Oval Definition:oval:org.opensuse.security:def:50331
Revision Date:2020-12-01Version:1
Title:Security update for wpa_supplicant (Moderate)
Description:

This update for wpa_supplicant provides the following fixes:

This security issues was fixe:

- CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the vulnerability to recover sensitive information (bsc#1104205)

These non-security issues were fixed:

- Fix reading private key passwords from the configuration file. (bsc#1099835) - Enable PWD as EAP method. This allows for password-based authentication, which is easier to setup than most of the other methods, and is used by the Eduroam network. (bsc#1109209) - compile eapol_test binary to allow testing via radius proxy and server (note: this does not match CONFIG_EAPOL_TEST which sets -Werror and activates an assert call inside the code of wpa_supplicant) (bsc#1111873), (fate#326725) - Enabled timestamps in log file when being invoked by systemd service file (bsc#1080798). - Fixes the default file permissions of the debug log file to more sane values, i.e. it is no longer world-readable (bsc#1098854). - Open the debug log file with O_CLOEXEC, which will prevent file descriptor leaking to child processes (bsc#1098854).
Family:unixClass:patch
Status:Reference(s):1080798
1098854
1099358
1099835
1101888
1101889
1104205
1109209
1111873
1123304
1124781
1125601
1129124
1130245
1134452
1134697
1136440
1137815
1139083
1140747
1142988
1144363
1150137
1151178
1151488
1154092
1155075
1155217
1160460
1164390
1167070
1169473
1169851
1170595
1173786
1174091
1177351
1177352
CVE-2018-14394
CVE-2018-14395
CVE-2018-14526
CVE-2018-20340
CVE-2019-0816
CVE-2019-11478
CVE-2019-12435
CVE-2019-12900
CVE-2019-16168
CVE-2019-16239
CVE-2019-18466
CVE-2019-20907
CVE-2019-3691
CVE-2019-6438
CVE-2020-10704
CVE-2020-11651
CVE-2020-11652
CVE-2020-7069
CVE-2020-7070
SUSE-SU-2018:3480-1
SUSE-SU-2019:0960-1
SUSE-SU-2019:1299-1
SUSE-SU-2019:1340-1
SUSE-SU-2019:1574-1
SUSE-SU-2019:1846-1
SUSE-SU-2019:1888-1
SUSE-SU-2019:2533-1
SUSE-SU-2019:2737-1
SUSE-SU-2019:3097-1
SUSE-SU-2019:3190-1
SUSE-SU-2020:0697-1
SUSE-SU-2020:1133-1
SUSE-SU-2020:1150-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Public Cloud 15 SP1
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • finch-2.6.6-0.19 is installed
  • OR libpurple-2.6.6-0.19 is installed
  • OR libpurple-lang-2.6.6-0.19 is installed
  • OR libpurple-meanwhile-2.6.6-0.19 is installed
  • OR libpurple-tcl-2.6.6-0.19 is installed
  • OR pidgin-2.6.6-0.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • dbus-1-1.2.10-3.31 is installed
  • OR dbus-1-32bit-1.2.10-3.31 is installed
  • OR dbus-1-x11-1.2.10-3.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • colord-1.1.7-2 is installed
  • OR colord-gtk-lang-0.1.25-3 is installed
  • OR colord-lang-1.1.7-2 is installed
  • OR libcolord-gtk1-0.1.25-3 is installed
  • OR libcolord2-1.1.7-2 is installed
  • OR libcolord2-32bit-1.1.7-2 is installed
  • OR libcolorhug2-1.1.7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND cvs-1.12.12-181 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • gdk-pixbuf-loader-rsvg-2.40.15-4 is installed
  • OR librsvg-2-2-2.40.15-4 is installed
  • OR librsvg-2-2-32bit-2.40.15-4 is installed
  • OR rsvg-view-2.40.15-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • fuse-2.9.3-6.3 is installed
  • OR libfuse2-2.9.3-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.17 is installed
