OVAL Reference oval:org.opensuse.security:def:50324

Oval Definition:

oval:org.opensuse.security:def:50324

Revision Date:	2020-12-01	Version:	1
Title:	Security update for fuse (Moderate)
Description:	This update for fuse fixes the following issues: - CVE-2018-10906: fusermount was vulnerable to a restriction bypass when SELinux is active. This allowed non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects (bsc#1101797)
Family:	unix	Class:	patch
Status:		Reference(s):	1027519 1065600 1065729 1071995 1074701 1079730 1083548 1085030 1085235 1085308 1087078 1087082 1091045 1094912 1098403 1100369 1100394 1101797 1102640 1105412 1109160 1111025 1111331 1111622 1111666 1112178 1113956 1114837 1118367 1118368 1120067 1120095 1120163 1122208 1128220 1129071 1132663 1132900 1133021 1136446 1137597 1138425 1138464 1140747 1141267 1144059 1144333 1149203 1152148 1153674 1155321 1156205 1156318 1157051 1161168 1163524 1165629 1166965 1169790 1170232 1170667 1170713 1171313 1171688 1171740 1171988 1172073 1172108 1172247 1172418 1172428 1172781 1172782 1172783 1172871 1172872 1172873 1172958 1172963 1173307 1173311 1173485 1173798 1173954 1173983 1174003 1174026 1174070 1174161 1174205 1174387 1174484 1174547 1174549 1174550 1174625 1174628 1174658 1174685 1174689 1174699 1174734 1174757 1174771 1174840 1174841 1174843 1174844 1174845 1174852 1174873 1174887 1174904 1174926 1174968 1175062 1175063 1175064 1175065 1175066 1175067 1175112 1175127 1175128 1175149 1175199 1175213 1175228 1175232 1175284 1175393 1175394 1175396 1175397 1175398 1175399 1175400 1175401 1175402 1175403 1175404 1175405 1175406 1175407 1175408 1175409 1175410 1175411 1175412 1175413 1175414 1175415 1175416 1175417 1175418 1175419 1175420 1175421 1175422 1175423 1175440 1175443 1175493 1175515 1175518 1175526 1175550 1175654 1175666 1175667 1175668 1175669 1175670 1175767 1175768 1175769 1175770 1175771 1175772 1175786 1175873 1176092 1176674 906079 CVE-2017-3136 CVE-2017-6888 CVE-2018-10906 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-16850 CVE-2018-18074 CVE-2018-5741 CVE-2019-10197 CVE-2019-11091 CVE-2019-11236 CVE-2019-11324 CVE-2019-11477 CVE-2019-11478 CVE-2019-11597 CVE-2019-14287 CVE-2019-3846 CVE-2019-6446 CVE-2019-6446 CVE-2019-6477 CVE-2019-8551 CVE-2019-8558 CVE-2019-8559 CVE-2019-8563 CVE-2019-8625 CVE-2019-8674 CVE-2019-8681 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-8707 CVE-2019-8710 CVE-2019-8719 CVE-2019-8720 CVE-2019-8726 CVE-2019-8733 CVE-2019-8735 CVE-2019-8743 CVE-2019-8763 CVE-2019-8764 CVE-2019-8765 CVE-2019-8766 CVE-2019-8768 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8821 CVE-2019-8822 CVE-2019-8823 CVE-2019-9740 CVE-2020-10135 CVE-2020-14314 CVE-2020-14331 CVE-2020-14344 CVE-2020-14356 CVE-2020-16166 CVE-2020-1749 CVE-2020-24394 CVE-2020-8616 CVE-2020-8617 CVE-2020-8618 CVE-2020-8619 CVE-2020-8620 CVE-2020-8621 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624 SUSE-SU-2018:3260-1 SUSE-SU-2018:3942-1 SUSE-SU-2019:0418-1 SUSE-SU-2019:0920-1 SUSE-SU-2019:1248-1 SUSE-SU-2019:1487-2 SUSE-SU-2019:1773-1 SUSE-SU-2019:2332-1 SUSE-SU-2019:2462-2 SUSE-SU-2019:2656-1 SUSE-SU-2019:3044-1 SUSE-SU-2020:2541-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for High Performance Computing 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libldb1-3.6.3-0.33.39 is installed OR libldb1-32bit-3.6.3-0.33.39 is installed OR libsmbclient0-3.6.3-0.33.39 is installed OR libsmbclient0-32bit-3.6.3-0.33.39 is installed OR libtalloc1-3.4.3-1.50 is installed OR libtalloc1-32bit-3.4.3-1.50 is installed OR libtalloc2-3.6.3-0.33.39 is installed OR libtalloc2-32bit-3.6.3-0.33.39 