Oval Definition:	oval:org.opensuse.security:def:50294
Revision Date: 2020-12-01 Version: 1 Title: Security update for perl-Archive-Zip (Moderate) Description: This update for perl-Archive-Zip fixes the following security issue: - CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could have used this flaw to write or overwrite arbitrary files in the context of the perl interpreter (bsc#1099497) Family: unix Class: patch Status: Reference(s): 1012382 1031392 1037697 1046299 1046300 1046302 1046303 1046305 1046306 1046307 1046533 1046543 1047238 1048129 1050242 1050244 1050529 1050536 1050538 1050540 1050545 1050549 1050911 1051510 1054245 1054914 1055117 1055120 1055186 1056651 1056686 1056787 1058115 1058169 1058659 1060463 1060662 1061840 1061843 1064597 1064701 1064802 1065600 1065729 1066110 1066129 1066369 1068032 1071009 1071306 1071995 1073513 1075087 1075360 1075876 1077338 1077761 1077989 1078248 1079730 1082519 1082555 1082635 1083647 1085030 1085042 1085536 1085539 1086103 1086263 1086282 1086283 1086286 1086301 1086313 1086314 1086319 1086323 1086324 1086457 1086652 1087092 1087202 1087217 1087233 1087978 1088821 1088866 1089524 1089644 1090078 1090098 1090631 1090734 1090888 1091041 1091171 1091424 1091860 1092472 1093035 1093118 1093148 1093205 1093290 1093666 1094119 1094244 1094978 1095155 1095337 1096254 1096330 1096529 1096790 1096793 1097034 1097583 1097584 1097585 1097586 1097587 1097588 1097941 1097961 1098050 1098236 1098291 1098401 1098403 1098599 1098626 1098633 1098706 1098782 1098983 1098995 1099029 1099041 1099109 1099142 1099183 1099193 1099497 1099715 1099792 1099918 1099924 1099966 1100132 1100209 1100340 1100362 1100382 1100416 1100418 1100491 1100602 1100633 1100843 1100884 1101143 1101296 1101315 1101324 1101337 1101352 1101564 1101669 1101674 1101789 1101813 1101816 1102088 1102097 1102147 1102340 1102495 1102512 1102851 1103216 1103220 1103230 1103269 1103405 1103421 1103587 1103636 1103990 1104353 1104427 1104745 1104888 1104902 1104967 1105190 1105795 1106061 1106105 1106240 1106284 1106434 1106948 1107783 1107829 1107928 1107947 1108096 1108170 1108281 1108323 1108382 1108399 1108823 1109158 1109244 1109333 1109336 1109337 1109603 1109806 1109837 1109859 1109979 1109992 1110006 1110301 1110363 1110639 1110642 1110643 1110644 1110645 1110646 1110647 1110649 1110650 1111025 1111666 1112178 1112374 1112894 1112899 1112902 1112903 1112905 1112906 1112907 1113722 1113994 1114279 1114542 1115640 1117665 1118689 1119086 1119113 1119115 1119461 1119465 1120046 1120876 1120902 1122293 1122299 1123034 1123080 1123105 1123959 1124370 1127988 1129424 1129519 1129664 1131107 1131281 1131304 1131489 1131565 1132686 1133021 1133140 1134078 1134291 1134303 1134476 1134881 1134882 1134883 1135219 1135642 1135854 1135873 1135897 1135902 1135967 1135990 1136039 1136261 1136346 1136349 1136352 1136496 1136498 1136502 1136540 1136572 1136682 1136778 1137040 1137069 1137322 1137323 1137586 1137799 1137861 1137865 1137884 1137959 1137982 1138099 1138100 1138190 1138461 1138539 1139020 1139021 1139101 1139500 1140012 1140090 1140155 1140402 1140426 1140487 1140729 1140845 1140883 1141013 1141340 1141450 1141543 1141554 1141600 1142019 1142076 1142109 1142117 1142118 1142119 1142496 1142541 1142635 1142667 1142685 1142701 1142857 1143300 1143331 1143466 1143706 1143738 1143765 1143794 1143841 1143843 1143962 1144123 1144333 1144338 1144375 1144449 1144474 1144518 1144582 1144718 1144813 1144880 1144886 1144903 1144912 1144920 1144979 1145010 1145018 1145051 1145059 1145099 1145134 1145189 1145235 1145256 1145300 1145302 1145357 1145388 1145389 1145390 1145391 1145392 1145393 1145394 1145395 1145396 1145397 1145408 1145409 1145446 1145661 1145678 1145687 1145920 1145922 1145934 1145937 1145940 1145941 1145942 1145946 1146042 1146074 1146084 1146141 1146163 1146215 1146285 1146346 1146351 1146352 1146361 1146368 1146376 1146378 1146381 1146391 1146399 1146413 1146425 1146512 1146514 1146516 1146519 1146524 1146526 1146529 1146531 1146540 1146543 1146547 1146550 1146575 1146589 1146612 1146664 1146678 1146938 1148031 1148032 1148033 1148034 1148035 1148093 1148133 1148192 1148196 1148198 1148202 1148219 1148297 1148303 1148308 1148363 1148379 1148394 1148410 1148527 