  • OR libavdevice57-3.4.2-4.17 is installed
  • OR libavfilter6-3.4.2-4.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 is installed
  • AND wpa_supplicant-2.6-4.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed
  • AND Package Information
  • libmunge2-0.5.13-4.3 is installed
  • OR munge-0.5.13-4.3 is installed
  • OR munge-devel-0.5.13-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_22-default-2-2 is installed
  • OR kernel-livepatch-SLE15_Update_11-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • bzip2-1.0.6-5.6 is installed
  • OR bzip2-doc-1.0.6-5.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • ctdb-pcp-pmda-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR ctdb-tests-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR libdcerpc-samr0-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR libsamba-policy-python-devel-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR libsamba-policy0-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR libsamba-policy0-python3-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR libsmbclient0-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR samba-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR samba-ad-dc-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR samba-ceph-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR samba-client-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR samba-doc-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR samba-libs-python-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR samba-libs-python3-32bit-4.9.5+git.176.375e1f05788-3.6 is installed
  • OR samba-test-4.9.5+git.176.375e1f05788-3.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • libpython2_7-1_0-32bit-2.7.17-7.41 is installed
  • OR python-2.7.17-7.41 is installed
  • OR python-32bit-2.7.17-7.41 is installed
  • OR python-base-2.7.17-7.41 is installed
  • OR python-base-32bit-2.7.17-7.41 is installed
  • OR python-demo-2.7.17-7.41 is installed
  • OR python-doc-2.7.17-7.41 is installed
  • OR python-doc-pdf-2.7.17-7.41 is installed
  • OR python-idle-2.7.17-7.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND Package Information
  • cni-0.7.1-3.3 is installed
  • OR cni-plugins-0.8.4-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
  • AND Package Information
  • libsamba-policy0-4.9.5+git.317.6d82fb3918b-3.35 is installed
  • OR samba-4.9.5+git.317.6d82fb3918b-3.35 is installed
  • OR samba-ad-dc-4.9.5+git.317.6d82fb3918b-3.35 is installed
  • OR samba-dsdb-modules-4.9.5+git.317.6d82fb3918b-3.35 is installed
  • OR samba-libs-python-4.9.5+git.317.6d82fb3918b-3.35 is installed
  • OR samba-python-4.9.5+git.317.6d82fb3918b-3.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • libecpg6-10.10-8.6 is installed
  • OR postgresql10-10.10-8.6 is installed
  • OR postgresql10-contrib-10.10-8.6 is installed
  • OR postgresql10-devel-10.10-8.6 is installed
  • OR postgresql10-docs-10.10-8.6 is installed
  • OR postgresql10-plperl-10.10-8.6 is installed
  • OR postgresql10-plpython-10.10-8.6 is installed
  • OR postgresql10-pltcl-10.10-8.6 is installed
  • OR postgresql10-server-10.10-8.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • apache2-mod_php7-7.2.5-4.35 is installed
  • OR php7-7.2.5-4.35 is installed
  • OR php7-bcmath-7.2.5-4.35 is installed
  • OR php7-bz2-7.2.5-4.35 is installed
  • OR php7-calendar-7.2.5-4.35 is installed
