 1176236 1176237 1176242 1176278 1176357 1176358 1176359 1176360 1176361 1176362 1176363 1176364 1176365 1176366 1176367 1176381 1176423 1176449 1176482 1176486 1176507 1176536 1176537 1176538 1176539 1176540 1176541 1176542 1176544 1176545 1176546 1176548 1176558 1176559 1176587 1176588 1176659 1176698 1176699 1176700 1176721 1176722 1176725 1176732 1176763 1176775 1176788 1176789 1176833 1176869 1176877 1176925 1176962 1176980 1176990 1177021 1177030 1182279 1182408 1182411 1182412 1182413 1182415 1182416 1182417 1182418 1182419 1182420 992038 CVE-2018-10915 CVE-2018-10925 CVE-2018-1115 CVE-2018-13302 CVE-2018-16140 CVE-2018-1999010 CVE-2018-1999011 CVE-2018-1999012 CVE-2018-1999013 CVE-2018-20855 CVE-2018-8956 CVE-2019-10181 CVE-2019-10182 CVE-2019-10185 CVE-2019-11023 CVE-2019-1125 CVE-2019-11810 CVE-2019-12519 CVE-2019-12521 CVE-2019-12528 CVE-2019-13456 CVE-2019-13631 CVE-2019-13648 CVE-2019-14275 CVE-2019-14283 CVE-2019-14284 CVE-2019-17185 CVE-2019-17569 CVE-2019-18860 CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432 CVE-2020-11868 CVE-2020-11945 CVE-2020-12268 CVE-2020-13817 CVE-2020-14349 CVE-2020-14350 CVE-2020-14385 CVE-2020-14390 CVE-2020-15025 CVE-2020-15652 CVE-2020-15659 CVE-2020-1935 CVE-2020-1938 CVE-2020-25212 CVE-2020-25284 CVE-2020-26088 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2020-6463 CVE-2020-6514 CVE-2020-8517 CVE-2021-27212 SUSE-SU-2018:2305-1 SUSE-SU-2018:2564-1 SUSE-SU-2019:1267-1 SUSE-SU-2019:1291-1 SUSE-SU-2019:2033-1 SUSE-SU-2019:2073-1 SUSE-SU-2020:0598-1 SUSE-SU-2020:1023-1 SUSE-SU-2020:1156-1 SUSE-SU-2020:1220-1 SUSE-SU-2020:1823-1 SUSE-SU-2020:2179-1 SUSE-SU-2020:2264-1 SUSE-SU-2020:2879-1 SUSE-SU-2020:2951-1 SUSE-SU-2021:0692-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-Jinja2-2.7.3-4.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-1 is installed OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND autofs-5.0.9-21 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-28.3.1 is installed OR samba-4.2.4-28.3.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information apache-commons-beanutils-1.9.2-3.3 is installed OR apache-commons-beanutils-javadoc-1.9.2-3.3 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_38-44-default-1-2.2 is installed OR kgraft-patch-3_12_38-44-xen-1-2.2 is installed OR kgraft-patch-SLE12_Update_3-1-2.2 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information libecpg6-10.5-4.5 is installed OR postgresql10-10.5-4.5 is installed OR postgresql10-contrib-10.5-4.5 is installed OR postgresql10-devel-10.5-4.5 is installed OR postgresql10-docs-10.5-4.5 is installed OR postgresql10-plperl-10.5-4.5 is installed OR postgresql10-plpython-10.5-4.5 is installed OR postgresql10-pltcl-10.5-4.5 is installed OR postgresql10-server-10.5-4.5 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information postgresql96-9.6.10-3.22 is installed OR postgresql96-contrib-9.6.10-3.22 is installed OR postgresql96-docs-9.6.10-3.22 is installed OR postgresql96-libs-9.6.10-3.22 is installed OR postgresql96-server-9.6.10-3.22 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND xorg-x11-libxcb-7.4-1.22.5.1 is installed OR xorg-x11-libxcb-32bit-7.4-1.22.5.1 is installed OR xorg-x11-libxcb-x86-7.4-1.22.5.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND xorg-x11-libxcb-7.4-1.22.5.1 is installed OR xorg-x11-libxcb-32bit-7.4-1.22.5.1 is installed OR xorg-x11-libxcb-x86-7.4-1.22.5.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information curl-7.19.7-1.18.1 is installed OR libcurl4-7.19.7-1.18.1 is installed OR libcurl4-32bit-7.19.7-1.18.1 is installed OR libcurl4-x86-7.19.7-1.18.