Oval Definition:oval:org.opensuse.security:def:50294
Revision Date:2020-12-01Version:1
Title:Security update for perl-Archive-Zip (Moderate)
Description:

This update for perl-Archive-Zip fixes the following security issue:

- CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could have used this flaw to write or overwrite arbitrary files in the context of the perl interpreter (bsc#1099497)
Family:unixClass:patch
Status:Reference(s):1012382
1031392
1037697
1046299
1046300
1046302
1046303
1046305
1046306
1046307
1046533
1046543
1047238
1048129
1050242
1050244
1050529
1050536
1050538
1050540
1050545
1050549
1050911
1051510
1054245
1054914
1055117
1055120
1055186
1056651
1056686
1056787
1058115
1058169
1058659
1060463
1060662
1061840
1061843
1064597
1064701
1064802
1065600
1065729
1066110
1066129
1066369
1068032
1071009
1071306
1071995
1073513
1075087
1075360
1075876
1077338
1077761
1077989
1078248
1079730
1082519
1082555
1082635
1083647
1085030
1085042
1085536
1085539
1086103
1086263
1086282
1086283
1086286
1086301
1086313
1086314
1086319
1086323
1086324
1086457
1086652
1087092
1087202
1087217
1087233
1087978
1088821
1088866
1089524
1089644
1090078
1090098
1090631
1090734
1090888
1091041
1091171
1091424
1091860
1092472
1093035
1093118
1093148
1093205
1093290
1093666
1094119
1094244
1094978
1095155
1095337
1096254
1096330
1096529
1096790
1096793
1097034
1097583
1097584
1097585
1097586
1097587
1097588
1097941
1097961
1098050
1098236
1098291
1098401
1098403
1098599
1098626
1098633
1098706
1098782
1098983
1098995
1099029
1099041
1099109
1099142
1099183
1099193
1099497
1099715
1099792
1099918
1099924
1099966
1100132
1100209
1100340
1100362
1100382
1100416
1100418
1100491
1100602
1100633
1100843
1100884
1101143
1101296
1101315
1101324
1101337
1101352
1101564
1101669
1101674
1101789
1101813
1101816
1102088
1102097
1102147
1102340
1102495
1102512
1102851
1103216
1103220
1103230
1103269
1103405
1103421
1103587
1103636
1103990
1104353
1104427
1104745
1104888
1104902
1104967
1105190
1105795
1106061
1106105
1106240
1106284
1106434
1106948
1107783
1107829
1107928
1107947
1108096
1108170
1108281
1108323
1108382
1108399
1108823
1109158
1109244
1109333
1109336
1109337
1109603
1109806
1109837
1109859
1109979
1109992
1110006
1110301
1110363
1110639
1110642
1110643
1110644
1110645
1110646
1110647
1110649
1110650
1111025
1111666
1112178
1112374
1112894
1112899
1112902
1112903
1112905
1112906
1112907
1113722
1113994
1114279
1114542
1115640
1117665
1118689
1119086
1119113
1119115
1119461
1119465
1120046
1120876
1120902
1122293
1122299
1123034
1123080
1123105
1123959
1124370
1127988
1129424
1129519
1129664
1131107
1131281
1131304
1131489
1131565
1132686
1133021
1133140
1134078
1134291
1134303
1134476
1134881
1134882
1134883
1135219
1135642
1135854
1135873
1135897
1135902
1135967
1135990
1136039
1136261
1136346
1136349
1136352
1136496
1136498
1136502
1136540
1136572
1136682
1136778
1137040
1137069
1137322
1137323
1137586
1137799
1137861
1137865
1137884
1137959
1137982
1138099
1138100
1138190
1138461
1138539
1139020
1139021
1139101
1139500
1140012
1140090
1140155
1140402
1140426
1140487
1140729
1140845
1140883
1141013
1141340
1141450
1141543
1141554
1141600
1142019
1142076
1142109
1142117
1142118
1142119
1142496
1142541
1142635
1142667
1142685
1142701
1142857
1143300
1143331
1143466
1143706
1143738
1143765
1143794
1143841
1143843
1143962
1144123
1144333
1144338
1144375
1144449
1144474
1144518
1144582
1144718
1144813
1144880
1144886
1144903
1144912
1144920
1144979
1145010
1145018
1145051
1145059
1145099
1145134
1145189
1145235
1145256
1145300
1145302
1145357
1145388
1145389
1145390
1145391
1145392
1145393
1145394
1145395
1145396
1145397
1145408
1145409
1145446
1145661
1145678
1145687
1145920
1145922
1145934
1145937
1145940
1145941
1145942
1145946
1146042
1146074
1146084
1146141
1146163
1146215
1146285
1146346
1146351
1146352
1146361
1146368
1146376
1146378
1146381
1146391
1146399
1146413
1146425
1146512
1146514
1146516
1146519
1146524
1146526
1146529
1146531
1146540
1146543
1146547
1146550
1146575
1146589
1146612
1146664
1146678
1146938
1148031
1148032
1148033
1148034
1148035
1148093
1148133
1148192
1148196
1148198
1148202
1148219
1148297
1148303
1148308
1148363
1148379
1148394
1148410
1148527
1148570
1148574
1148616
1148617
1148619
1148698
1148712
1148859
1148868
1149053
1149083
1149104
1149105
1149106
1149119
1149197
1149214
1149224
1149313
1149325
1149376
1149413
1149418
1149424
1149446
1149522
1149527
