Oval Definition:	oval:org.opensuse.security:def:50302
Revision Date: 2020-12-01 Version: 1 Title: Security update for spice-gtk (Important) Description: This update for spice-gtk fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling (bsc#1104448) - CVE-2018-10893: Avoid buffer overflow on image lz checks (bsc#1101295) Other bugs fixed: - Add setuid bit to spice-client-glib-usb-acl-helper (bsc#1101420) Family: unix Class: patch Status: Reference(s): 1051510 1055117 1065729 1071995 1081947 1082293 1083647 1083710 1085030 1085196 1101295 1101420 1103098 1103991 1104448 1106214 1106279 1107424 1111666 1112178 1113956 1114279 1114674 1114675 1114681 1114686 1119222 1121197 1122292 1122299 1122319 1122417 1123080 1125886 1127034 1127315 1129403 1129770 1132160 1133021 1134097 1134390 1134399 1135335 1135534 1135642 1135708 1137458 1137534 1137535 1137584 1137609 1137827 1139358 1140133 1140139 1140322 1140652 1140887 1140888 1140889 1140891 1140893 1140903 1140945 1140948 1140954 1140955 1140956 1140957 1140958 1140959 1140960 1140961 1140962 1140964 1140971 1140972 1140992 1141401 1141402 1141452 1141453 1141454 1141478 1141780 1141782 1141783 1141785 1141787 1141789 1142023 1142112 1142220 1142221 1142265 1142350 1142351 1142354 1142359 1142450 1142701 1142868 1143003 1143105 1143185 1143189 1143191 1143507 1144333 1147021 1148868 1150660 1151927 1152624 1158983 1159058 1161016 1162002 1162063 1163309 1165631 1166985 1167104 1168081 1168959 1169194 1169514 1169771 1169795 1170011 1170442 1170592 1170617 1170618 1171124 1171424 1171529 1171530 1171558 1171732 1171739 1171743 1171753 1171759 1171835 1171841 1171868 1171904 1172247 1172257 1172344 1172410 1172458 1172484 1172537 1172538 1172687 1172719 1172759 1172775 1172781 1172782 1172783 1172871 1172872 1172999 1173060 1173074 1173146 1173265 1173280 1173284 1173428 1173514 1173567 1173573 1173746 1173818 1173820 1173825 1173826 1173833 1173838 1173839 1173845 1173857 1173948 1174113 1174115 1174122 1174123 1174186 1174187 1174296 1174343 1174356 1174409 1174438 1174462 1174543 1176179 1177582 353876 CVE-2018-1000656 CVE-2018-10873 CVE-2018-10893 CVE-2018-11212 CVE-2018-16548 CVE-2018-18311 CVE-2018-18312 CVE-2018-18313 CVE-2018-18314 CVE-2018-20855 CVE-2018-5391 CVE-2019-11068 CVE-2019-1125 CVE-2019-11771 CVE-2019-11772 CVE-2019-11775 CVE-2019-11810 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-20810 CVE-2019-20908 CVE-2019-2449 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-4473 CVE-2019-6116 CVE-2019-7317 CVE-2020-0305 CVE-2020-10749 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10769 CVE-2020-10773 CVE-2020-10781 CVE-2020-12771 CVE-2020-12888 CVE-2020-13943 CVE-2020-13974 CVE-2020-14416 CVE-2020-15393 CVE-2020-15780 CVE-2020-1749 CVE-2020-24977 SUSE-SU-2018:2709-1 SUSE-SU-2018:3881-1 SUSE-SU-2018:4187-1 SUSE-SU-2019:0145-1 SUSE-SU-2019:0657-1 SUSE-SU-2019:1221-2 SUSE-SU-2019:2068-1 SUSE-SU-2019:2291-1 SUSE-SU-2019:2392-1 SUSE-SU-2019:2750-1 SUSE-SU-2020:0891-1 SUSE-SU-2020:1957-1 SUSE-SU-2020:2103-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.9-0.3 is installed OR MozillaFirefox-branding-SLED-7-0.6.7 is installed OR MozillaFirefox-translations-10.0.9-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.6.0esr-0.8 is installed OR MozillaFirefox-branding-SLED-24-0.7 is installed OR MozillaFirefox-translations-24.6.0esr-0.8 is installed OR libfreebl3-3.16.1-0.8 is installed OR libfreebl3-32bit-3.16.1-0.8 is installed OR libsoftokn3-3.16.1-0.8 is installed OR libsoftokn3-32bit-3.16.1-0.8 is installed OR mozilla-nspr-4.10.6-0.3 is installed OR mozilla-nspr-32bit-4.10.6-0.3 is installed OR mozilla-nss-3.16.1-0.8 is installed OR mozilla-nss-32bit-3.16.1-0.8 is installed OR mozilla-nss-tools-3.16.1-0.8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information colord-1.1.7-2 is installed OR colord-gtk-lang-0.1.25-3 is installed OR colord-lang-1.1.7-2 is installed OR libcolord-gtk1-0.1.25-3 is installed OR libcolord2-1.1.7-2 is installed OR libcolord2-32bit-1.1.7-2 is installed OR libcolorhug2-1.1.7-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND cvs-1.12.12-181 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cups-pk-helper-0.2.5-3 is installed OR cups-pk-helper-lang-0.2.5-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information finch-2.12.0-1 is installed OR libpurple-2.12.0-1 is installed OR libpurple-branding-upstream-2.12.0-1 is installed OR libpurple-lang-2.12.0-1 is installed OR