1148570 1148574 1148616 1148617 1148619 1148698 1148712 1148859 1148868 1149053 1149083 1149104 1149105 1149106 1149119 1149197 1149214 1149224 1149313 1149325 1149376 1149413 1149418 1149424 1149446 1149522 1149527 1149539 1149552 1149555 1149591 1149602 1149612 1149626 1149651 1149652 1149713 1149853 1149940 1149976 1150025 1150033 1150112 1150305 1150381 1150423 1150452 1150457 1150465 1150562 1150727 1150846 1150860 1150861 1150875 1150933 1151067 1151192 1151350 1151508 1151610 1151661 1151662 1151667 1151680 1151807 1151891 1151955 1152024 1152025 1152026 1152033 1152161 1152187 1152243 1152325 1152457 1152460 1152466 1152525 1152624 1152665 1152685 1152696 1152697 1152788 1152790 1152791 1152972 1152974 1152975 1153112 1153158 1153236 1153263 1153476 1153509 1153607 1153646 1153681 1153713 1153717 1153718 1153719 1153811 1153969 1154108 1154189 1154242 1154268 1154354 1154372 1154521 1154578 1154607 1154608 1154610 1154611 1154651 1154737 1154747 1154848 1154858 1154905 1154956 1155061 1155178 1155179 1155184 1155186 1155671 1163985 1165631 1171437 1172307 1172491 1173159 1173160 1173161 1173359 1174186 1174247 1177914 CVE-2017-18344 CVE-2017-18551 CVE-2017-18595 CVE-2017-5753 CVE-2018-1000135 CVE-2018-10860 CVE-2018-1118 CVE-2018-11212 CVE-2018-12207 CVE-2018-13053 CVE-2018-13405 CVE-2018-13406 CVE-2018-14633 CVE-2018-17182 CVE-2018-17953 CVE-2018-20976 CVE-2018-21008 CVE-2018-5390 CVE-2018-9385 CVE-2019-10207 CVE-2019-10220 CVE-2019-11135 CVE-2019-11477 CVE-2019-12155 CVE-2019-12855 CVE-2019-13164 CVE-2019-14378 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14821 CVE-2019-14835 CVE-2019-15030 CVE-2019-15031 CVE-2019-15090 CVE-2019-15098 CVE-2019-15099 CVE-2019-15117 CVE-2019-15118 CVE-2019-15211 CVE-2019-15212 CVE-2019-15214 CVE-2019-15215 CVE-2019-15216 CVE-2019-15217 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15222 CVE-2019-15239 CVE-2019-15290 CVE-2019-15291 CVE-2019-15292 CVE-2019-15538 CVE-2019-15666 CVE-2019-15902 CVE-2019-15917 CVE-2019-15919 CVE-2019-15920 CVE-2019-15921 CVE-2019-15924 CVE-2019-15926 CVE-2019-15927 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16995 CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2019-2422 CVE-2019-6470 CVE-2019-9456 CVE-2019-9506 CVE-2020-10730 CVE-2020-10745 CVE-2020-10760 CVE-2020-13790 CVE-2020-14303 CVE-2020-14331 CVE-2020-15780 CVE-2020-15999 CVE-2020-1720 CVE-2020-1749 SUSE-SU-2018:2222-1 SUSE-SU-2018:2386-1 SUSE-SU-2018:3158-1 SUSE-SU-2018:3965-1 SUSE-SU-2019:0574-1 SUSE-SU-2019:1369-1 SUSE-SU-2019:2212-1 SUSE-SU-2019:2246-1 SUSE-SU-2019:2657-1 SUSE-SU-2019:2658-1 SUSE-SU-2019:2952-1 SUSE-SU-2020:0589-1 SUSE-SU-2020:2517-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND clamav-0.97.8-0.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.508-0.14 is installed OR flash-player-gnome-11.2.202.508-0.14 is installed OR flash-player-kde4-11.2.202.508-0.14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND argyllcms-1.6.3-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information coreutils-8.22-9 is installed OR coreutils-lang-8.22-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information coreutils-8.25-12 is installed OR coreutils-lang-8.25-12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information emacs-24.3-19 is installed OR emacs-info-24.3-19 is installed OR emacs-x11-24.3-19 is installed OR etags-24.3-19 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND clamav-0.100.2-33.18 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 is installed AND perl-Archive-Zip-1.60-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-25.22 is installed OR kernel-default-livepatch-4.12.14-25.22 is installed OR kernel-livepatch-4_12_14-25_22-default-1-1.3 is installed OR kernel-livepatch-SLE15_Update_6-1-1.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_45-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_12-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information NetworkManager-1.10.6-5.6 is installed OR NetworkManager-branding-upstream-1.10.6-5.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information python-Twisted-17.9.0-3.6 is installed OR python-Twisted-doc-17.9.0-3.6 is installed OR python2-Twisted-17.9.0-3.6 is installed OR python3-Twisted-17.9.0-3.