1149539
1149552
1149555
1149591
1149602
1149612
1149626
1149651
1149652
1149713
1149853
1149940
1149976
1150025
1150033
1150112
1150305
1150381
1150423
1150452
1150457
1150465
1150562
1150727
1150846
1150860
1150861
1150875
1150933
1151067
1151192
1151350
1151508
1151610
1151661
1151662
1151667
1151680
1151807
1151891
1151955
1152024
1152025
1152026
1152033
1152161
1152187
1152243
1152325
1152457
1152460
1152466
1152525
1152624
1152665
1152685
1152696
1152697
1152788
1152790
1152791
1152972
1152974
1152975
1153112
1153158
1153236
1153263
1153476
1153509
1153607
1153646
1153681
1153713
1153717
1153718
1153719
1153811
1153969
1154108
1154189
1154242
1154268
1154354
1154372
1154521
1154578
1154607
1154608
1154610
1154611
1154651
1154737
1154747
1154848
1154858
1154905
1154956
1155061
1155178
1155179
1155184
1155186
1155671
1163985
1165631
1171437
1172307
1172491
1173159
1173160
1173161
1173359
1174186
1174247
1177914
CVE-2017-18344
CVE-2017-18551
CVE-2017-18595
CVE-2017-5753
CVE-2018-1000135
CVE-2018-10860
CVE-2018-1118
CVE-2018-11212
CVE-2018-12207
CVE-2018-13053
CVE-2018-13405
CVE-2018-13406
CVE-2018-14633
CVE-2018-17182
CVE-2018-17953
CVE-2018-20976
CVE-2018-21008
CVE-2018-5390
CVE-2018-9385
CVE-2019-10207
CVE-2019-10220
CVE-2019-11135
CVE-2019-11477
CVE-2019-12155
CVE-2019-12855
CVE-2019-13164
CVE-2019-14378
CVE-2019-14814
CVE-2019-14815
CVE-2019-14816
CVE-2019-14821
CVE-2019-14835
CVE-2019-15030
CVE-2019-15031
CVE-2019-15090
CVE-2019-15098
CVE-2019-15099
CVE-2019-15117
CVE-2019-15118
CVE-2019-15211
CVE-2019-15212
CVE-2019-15214
CVE-2019-15215
CVE-2019-15216
CVE-2019-15217
CVE-2019-15218
CVE-2019-15219
CVE-2019-15220
CVE-2019-15221
CVE-2019-15222
CVE-2019-15239
CVE-2019-15290
CVE-2019-15291
CVE-2019-15292
CVE-2019-15538
CVE-2019-15666
CVE-2019-15902
CVE-2019-15917
CVE-2019-15919
CVE-2019-15920
CVE-2019-15921
CVE-2019-15924
CVE-2019-15926
CVE-2019-15927
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16995
CVE-2019-17056
CVE-2019-17133
CVE-2019-17666
CVE-2019-2422
CVE-2019-6470
CVE-2019-9456
CVE-2019-9506
CVE-2020-10730
CVE-2020-10745
CVE-2020-10760
CVE-2020-13790
CVE-2020-14303
CVE-2020-14331
CVE-2020-15780
CVE-2020-15999
CVE-2020-1720
CVE-2020-1749
SUSE-SU-2018:2222-1
SUSE-SU-2018:2386-1
SUSE-SU-2018:3158-1
SUSE-SU-2018:3965-1
SUSE-SU-2019:0574-1
SUSE-SU-2019:1369-1
SUSE-SU-2019:2212-1
SUSE-SU-2019:2246-1
SUSE-SU-2019:2657-1
SUSE-SU-2019:2658-1
SUSE-SU-2019:2952-1
SUSE-SU-2020:0589-1
SUSE-SU-2020:2517-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Public Cloud 15 SP1
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND clamav-0.97.8-0.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • flash-player-11.2.202.508-0.14 is installed
  • OR flash-player-gnome-11.2.202.508-0.14 is installed
  • OR flash-player-kde4-11.2.202.508-0.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND argyllcms-1.6.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • coreutils-8.22-9 is installed
  • OR coreutils-lang-8.22-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • coreutils-8.25-12 is installed
  • OR coreutils-lang-8.25-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • emacs-24.3-19 is installed
  • OR emacs-info-24.3-19 is installed
  • OR emacs-x11-24.3-19 is installed
  • OR etags-24.3-19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND clamav-0.100.2-33.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 is installed
  • AND perl-Archive-Zip-1.60-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.22 is installed
  • OR kernel-default-livepatch-4.12.14-25.22 is installed
  • OR kernel-livepatch-4_12_14-25_22-default-1-1.3 is installed
  • OR kernel-livepatch-SLE15_Update_6-1-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_45-default-2-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_12-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • NetworkManager-1.10.6-5.6 is installed
  • OR NetworkManager-branding-upstream-1.10.6-5.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • python-Twisted-17.9.0-3.6 is installed
  • OR python-Twisted-doc-17.9.0-3.6 is installed
  • OR python2-Twisted-17.9.0-3.6 is installed
  • OR python3-Twisted-17.9.0-3.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • libsamba-policy-python-devel-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR libsamba-policy0-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR libsamba-policy0-32bit-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR samba-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR samba-libs-python-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR samba-libs-python-32bit-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR samba-python-4.9.5+git.343.4bc358522a9-3.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND Package Information