libpurple-plugin-sametime-2.12.0-1 is installed OR libpurple-tcl-2.12.0-1 is installed OR pidgin-2.12.0-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND ctags-5.8-7 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libspice-client-glib-2_0-8-0.34-3.3 is installed OR libspice-client-glib-helper-0.34-3.3 is installed OR libspice-client-gtk-3_0-5-0.34-3.3 is installed OR libspice-controller0-0.34-3.3 is installed OR spice-gtk-0.34-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-6-2 is installed OR kernel-livepatch-SLE15_Update_1-6-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_34-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_9-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information ghostscript-mini-9.26a-3.12 is installed OR ghostscript-mini-devel-9.26a-3.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information libxslt-1.1.32-3.3 is installed OR libxslt-devel-32bit-1.1.32-3.3 is installed OR libxslt-python-1.1.32-3.3 is installed OR libxslt1-32bit-1.1.32-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information MozillaFirefox-78.0.2-3.97 is installed OR MozillaFirefox-branding-upstream-78.0.2-3.97 is installed OR MozillaFirefox-buildsymbols-78.0.2-3.97 is installed OR MozillaFirefox-devel-78.0.2-3.97 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.38 is installed OR kernel-azure-base-4.12.14-5.38 is installed OR kernel-azure-devel-4.12.14-5.38 is installed OR kernel-devel-azure-4.12.14-5.38 is installed OR kernel-source-azure-4.12.14-5.38 is installed OR kernel-syms-azure-4.12.14-5.38 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND cni-plugins-0.8.6-3.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed AND Package Information kernel-azure-5.3.18-18.21 is installed OR kernel-azure-devel-5.3.18-18.21 is installed OR kernel-devel-azure-5.3.18-18.21 is installed OR kernel-source-azure-5.3.18-18.21 is installed OR kernel-syms-azure-5.3.18-18.21 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information dovecot23-2.3.3-4.10 is installed OR dovecot23-backend-mysql-2.3.3-4.10 is installed OR dovecot23-backend-pgsql-2.3.3-4.10 is installed OR dovecot23-backend-sqlite-2.3.3-4.10 is installed OR dovecot23-devel-2.3.3-4.10 is installed OR dovecot23-fts-2.3.3-4.10 is installed OR dovecot23-fts-lucene-2.3.3-4.10 is installed OR dovecot23-fts-solr-2.3.3-4.10 is installed OR dovecot23-fts-squat-2.3.3-4.10 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information sysstat-12.0.2-3.21 is installed OR sysstat-isag-12.0.2-3.21 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-4.3 is installed OR php7-7.2.5-4.3 is installed OR php7-bcmath-7.2.5-4.3 is installed OR php7-bz2-7.2.5-4.3 is installed OR php7-calendar-7.2.5-4.3 is installed OR php7-ctype-7.2.5-4.3 is installed OR php7-curl-7.2.5-4.3 is installed OR php7-dba-7.2.5-4.3 is installed OR php7-devel-7.2.5-4.3 is installed OR php7-dom-7.2.5-4.3 is installed OR php7-enchant-7.2.5-4.3 is installed OR php7-exif-7.2.5-4.3 is installed OR php7-fastcgi-7.2.5-4.3 is installed OR php7-fileinfo-7.2.5-4.3 is installed OR php7-fpm-7.2.5-4.3 is installed OR php7-ftp-7.2.5-4.3 is installed OR php7-gd-7.2.5-4.3 is installed OR php7-gettext-7.2.5-4.3 is installed OR php7-gmp-7.2.5-4.3 is installed OR php7-iconv-7.2.5-4.3 is installed OR php7-intl-7.2.5-4.3 is installed OR php7-json-7.2.5-4.3 is installed OR php7-ldap-7.2.5-4.3 is installed OR php7-mbstring-7.2.5-4.3 is installed OR php7-mysql-7.2.5-4.3 is installed OR php7-odbc-7.2.5-4.3 is installed OR php7-opcache-7.2.5-4.3 is installed OR php7-openssl-7.2.5-4.3 is installed OR php7-pcntl-7.2.5-4.3 is installed OR php7-pdo-7.2.5-4.3 is installed OR php7-pear-7.2.5-4.3 is installed OR php7-pear-Archive_Tar-7.2.5-4.3 is installed OR php7-pgsql-7.2.5-4.3 is installed OR php7-phar-7.2.5-4.3 is installed OR php7-posix-7.2.5-4.3 is installed OR php7-shmop-7.2.5-4.3 is installed OR php7-snmp-7.2.5-4.3 is installed OR php7-soap-7.2.5-4.3 is installed OR php7-sockets-7.2.5-4.3 is installed OR php7-sqlite-7.2.5-4.3 is installed OR php7-sysvmsg-7.2.5-4.3 is installed OR php7-sysvsem-7.2.5-4.3 is installed OR php7-sysvshm-7.2.5-4.3 is installed OR php7-tokenizer-7.2.5-4.3 is installed OR php7-wddx-7.2.5-4.3 is installed OR php7-xmlreader-7.2.5-4.3 is installed OR php7-xmlrpc-7.2.5-4.3 is installed OR php7-xmlwriter-7.2.5-4.3 is installed OR php7-xsl-7.2.5-4.3 is installed OR php7-zip-7.2.5-4.3 is installed OR php7-zlib-7.2.5-4.