  • OR php7-ctype-7.2.5-4.35 is installed
  • OR php7-curl-7.2.5-4.35 is installed
  • OR php7-dba-7.2.5-4.35 is installed
  • OR php7-devel-7.2.5-4.35 is installed
  • OR php7-dom-7.2.5-4.35 is installed
  • OR php7-enchant-7.2.5-4.35 is installed
  • OR php7-exif-7.2.5-4.35 is installed
  • OR php7-fastcgi-7.2.5-4.35 is installed
  • OR php7-fileinfo-7.2.5-4.35 is installed
  • OR php7-fpm-7.2.5-4.35 is installed
  • OR php7-ftp-7.2.5-4.35 is installed
  • OR php7-gd-7.2.5-4.35 is installed
  • OR php7-gettext-7.2.5-4.35 is installed
  • OR php7-gmp-7.2.5-4.35 is installed
  • OR php7-iconv-7.2.5-4.35 is installed
  • OR php7-intl-7.2.5-4.35 is installed
  • OR php7-json-7.2.5-4.35 is installed
  • OR php7-ldap-7.2.5-4.35 is installed
  • OR php7-mbstring-7.2.5-4.35 is installed
  • OR php7-mysql-7.2.5-4.35 is installed
  • OR php7-odbc-7.2.5-4.35 is installed
  • OR php7-opcache-7.2.5-4.35 is installed
  • OR php7-openssl-7.2.5-4.35 is installed
  • OR php7-pcntl-7.2.5-4.35 is installed
  • OR php7-pdo-7.2.5-4.35 is installed
  • OR php7-pear-7.2.5-4.35 is installed
  • OR php7-pear-Archive_Tar-7.2.5-4.35 is installed
  • OR php7-pgsql-7.2.5-4.35 is installed
  • OR php7-phar-7.2.5-4.35 is installed
  • OR php7-posix-7.2.5-4.35 is installed
  • OR php7-shmop-7.2.5-4.35 is installed
  • OR php7-snmp-7.2.5-4.35 is installed
  • OR php7-soap-7.2.5-4.35 is installed
  • OR php7-sockets-7.2.5-4.35 is installed
  • OR php7-sqlite-7.2.5-4.35 is installed
  • OR php7-sysvmsg-7.2.5-4.35 is installed
  • OR php7-sysvsem-7.2.5-4.35 is installed
  • OR php7-sysvshm-7.2.5-4.35 is installed
  • OR php7-tokenizer-7.2.5-4.35 is installed
  • OR php7-wddx-7.2.5-4.35 is installed
  • OR php7-xmlreader-7.2.5-4.35 is installed
  • OR php7-xmlrpc-7.2.5-4.35 is installed
  • OR php7-xmlwriter-7.2.5-4.35 is installed
  • OR php7-xsl-7.2.5-4.35 is installed
  • OR php7-zip-7.2.5-4.35 is installed
  • OR php7-zlib-7.2.5-4.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND gzip-1.6-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_45-default-2-2 is installed
  • OR kgraft-patch-3_12_74-60_64_45-xen-2-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_16-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND ctags-5.8-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libdcerpc-binding0-4.4.2-38.20 is installed
  • OR libdcerpc-binding0-32bit-4.4.2-38.20 is installed
  • OR libdcerpc0-4.4.2-38.20 is installed
  • OR libdcerpc0-32bit-4.4.2-38.20 is installed
  • OR libndr-krb5pac0-4.4.2-38.20 is installed
  • OR libndr-krb5pac0-32bit-4.4.2-38.20 is installed
  • OR libndr-nbt0-4.4.2-38.20 is installed
  • OR libndr-nbt0-32bit-4.4.2-38.20 is installed
  • OR libndr-standard0-4.4.2-38.20 is installed
  • OR libndr-standard0-32bit-4.4.2-38.20 is installed
  • OR libndr0-4.4.2-38.20 is installed
  • OR libndr0-32bit-4.4.2-38.20 is installed
  • OR libnetapi0-4.4.2-38.20 is installed
  • OR libnetapi0-32bit-4.4.2-38.20 is installed
  • OR libsamba-credentials0-4.4.2-38.20 is installed
  • OR libsamba-credentials0-32bit-4.4.2-38.20 is installed
  • OR libsamba-errors0-4.4.2-38.20 is installed
  • OR libsamba-errors0-32bit-4.4.2-38.20 is installed
  • OR libsamba-hostconfig0-4.4.2-38.20 is installed
  • OR libsamba-hostconfig0-32bit-4.4.2-38.20 is installed
  • OR libsamba-passdb0-4.4.2-38.20 is installed
  • OR libsamba-passdb0-32bit-4.4.2-38.20 is installed
