Oval Definition:oval:org.opensuse.security:def:50379
Revision Date:2020-12-01Version:1
Title:Security update for openssh (Important)
Description:

This update for openssh fixes the following issues:

Security issues fixed:

- CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions (bsc#1121571) - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate terminal output via the object name, e.g. by inserting ANSI escape sequences (bsc#1121816) - CVE-2019-6110: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate stderr output, e.g. by inserting ANSI escape sequences (bsc#1121818) - CVE-2019-6111: Fixed an issue where the scp client would allow malicious remote SSH servers to execute directory traversal attacks and overwrite files (bsc#1121821)
Family:unixClass:patch
Status:Reference(s):1027519
1046305
1046306
1050252
1050549
1051510
1054610
1055121
1055857
1056658
1056662
1056787
1059893
1060463
1061210
1063638
1065600
1070995
1071995
1078355
1082943
1083291
1083548
1083647
1084216
1084929
1086095
1086282
1086301
1086313
1086314
1086323
1087082
1087092
1088133
1091107
1091695
1094555
1094725
1094898
1094913
1096223
1096328
1098382
1098425
1098995
1099874
1103276
1103429
1104353
1105173
1106105
1106434
1106811
1107078
1107665
1108101
1108606
1108870
1108889
1109695
1110096
1110705
1111666
1113042
1113712
1113722
1113939
1114279
1114585
1115717
1117108
1117155
1117645
1118087
1118338
1118595
1118596
1119019
1119086
1119766
1119843
1120008
1120318
1120601
1120639
1120653
1120654
1120758
1120854
1120902
1120909
1120943
1120955
1121317
1121571
1121626
1121726
1121789
1121805
1121816
1121818
1121821
1122019
1122192
1122324
1122554
1122662
1122764
1122779
1122822
1122885
1122927
1122944
1122971
1122982
1123060
1123061
1123161
1123317
1123348
1123357
1123456
1123538
1123697
1123882
1123933
1124055
1124204
1124235
1124341
1124342
1124579
1124589
1124728
1124732
1124735
1124969
1124974
1124975
1124976
1124978
1124979
1124980
1124981
1124982
1124984
1124985
1125109
1125113
1125125
1125252
1125315
1125614
1125728
1125780
1125797
1125799
1125800
1125907
1125947
1126131
1126209
1126389
1126393
1126476
1126480
1126481
1126488
1126495
1126555
1126579
1126789
1126790
1126802
1126803
1126804
1126805
1126806
1126807
1127042
1127062
1127082
1127154
1127285
1127286
1127307
1127363
1127493
1127494
1127495
1127496
1127497
1127498
1127534
1127561
1127567
1127595
1127603
1127682
1127731
1127750
1127836
1127961
1128094
1128166
1128351
1128451
1128895
1129046
1129080
1129163
1129179
1129181
1129182
1129183
1129184
1129205
1129281
1129284
1129285
1129291
1129292
1129293
1129294
1129295
1129296
1129326
1129327
1129330
1129363
1129366
1129497
1129519
1129543
1129547
1129551
1129581
1129625
1129664
1129739
1129923
1134856
1135350
1139083
1141853
1144522
1148742
1152684
1155079
1160770
1160968
1171475
1171847
1172105
1172116
1172121
1173257
824948
CVE-2016-6328
CVE-2017-18594
CVE-2017-7544
CVE-2018-1000877
CVE-2018-1000878
CVE-2018-11806
CVE-2018-15173
CVE-2018-15518
CVE-2018-16868
CVE-2018-17000
CVE-2018-19210
CVE-2018-19873
CVE-2018-20030
CVE-2018-20669
CVE-2018-20685
CVE-2018-20852
CVE-2018-3639
CVE-2018-3646
CVE-2018-7550
CVE-2019-1000019
CVE-2019-1000020
CVE-2019-12900
CVE-2019-18408
CVE-2019-2024
CVE-2019-3459
CVE-2019-3460
CVE-2019-3819
CVE-2019-6109
CVE-2019-6110
CVE-2019-6111
CVE-2019-6128
CVE-2019-6974
CVE-2019-7221
CVE-2019-7222
CVE-2019-7308
CVE-2019-7663
CVE-2019-8912
CVE-2019-8980
CVE-2019-9213
CVE-2019-9278
CVE-2019-9853
CVE-2020-0093
CVE-2020-12767
CVE-2020-13112
CVE-2020-13113
CVE-2020-13114
CVE-2020-14019
CVE-2020-2583
CVE-2020-2590
CVE-2020-2593
CVE-2020-2601
CVE-2020-2604
CVE-2020-2654
CVE-2020-2659
SUSE-SU-2018:2340-1
SUSE-SU-2018:2409-1
SUSE-SU-2019:0126-1
SUSE-SU-2019:0447-1
SUSE-SU-2019:0784-1
SUSE-SU-2019:0786-1
SUSE-SU-2019:1351-2
SUSE-SU-2019:2004-1
SUSE-SU-2019:2114-1
SUSE-SU-2019:2425-1
SUSE-SU-2019:3093-1
SUSE-SU-2020:0231-1
SUSE-SU-2020:1553-2
SUSE-SU-2020:2109-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Python2 packages 15 SP2
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libfreebl3-3.15.3.1-0.4.2 is installed
  • OR libfreebl3-32bit-3.15.3.1-0.4.2 is installed
  • OR mozilla-nss-3.15.3.1-0.4.2 is installed
  • OR mozilla-nss-32bit-3.15.3.1-0.4.2 is installed
  • OR mozilla-nss-tools-3.15.3.1-0.4.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • gnutls-2.4.1-24.39.60 is installed