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information Mesa-9.0.3-0.17.1 is installed OR Mesa-32bit-9.0.3-0.17.1 is installed OR Mesa-x86-9.0.3-0.17.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information flac-1.3.0-6.1 is installed OR libFLAC++6-1.3.0-6.1 is installed OR libFLAC8-1.3.0-6.1 is installed OR libFLAC8-32bit-1.3.0-6.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libapr-util1-1.5.3-1 is installed OR libapr-util1-dbd-sqlite3-1.5.3-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_perl-2.0.8-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information at-3.1.14-8.6 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_55-52_45-default-2-2.3 is installed OR kgraft-patch-3_12_55-52_45-xen-2-2.3 is installed OR kgraft-patch-SLE12_Update_13-2-2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information tomcat-9.0.31-3.42 is installed OR tomcat-admin-webapps-9.0.31-3.42 is installed OR tomcat-el-3_0-api-9.0.31-3.42 is installed OR tomcat-jsp-2_3-api-9.0.31-3.42 is installed OR tomcat-lib-9.0.31-3.42 is installed OR tomcat-servlet-4_0-api-9.0.31-3.42 is installed OR tomcat-webapps-9.0.31-3.42 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND compat-libldap-2_3-0-2.3.37-39.1 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information freeradius-server-3.0.16-3.6 is installed OR freeradius-server-devel-3.0.16-3.6 is installed OR freeradius-server-krb5-3.0.16-3.6 is installed OR freeradius-server-ldap-3.0.16-3.6 is installed OR freeradius-server-libs-3.0.16-3.6 is installed OR freeradius-server-mysql-3.0.16-3.6 is installed OR freeradius-server-perl-3.0.16-3.6 is installed OR freeradius-server-postgresql-3.0.16-3.6 is installed OR freeradius-server-python-3.0.16-3.6 is installed OR freeradius-server-sqlite-3.0.16-3.6 is installed OR freeradius-server-utils-3.0.16-3.6 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information glibc-2.11.3-17.87.3 is installed OR glibc-html-2.11.3-17.87.3 is installed OR glibc-info-2.11.3-17.87.3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information libldb-devel-3.6.3-67.2 is installed OR libnetapi-devel-3.6.3-67.2 is installed OR libnetapi0-3.6.3-67.2 is installed OR libsmbclient-devel-3.6.3-67.2 is installed OR libsmbsharemodes-devel-3.6.3-67.2 is installed OR libsmbsharemodes0-3.6.3-67.2 is installed OR libtalloc-devel-3.6.3-67.2 is installed OR libtdb-devel-3.6.3-67.2 is installed OR libtevent-devel-3.6.3-67.2 is installed OR libwbclient-devel-3.6.3-67.2 is installed OR samba-3.6.3-67.2 is installed OR samba-devel-3.6.3-67.2 is installed OR samba-test-3.6.3-67.2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND checkbashisms-2.12.6-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND accountsservice-devel-0.6.35-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND gc-devel-7.2d-3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information ffmpeg-3.4.2-4.5 is installed OR libavcodec-devel-3.4.2-4.5 is installed OR libavformat-devel-3.4.2-4.5 is installed OR libavformat57-3.4.2-4.5 is installed OR libavresample-devel-3.4.2-4.5 is installed OR libavresample3-3.4.2-4.5 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.15 is installed OR kernel-default-extra-4.12.14-197.15 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information MozillaThunderbird-68.11.0-3.91 is installed OR MozillaThunderbird-translations-common-68.11.0-3.91 is installed OR MozillaThunderbird-translations-other-68.11.0-3.91 is installed
BACK