is installed OR libtdb1-3.6.3-0.33.39 is installed OR libtdb1-32bit-3.6.3-0.33.39 is installed OR libtevent0-3.6.3-0.33.39 is installed OR libtevent0-32bit-3.6.3-0.33.39 is installed OR libwbclient0-3.6.3-0.33.39 is installed OR libwbclient0-32bit-3.6.3-0.33.39 is installed OR samba-3.6.3-0.33.39 is installed OR samba-32bit-3.6.3-0.33.39 is installed OR samba-client-3.6.3-0.33.39 is installed OR samba-client-32bit-3.6.3-0.33.39 is installed OR samba-doc-3.6.3-0.33.39 is installed OR samba-krb-printing-3.6.3-0.33.39 is installed OR samba-winbind-3.6.3-0.33.39 is installed OR samba-winbind-32bit-3.6.3-0.33.39 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.36 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.36 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information cpio-2.11-29 is installed OR cpio-lang-2.11-29 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND mutt-1.6.0-54 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information grub2-2.02-2 is installed OR grub2-i386-pc-2.02-2 is installed OR grub2-snapper-plugin-2.02-2 is installed OR grub2-systemd-sleep-plugin-2.02-2 is installed OR grub2-x86_64-efi-2.02-2 is installed OR grub2-x86_64-xen-2.02-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND facter-2.4.6-12.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information postgresql10-10.6-4.8 is installed OR postgresql10-test-10.6-4.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information fuse-2.9.7-3.3 is installed OR fuse-devel-2.9.7-3.3 is installed OR fuse-doc-2.9.7-3.3 is installed OR libfuse2-2.9.7-3.3 is installed OR libulockmgr1-2.9.7-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 15 is installed AND Package Information python-numpy_1_14_0-gnu-hpc-1.14.0-4.5 is installed OR python2-numpy-gnu-hpc-1.14.0-4.5 is installed OR python2-numpy-gnu-hpc-devel-1.14.0-4.5 is installed OR python2-numpy_1_14_0-gnu-hpc-1.14.0-4.5 is installed OR python2-numpy_1_14_0-gnu-hpc-devel-1.14.0-4.5 is installed OR python3-numpy-gnu-hpc-1.14.0-4.5 is installed OR python3-numpy-gnu-hpc-devel-1.14.0-4.5 is installed OR python3-numpy_1_14_0-gnu-hpc-1.14.0-4.5 is installed OR python3-numpy_1_14_0-gnu-hpc-devel-1.14.0-4.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_16-default-7-2 is installed OR kernel-livepatch-SLE15_Update_4-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information ImageMagick-7.0.7.34-3.64 is installed OR ImageMagick-doc-7.0.7.34-3.64 is installed OR ImageMagick-extra-7.0.7.34-3.64 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information python-requests-test-2.20.1-6.3 is installed OR python2-requests-test-2.20.1-6.3 is installed OR python3-requests-test-2.20.1-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information libX11-1.6.5-3.9 is installed OR libX11-devel-32bit-1.6.5-3.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information kernel-azure-4.12.14-8.41 is installed OR kernel-azure-base-4.12.14-8.41 is installed OR kernel-azure-devel-4.12.14-8.41 is installed OR kernel-devel-azure-4.12.14-8.41 is installed OR kernel-source-azure-4.12.14-8.41 is installed OR kernel-syms-azure-4.12.14-8.41 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-urllib3-1.24-9.4 is installed OR python2-urllib3-1.24-9.4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information apache2-2.4.33-3.21 is installed OR apache2-devel-2.4.33-3.21 is installed OR apache2-doc-2.4.33-3.21 is installed OR apache2-prefork-2.4.33-3.21 is installed OR apache2-utils-2.4.33-3.21 is installed OR apache2-worker-2.4.33-3.21 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-4.49 is installed OR php7-7.2.5-4.49 is installed