  • OR libsamba-util0-4.4.2-38.20 is installed
  • OR libsamba-util0-32bit-4.4.2-38.20 is installed
  • OR libsamdb0-4.4.2-38.20 is installed
  • OR libsamdb0-32bit-4.4.2-38.20 is installed
  • OR libsmbclient0-4.4.2-38.20 is installed
  • OR libsmbclient0-32bit-4.4.2-38.20 is installed
  • OR libsmbconf0-4.4.2-38.20 is installed
  • OR libsmbconf0-32bit-4.4.2-38.20 is installed
  • OR libsmbldap0-4.4.2-38.20 is installed
  • OR libsmbldap0-32bit-4.4.2-38.20 is installed
  • OR libtevent-util0-4.4.2-38.20 is installed
  • OR libtevent-util0-32bit-4.4.2-38.20 is installed
  • OR libwbclient0-4.4.2-38.20 is installed
  • OR libwbclient0-32bit-4.4.2-38.20 is installed
  • OR samba-4.4.2-38.20 is installed
  • OR samba-client-4.4.2-38.20 is installed
  • OR samba-client-32bit-4.4.2-38.20 is installed
  • OR samba-doc-4.4.2-38.20 is installed
  • OR samba-libs-4.4.2-38.20 is installed
  • OR samba-libs-32bit-4.4.2-38.20 is installed
  • OR samba-winbind-4.4.2-38.20 is installed
  • OR samba-winbind-32bit-4.4.2-38.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • ghostscript-9.25-23.13 is installed
  • OR ghostscript-x11-9.25-23.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • MozillaFirefox-52.8.1esr-109.34 is installed
  • OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
  • OR MozillaFirefox-translations-52.8.1esr-109.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR avahi-utils-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kernel-default-4.4.180-94.107 is installed
  • OR kernel-default-base-4.4.180-94.107 is installed
  • OR kernel-default-devel-4.4.180-94.107 is installed
  • OR kernel-default-kgraft-4.4.180-94.107 is installed
  • OR kernel-default-man-4.4.180-94.107 is installed
  • OR kernel-devel-4.4.180-94.107 is installed
  • OR kernel-macros-4.4.180-94.107 is installed
  • OR kernel-source-4.4.180-94.107 is installed
  • OR kernel-syms-4.4.180-94.107 is installed
  • OR kgraft-patch-4_4_180-94_107-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_29-1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • bluez-5.13-5.7 is installed
  • OR libbluetooth3-5.13-5.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • cups-2.2.7-3.17 is installed
  • OR cups-client-2.2.7-3.17 is installed
  • OR cups-config-2.2.7-3.17 is installed
  • OR cups-ddk-2.2.7-3.17 is installed
  • OR cups-devel-2.2.7-3.17 is installed
  • OR libcups2-2.2.7-3.17 is installed
  • OR libcups2-32bit-2.2.7-3.17 is installed
  • OR libcupscgi1-2.2.7-3.17 is installed
  • OR libcupsimage2-2.2.7-3.17 is installed
  • OR libcupsmime1-2.2.7-3.17 is installed
  • OR libcupsppdc1-2.2.7-3.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • gimp-2.8.22-5.3 is installed
  • OR gimp-devel-2.8.22-5.3 is installed
  • OR gimp-lang-2.8.22-5.3 is installed
  • OR gimp-plugins-python-2.8.22-5.3 is installed
  • OR libgimp-2_0-0-2.8.22-5.3 is installed
  • OR libgimpui-2_0-0-2.8.22-5.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND wpa_supplicant-2.2-15.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND python-pycrypto-2.6.1-10.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libpolkit0-0.113-5.18 is installed
  • OR polkit-0.113-5.18 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • grafana-4.5.1-4.3 is installed
  • OR kafka-0.9.0.1-5.3 is installed
  • OR logstash-2.4.1-5.4 is installed
  • OR openstack-monasca-installer-20180622_15.06-3.6 is installed
    • BACK