  • kernel-azure-4.12.14-5.8 is installed
  • OR kernel-azure-base-4.12.14-5.8 is installed
  • OR kernel-azure-devel-4.12.14-5.8 is installed
  • OR kernel-devel-azure-4.12.14-5.8 is installed
  • OR kernel-source-azure-4.12.14-5.8 is installed
  • OR kernel-syms-azure-4.12.14-5.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND Package Information
  • kernel-azure-4.12.14-8.16 is installed
  • OR kernel-azure-base-4.12.14-8.16 is installed
  • OR kernel-azure-devel-4.12.14-8.16 is installed
  • OR kernel-devel-azure-4.12.14-8.16 is installed
  • OR kernel-source-azure-4.12.14-8.16 is installed
  • OR kernel-syms-azure-4.12.14-8.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • ovmf-2017+git1510945757.b2662641d5-5.14 is installed
  • OR ovmf-tools-2017+git1510945757.b2662641d5-5.14 is installed
  • OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.14 is installed
  • OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • salt-2019.2.0-6.27 is installed
  • OR salt-api-2019.2.0-6.27 is installed
  • OR salt-cloud-2019.2.0-6.27 is installed
  • OR salt-fish-completion-2019.2.0-6.27 is installed
  • OR salt-master-2019.2.0-6.27 is installed
  • OR salt-proxy-2019.2.0-6.27 is installed
  • OR salt-ssh-2019.2.0-6.27 is installed
  • OR salt-standalone-formulas-configuration-2019.2.0-6.27 is installed
  • OR salt-syndic-2019.2.0-6.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • dpdk-19.11.4-3.9 is installed
  • OR dpdk-devel-19.11.4-3.9 is installed
  • OR dpdk-kmp-default-19.11.4_k5.3.18_24.15-3.9 is installed
  • OR dpdk-thunderx-19.11.4-3.9 is installed
  • OR dpdk-thunderx-devel-19.11.4-3.9 is installed
  • OR dpdk-thunderx-kmp-default-19.11.4_k5.3.18_24.15-3.9 is installed
  • OR dpdk-tools-19.11.4-3.9 is installed
  • OR libdpdk-20_0-19.11.4-3.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • nodejs10-10.15.2-1.6 is installed
  • OR nodejs10-devel-10.15.2-1.6 is installed
  • OR nodejs10-docs-10.15.2-1.6 is installed
  • OR npm10-10.15.2-1.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cvs-1.12.12-181 is installed
  • OR cvs-doc-1.12.12-181 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kernel-firmware-20160516git-10.13 is installed
  • OR ucode-amd-20160516git-10.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • openssh-7.2p2-74.25 is installed
  • OR openssh-askpass-gnome-7.2p2-74.25 is installed
  • OR openssh-fips-7.2p2-74.25 is installed
  • OR openssh-helpers-7.2p2-74.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20180425-13.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND ant-1.9.4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • dovecot22-2.2.31-19.17 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.17 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.17 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • xen-4.9.3_03-3.44 is installed
  • OR xen-doc-html-4.9.3_03-3.44 is installed
  • OR xen-libs-4.9.3_03-3.44 is installed
  • OR xen-libs-32bit-4.9.3_03-3.44 is installed
  • OR xen-tools-4.9.3_03-3.44 is installed
  • OR xen-tools-domU-4.9.3_03-3.44 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • wicked-0.6.60-3.21 is installed
  • OR wicked-service-0.6.60-3.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND squid-4.11-5.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • openconnect-7.08-6.3 is installed
  • OR openconnect-devel-7.08-6.3 is installed
  • OR openconnect-lang-7.08-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • libraw-0.18.9-3.11 is installed
  • OR libraw-devel-0.18.9-3.11 is installed
  • OR libraw16-0.18.9-3.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND docker-1.10.3-66 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openstack-glance-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-api-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-doc-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-glare-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-registry-13.0.1~a0~dev6-4.3 is installed
  • OR python-glance-13.0.1~a0~dev6-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-urllib3-1.22-5.6 is installed
    • BACK