OR php7-bcmath-7.2.5-4.49 is installed OR php7-bz2-7.2.5-4.49 is installed OR php7-calendar-7.2.5-4.49 is installed OR php7-ctype-7.2.5-4.49 is installed OR php7-curl-7.2.5-4.49 is installed OR php7-dba-7.2.5-4.49 is installed OR php7-devel-7.2.5-4.49 is installed OR php7-dom-7.2.5-4.49 is installed OR php7-enchant-7.2.5-4.49 is installed OR php7-exif-7.2.5-4.49 is installed OR php7-fastcgi-7.2.5-4.49 is installed OR php7-fileinfo-7.2.5-4.49 is installed OR php7-fpm-7.2.5-4.49 is installed OR php7-ftp-7.2.5-4.49 is installed OR php7-gd-7.2.5-4.49 is installed OR php7-gettext-7.2.5-4.49 is installed OR php7-gmp-7.2.5-4.49 is installed OR php7-iconv-7.2.5-4.49 is installed OR php7-intl-7.2.5-4.49 is installed OR php7-json-7.2.5-4.49 is installed OR php7-ldap-7.2.5-4.49 is installed OR php7-mbstring-7.2.5-4.49 is installed OR php7-mysql-7.2.5-4.49 is installed OR php7-odbc-7.2.5-4.49 is installed OR php7-opcache-7.2.5-4.49 is installed OR php7-openssl-7.2.5-4.49 is installed OR php7-pcntl-7.2.5-4.49 is installed OR php7-pdo-7.2.5-4.49 is installed OR php7-pear-7.2.5-4.49 is installed OR php7-pear-Archive_Tar-7.2.5-4.49 is installed OR php7-pgsql-7.2.5-4.49 is installed OR php7-phar-7.2.5-4.49 is installed OR php7-posix-7.2.5-4.49 is installed OR php7-shmop-7.2.5-4.49 is installed OR php7-snmp-7.2.5-4.49 is installed OR php7-soap-7.2.5-4.49 is installed OR php7-sockets-7.2.5-4.49 is installed OR php7-sodium-7.2.5-4.49 is installed OR php7-sqlite-7.2.5-4.49 is installed OR php7-sysvmsg-7.2.5-4.49 is installed OR php7-sysvsem-7.2.5-4.49 is installed OR php7-sysvshm-7.2.5-4.49 is installed OR php7-tokenizer-7.2.5-4.49 is installed OR php7-wddx-7.2.5-4.49 is installed OR php7-xmlreader-7.2.5-4.49 is installed OR php7-xmlrpc-7.2.5-4.49 is installed OR php7-xmlwriter-7.2.5-4.49 is installed OR php7-xsl-7.2.5-4.49 is installed OR php7-zip-7.2.5-4.49 is installed OR php7-zlib-7.2.5-4.49 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs8-8.17.0-3.38 is installed OR nodejs8-devel-8.17.0-3.38 is installed OR nodejs8-docs-8.17.0-3.38 is installed OR npm8-8.17.0-3.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gnutls-3.2.15-11 is installed OR libgnutls-openssl27-3.2.15-11 is installed OR libgnutls28-3.2.15-11 is installed OR libgnutls28-32bit-3.2.15-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-devel-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-10 is installed OR libcolord2-32bit-1.3.3-10 is installed OR libcolorhug2-1.3.3-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_nss-1.0.14-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information cups-1.7.5-20.20 is installed OR cups-client-1.7.5-20.20 is installed OR cups-libs-1.7.5-20.20 is installed OR cups-libs-32bit-1.7.5-20.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libruby2_5-2_5-2.5.7-4.8 is installed OR ruby2.5-2.5.7-4.8 is installed OR ruby2.5-devel-2.5.7-4.8 is installed OR ruby2.5-devel-extra-2.5.7-4.8 is installed OR ruby2.5-stdlib-2.5.7-4.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libssh2-1-1.8.0-4.10 is installed OR libssh2-1-32bit-1.8.0-4.10 is installed OR libssh2-devel-1.8.0-4.10 is installed OR libssh2_org-1.8.0-4.10 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.11.0-3.91 is installed OR MozillaThunderbird-translations-common-68.11.0-3.91 is installed OR MozillaThunderbird-translations-other-68.11.0-3.91 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information MozillaFirefox-52.3.0esr-109.3 is installed OR MozillaFirefox-devel-52.3.0esr-109.3 is installed OR MozillaFirefox-translations-52.3.0esr-109.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed

BACK