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information libsamba-policy-python-devel-4.9.5+git.343.4bc358522a9-3.38 is installed OR libsamba-policy0-4.9.5+git.343.4bc358522a9-3.38 is installed OR libsamba-policy0-32bit-4.9.5+git.343.4bc358522a9-3.38 is installed OR samba-4.9.5+git.343.4bc358522a9-3.38 is installed OR samba-libs-python-4.9.5+git.343.4bc358522a9-3.38 is installed OR samba-libs-python-32bit-4.9.5+git.343.4bc358522a9-3.38 is installed OR samba-python-4.9.5+git.343.4bc358522a9-3.38 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.8 is installed OR kernel-azure-base-4.12.14-5.8 is installed OR kernel-azure-devel-4.12.14-5.8 is installed OR kernel-devel-azure-4.12.14-5.8 is installed OR kernel-source-azure-4.12.14-5.8 is installed OR kernel-syms-azure-4.12.14-5.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information kernel-azure-4.12.14-8.16 is installed OR kernel-azure-base-4.12.14-8.16 is installed OR kernel-azure-devel-4.12.14-8.16 is installed OR kernel-devel-azure-4.12.14-8.16 is installed OR kernel-source-azure-4.12.14-8.16 is installed OR kernel-syms-azure-4.12.14-8.16 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-5.14 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-5.14 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.14 is installed OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.14 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information salt-2019.2.0-6.27 is installed OR salt-api-2019.2.0-6.27 is installed OR salt-cloud-2019.2.0-6.27 is installed OR salt-fish-completion-2019.2.0-6.27 is installed OR salt-master-2019.2.0-6.27 is installed OR salt-proxy-2019.2.0-6.27 is installed OR salt-ssh-2019.2.0-6.27 is installed OR salt-standalone-formulas-configuration-2019.2.0-6.27 is installed OR salt-syndic-2019.2.0-6.27 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information dpdk-19.11.4-3.9 is installed OR dpdk-devel-19.11.4-3.9 is installed OR dpdk-kmp-default-19.11.4_k5.3.18_24.15-3.9 is installed OR dpdk-thunderx-19.11.4-3.9 is installed OR dpdk-thunderx-devel-19.11.4-3.9 is installed OR dpdk-thunderx-kmp-default-19.11.4_k5.3.18_24.15-3.9 is installed OR dpdk-tools-19.11.4-3.9 is installed OR libdpdk-20_0-19.11.4-3.9 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs10-10.15.2-1.6 is installed OR nodejs10-devel-10.15.2-1.6 is installed OR nodejs10-docs-10.15.2-1.6 is installed OR npm10-10.15.2-1.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cvs-1.12.12-181 is installed OR cvs-doc-1.12.12-181 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-firmware-20160516git-10.13 is installed OR ucode-amd-20160516git-10.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.25 is installed OR openssh-askpass-gnome-7.2p2-74.25 is installed OR openssh-fips-7.2p2-74.25 is installed OR openssh-helpers-7.2p2-74.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180425-13.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information xen-4.9.3_03-3.44 is installed OR xen-doc-html-4.9.3_03-3.44 is installed OR xen-libs-4.9.3_03-3.44 is installed OR xen-libs-32bit-4.9.3_03-3.44 is installed OR xen-tools-4.9.3_03-3.44 is installed OR xen-tools-domU-4.9.3_03-3.44 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information wicked-0.6.60-3.21 is installed OR wicked-service-0.6.60-3.21 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND squid-4.11-5.17 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information openconnect-7.08-6.3 is installed OR openconnect-devel-7.08-6.3 is installed OR openconnect-lang-7.08-6.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information libraw-0.18.9-3.11 is installed OR libraw-devel-0.18.9-3.11 is installed OR libraw16-0.18.9-3.11 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND docker-1.10.3-66 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openstack-glance-13.0.1~a0~dev6-4.3 is installed OR openstack-glance-api-13.0.1~a0~dev6-4.3 is installed OR openstack-glance-doc-13.0.1~a0~dev6-4.3 is installed OR openstack-glance-glare-13.0.1~a0~dev6-4.3 is installed OR openstack-glance-registry-13.0.1~a0~dev6-4.3 is installed OR python-glance-13.0.1~a0~dev6-4.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-urllib3-1.22-5.6 is installed
BACK