Oval Definition:	oval:org.opensuse.security:def:4769
Revision Date: 2020-12-02 Version: 1 Title: Security update for 389-ds (Important) Description: This update for 389-ds fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-10850: Fixed a race condition on reference counter that would lead to a denial of service using persistent search (bsc#1096368) - CVE-2017-15134: Fixed a remote denial of service via search filters in slapi_filter_sprintf in slapd/util.c (bsc#1076530) - CVE-2017-15135: Fixed authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c (bsc#1076530) - CVE-2018-10935: Fixed an issue that allowed users to cause a crash via ldapsearch with server side sorts (bsc#1105606) - CVE-2018-14624: The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(), allowing an attacker to send a flood of modifications to a very large DN, which could have caused slapd to crash (bsc#1106699). Family: unix Class: patch Status: Reference(s): 1000019 1004465 1050549 1051510 1052904 1053043 1055117 1055121 1061840 1065600 1065729 1070872 1076530 1081947 1082293 1082555 1083647 1085196 1085535 1085536 1088804 1094244 1096368 1097583 1097584 1097585 1097586 1097587 1097588 1100132 1103259 1105606 1106214 1106699 1111331 1112128 1112178 1113399 1113722 1114279 1114542 1114638 1119086 1119680 1120318 1120902 1121197 1122417 1122767 1123105 1125342 1125886 1126221 1126356 1126704 1126740 1127175 1127371 1127372 1127374 1127378 1127445 1128415 1128544 1129276 1129770 1130130 1130154 1130195 1130335 1130336 1130337 1130338 1130425 1130427 1130518 1130527 1130567 1131062 1131107 1131167 1131168 1131169 1131170 1131171 1131172 1131173 1131174 1131175 1131176 1131177 1131178 1131179 1131180 1131290 1131335 1131336 1131416 1131427 1131442 1131467 1131574 1131587 1131659 1131673 1131847 1131848 1131851 1131900 1131934 1131935 1132083 1132219 1132226 1132227 1132365 1132368 1132369 1132370 1132372 1132373 1132384 1132397 1132402 1132403 1132404 1132405 1132407 1132411 1132412 1132413 1132414 1132426 1132527 1132531 1132555 1132558 1132561 1132562 1132563 1132564 1132570 1132571 1132572 1132589 1132618 1132681 1132726 1132828 1132943 1133005 1133094 1133095 1133115 1133149 1133486 1133529 1133534 1133584 1133667 1133668 1133672 1133674 1133675 1133698 1133702 1133731 1133769 1133772 1133774 1133778 1133779 1133780 1133825 1133850 1133851 1133852 1135534 1135708 1141861 1141862 1146098 1146105 1146107 1154824 1156015 1156353 1158328 1160594 1160764 1161779 1163922 1167462 1169511 1171477 1172466 1172810 1173674 1174157 1176579 353876 CVE-2014-1829 CVE-2014-1830 CVE-2016-5181 CVE-2016-5182 CVE-2016-5183 CVE-2016-5184 CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 CVE-2016-5188 CVE-2016-5189 CVE-2016-5190 CVE-2016-5191 CVE-2016-5192 CVE-2016-5193 CVE-2017-15134 CVE-2017-15135 CVE-2018-10850 CVE-2018-10935 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-14624 CVE-2018-16880 CVE-2019-11091 CVE-2019-11745 CVE-2019-13722 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-3688 CVE-2019-3690 CVE-2019-3882 CVE-2019-5068 CVE-2019-9003 CVE-2019-9500 CVE-2019-9503 CVE-2019-9848 CVE-2019-9849 CVE-2019-9850 CVE-2019-9851 CVE-2019-9852 CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-10722 CVE-2020-10723 CVE-2020-10724 CVE-2020-10725 CVE-2020-10726 CVE-2020-14556 CVE-2020-14562 CVE-2020-14573 CVE-2020-14577 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-1472 CVE-2020-15503 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2767 CVE-2020-2773 CVE-2020-2778 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2816 CVE-2020-2830 CVE-2020-8013 SUSE-SU-2016:2597-1 SUSE-SU-2019:1207-1 SUSE-SU-2019:2231-1 SUSE-SU-2019:2392-1 SUSE-SU-2019:3339-1 SUSE-SU-2020:0111-1 SUSE-SU-2020:1163-1 SUSE-SU-2020:1334-1 SUSE-SU-2020:1511-1 SUSE-SU-2020:1600-1 SUSE-SU-2020:2029-1 SUSE-SU-2020:2143-1 SUSE-SU-2020:2719-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5 SUSE Package Hub for SUSE Linux Enterprise 12 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-requests-2.3.0-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information cups-1.7.5-2 is installed OR cups-client-1.7.5-2 is installed OR cups-libs-1.7.5-2 is installed OR cups-libs-32bit-1.7.5-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-28 is installed OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cups-1.7.5-19 is installed OR cups-client-1.7.5-19 is installed OR cups-libs-1.7.5-19 is installed OR cups-libs-32bit-1.7.5-19 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 is installed AND Package Information ctdb-4.2.4-18.44.2 is installed OR samba-4.2.4-18.44.2 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND python-PyYAML-3.10-17 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND haproxy-1.6.11-10 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND lighttpd-1.4.35-3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_39-47-default-1-2.1 is installed OR kgraft-patch-3_12_39-47-xen-1-2.1 is installed OR kgraft-patch-SLE12_Update_4-1-2.