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND jakarta-commons-fileupload-1.1.1-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information dracut-037-66 is installed OR dracut-fips-037-66 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_85-default-4-2 is installed OR kgraft-patch-3_12_74-60_64_85-xen-4-2 is installed OR kgraft-patch-SLE12-SP1_Update_26-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libmysqlclient18-10.0.35-29.20 is installed OR libmysqlclient18-32bit-10.0.35-29.20 is installed OR mariadb-10.0.35-29.20 is installed OR mariadb-client-10.0.35-29.20 is installed OR mariadb-errormessages-10.0.35-29.20 is installed OR mariadb-tools-10.0.35-29.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-36 is installed OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_64-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_20-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-60.2.2esr-109.46 is installed OR MozillaFirefox-branding-SLE-60-32.3 is installed OR MozillaFirefox-translations-common-60.2.2esr-109.46 is installed OR apache2-mod_nss-1.0.14-19.6 is installed OR libfreebl3-3.36.4-58.15 is installed OR libfreebl3-32bit-3.36.4-58.15 is installed OR libfreebl3-hmac-3.36.4-58.15 is installed OR libfreebl3-hmac-32bit-3.36.4-58.15 is installed OR libsoftokn3-3.36.4-58.15 is installed OR libsoftokn3-32bit-3.36.4-58.15 is installed OR libsoftokn3-hmac-3.36.4-58.15 is installed OR libsoftokn3-hmac-32bit-3.36.4-58.15 is installed OR mozilla-nspr-4.19-19.3 is installed OR mozilla-nspr-32bit-4.19-19.3 is installed OR mozilla-nss-3.36.4-58.15 is installed OR mozilla-nss-32bit-3.36.4-58.15 is installed OR mozilla-nss-certs-3.36.4-58.15 is installed OR mozilla-nss-certs-32bit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-32bit-3.36.4-58.15 is installed OR mozilla-nss-tools-3.36.4-58.15 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND permissions-20180125-3.30 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libvirt-4.0.0-9.32 is installed OR libvirt-admin-4.0.0-9.32 is installed OR libvirt-client-4.0.0-9.32 is installed OR libvirt-daemon-4.0.0-9.32 is installed OR libvirt-daemon-config-network-4.0.0-9.32 is installed OR libvirt-daemon-config-nwfilter-4.0.0-9.32 is installed OR libvirt-daemon-driver-interface-4.0.0-9.32 is installed OR libvirt-daemon-driver-libxl-4.0.0-9.32 is installed OR libvirt-daemon-driver-lxc-4.0.0-9.32 is installed OR libvirt-daemon-driver-network-4.0.0-9.32 is installed OR libvirt-daemon-driver-nodedev-4.0.0-9.32 is installed OR libvirt-daemon-driver-nwfilter-4.0.0-9.32 is installed OR libvirt-daemon-driver-qemu-4.0.0-9.32 is installed OR libvirt-daemon-driver-secret-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-core-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-disk-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-iscsi-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-logical-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-mpath-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-rbd-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-scsi-4.0.0-9.32 is installed OR libvirt-daemon-hooks-4.0.0-9.32 is installed OR libvirt-daemon-lxc-4.0.0-9.32 is installed OR libvirt-daemon-qemu-4.0.0-9.32 is installed OR libvirt-daemon-xen-4.0.0-9.32 is installed OR libvirt-devel-4.0.0-9.32 is installed OR libvirt-doc-4.0.0-9.32 is installed OR libvirt-libs-4.0.0-9.32 is installed OR libvirt-lock-sanlock-4.0.0-9.32 is installed OR libvirt-nss-4.0.0-9.32 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.29 is installed OR kernel-default-extra-4.12.14-197.29 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information libopencv3_3-3.3.1-6.6 is installed OR opencv-3.3.1-6.6 is installed OR opencv-devel-3.3.1-6.6 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information xen-4.5.5_12-22.18 is installed OR xen-doc-html-4.5.5_12-22.18 is installed OR xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18 is installed OR xen-libs-4.5.5_12-22.18 is installed OR xen-libs-32bit-4.5.5_12-22.18 is installed OR xen-tools-4.5.5_12-22.18 is installed OR xen-tools-domU-4.5.5_12-22.18 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openstack-magnum-3.1.2~a0~dev20-9 is installed OR openstack-magnum-api-3.1.2~a0~dev20-9 is installed OR openstack-magnum-conductor-3.1.2~a0~dev20-9 is installed OR openstack-magnum-doc-3.1.2~a0~dev20-9 is installed OR python-magnum-3.1.2~a0~dev20-9 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
BACK