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information 389-ds-1.4.0.3-4.7 is installed OR 389-ds-devel-1.4.0.3-4.7 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information git-2.12.3-27.17 is installed OR git-core-2.12.3-27.17 is installed OR git-doc-2.12.3-27.17 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND amavisd-new-2.7.0-18.7.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND MozillaFirefox-24.5.0esr-0.8.1 is installed OR MozillaFirefox-branding-SLED-24-0.7.36 is installed OR MozillaFirefox-translations-24.5.0esr-0.8.1 is installed OR libfreebl3-3.16-0.8.1 is installed OR libfreebl3-32bit-3.16-0.8.1 is installed OR libfreebl3-x86-3.16-0.8.1 is installed OR libsoftokn3-3.16-0.8.1 is installed OR libsoftokn3-32bit-3.16-0.8.1 is installed OR libsoftokn3-x86-3.16-0.8.1 is installed OR mozilla-nspr-4.10.4-0.3.1 is installed OR mozilla-nspr-32bit-4.10.4-0.3.1 is installed OR mozilla-nspr-x86-4.10.4-0.3.1 is installed OR mozilla-nss-3.16-0.8.1 is installed OR mozilla-nss-32bit-3.16-0.8.1 is installed OR mozilla-nss-tools-3.16-0.8.1 is installed OR mozilla-nss-x86-3.16-0.8.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND MozillaFirefox-24.5.0esr-0.8.1 is installed OR MozillaFirefox-branding-SLED-24-0.7.36 is installed OR MozillaFirefox-translations-24.5.0esr-0.8.1 is installed OR libfreebl3-3.16-0.8.1 is installed OR libfreebl3-32bit-3.16-0.8.1 is installed OR libfreebl3-x86-3.16-0.8.1 is installed OR libsoftokn3-3.16-0.8.1 is installed OR libsoftokn3-32bit-3.16-0.8.1 is installed OR libsoftokn3-x86-3.16-0.8.1 is installed OR mozilla-nspr-4.10.4-0.3.1 is installed OR mozilla-nspr-32bit-4.10.4-0.3.1 is installed OR mozilla-nspr-x86-4.10.4-0.3.1 is installed OR mozilla-nss-3.16-0.8.1 is installed OR mozilla-nss-32bit-3.16-0.8.1 is installed OR mozilla-nss-tools-3.16-0.8.1 is installed OR mozilla-nss-x86-3.16-0.8.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information MozillaFirefox-17.0.4esr-0.10.42 is installed OR MozillaFirefox-translations-17.0.4esr-0.10.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information java-1_7_0-openjdk-1.7.0.71-6.2 is installed OR java-1_7_0-openjdk-demo-1.7.0.71-6.2 is installed OR java-1_7_0-openjdk-devel-1.7.0.71-6.2 is installed OR java-1_7_0-openjdk-headless-1.7.0.71-6.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libgudev-1_0-0-210-83 is installed OR libgudev-1_0-0-32bit-210-83 is installed OR libudev1-210-83 is installed OR libudev1-32bit-210-83 is installed OR systemd-210-83 is installed OR systemd-32bit-210-83 is installed OR systemd-bash-completion-210-83 is installed OR systemd-sysvinit-210-83 is installed OR udev-210-83 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpio-2.11-29 is installed OR cpio-lang-2.11-29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information bzip2-1.0.6-29 is installed OR bzip2-doc-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_55-52_45-default-2-2.3 is installed OR kgraft-patch-3_12_55-52_45-xen-2-2.3 is installed OR kgraft-patch-SLE12_Update_13-2-2.3 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND permissions-20180125-3.21 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information java-1_7_0-ibm-1.7.0_sr9.20-42.1 is installed OR java-1_7_0-ibm-devel-1.7.0_sr9.20-42.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information xen-4.4.4_07-37.1 is installed OR xen-devel-4.4.4_07-37.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND freetype2-devel-2.5.3-2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND aaa_base-malloccheck-13.2+git20140911.61c1681-9 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-150.17 is installed OR kernel-default-extra-4.12.14-150.17 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information Mesa-dri-nouveau-18.3.2-34.9 is installed OR Mesa-drivers-18.3.2-34.9 is installed OR libXvMC_nouveau-18.3.2-34.9 is installed OR libvdpau_nouveau-18.3.2-34.9 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information libraw-0.18.9-3.11 is installed OR libraw-devel-0.18.9-3.11 is installed OR libraw16-0.18.9-3.11 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information chromedriver-54.0.2840.59-109 is installed OR chromium-54.0.2840.59-109 is installed OR chromium-ffmpegsumo-54.0.2840.59-109 is installed
BACK