  • OR libgnutls26-2.4.1-24.39.60 is installed
  • OR libgnutls26-32bit-2.4.1-24.39.60 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • cups-pk-helper-0.2.5-3 is installed
  • OR cups-pk-helper-lang-0.2.5-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • curl-7.37.0-15 is installed
  • OR libcurl4-7.37.0-15 is installed
  • OR libcurl4-32bit-7.37.0-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • ecryptfs-utils-103-7 is installed
  • OR ecryptfs-utils-32bit-103-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • cracklib-2.9.0-7 is installed
  • OR libcrack2-2.9.0-7 is installed
  • OR libcrack2-32bit-2.9.0-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND autofs-5.0.9-28.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND Package Information
  • libexif-0.6.22-5.6 is installed
  • OR libexif12-32bit-0.6.22-5.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 is installed
  • AND Package Information
  • openssh-7.6p1-9.13 is installed
  • OR openssh-helpers-7.6p1-9.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.242-3.30 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.242-3.30 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.242-3.30 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.242-3.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-150.14 is installed
  • OR kernel-default-livepatch-4.12.14-150.14 is installed
  • OR kernel-livepatch-4_12_14-150_14-default-1-1.9 is installed
  • OR kernel-livepatch-SLE15_Update_9-1-1.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • ncat-7.70-3.12 is installed
  • OR ndiff-7.70-3.12 is installed
  • OR nmap-7.70-3.12 is installed
  • OR nping-7.70-3.12 is installed
  • OR zenmap-7.70-3.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • gnutls-3.6.7-6.11 is installed
  • OR gnutls-guile-3.6.7-6.11 is installed
  • OR libgnutls-devel-32bit-3.6.7-6.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND clamav-database-202010050011-3.363 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP2 is installed
  • AND Package Information
  • python-rtslib-fb-2.1.73-3.3 is installed
  • OR python2-rtslib-fb-2.1.73-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • qemu-2.11.2-9.4 is installed
  • OR qemu-arm-2.11.2-9.4 is installed
  • OR qemu-block-curl-2.11.2-9.4 is installed
  • OR qemu-block-iscsi-2.11.2-9.4 is installed
  • OR qemu-block-rbd-2.11.2-9.4 is installed
  • OR qemu-block-ssh-2.11.2-9.4 is installed
  • OR qemu-guest-agent-2.11.2-9.4 is installed
  • OR qemu-ipxe-1.0.0-9.4 is installed
  • OR qemu-kvm-2.11.2-9.4 is installed
  • OR qemu-lang-2.11.2-9.4 is installed
  • OR qemu-ppc-2.11.2-9.4 is installed
  • OR qemu-s390-2.11.2-9.4 is installed
  • OR qemu-seabios-1.11.0-9.4 is installed
  • OR qemu-sgabios-8-9.4 is installed
  • OR qemu-vgabios-1.11.0-9.4 is installed
  • OR qemu-x86-2.11.2-9.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • rmt-server-2.5.2-3.9 is installed
  • OR rmt-server-config-2.5.2-3.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • apache2-mod_php7-7.2.5-4.32 is installed
  • OR php7-7.2.5-4.32 is installed
  • OR php7-bcmath-7.2.5-4.32 is installed
  • OR php7-bz2-7.2.5-4.32 is installed
  • OR php7-calendar-7.2.5-4.32 is installed
  • OR php7-ctype-7.2.5-4.32 is installed
  • OR php7-curl-7.2.5-4.32 is installed
  • OR php7-dba-7.2.5-4.32 is installed
  • OR php7-devel-7.2.5-4.32 is installed
  • OR php7-dom-7.2.5-4.32 is installed
  • OR php7-enchant-7.2.5-4.32 is installed
  • OR php7-exif-7.2.5-4.32 is installed
  • OR php7-fastcgi-7.2.5-4.32 is installed
  • OR php7-fileinfo-7.2.5-4.32 is installed
  • OR php7-fpm-7.2.5-4.32 is installed
  • OR php7-ftp-7.2.5-4.32 is installed
  • OR php7-gd-7.2.5-4.32 is installed
  • OR php7-gettext-7.2.5-4.32 is installed
  • OR php7-gmp-7.2.5-4.32 is installed
  • OR php7-iconv-7.2.5-4.32 is installed
  • OR php7-intl-7.2.5-4.32 is installed
  • OR php7-json-7.2.5-4.32 is installed
  • OR php7-ldap-7.2.5-4.32 is installed
  • OR php7-mbstring-7.2.5-4.32 is installed
  • OR php7-mysql-7.2.5-4.32 is installed
  • OR php7-odbc-7.2.5-4.32 is installed
  • OR php7-opcache-7.2.5-4.32 is installed
  • OR php7-openssl-7.2.5-4.32 is installed
  • OR php7-pcntl-7.2.5-4.32 is installed
  • OR php7-pdo-7.2.5-4.32 is installed
  • OR php7-pear-7.2.5-4.32 is installed
  • OR php7-pear-Archive_Tar-7.2.5-4.32 is installed
  • OR php7-pgsql-7.2.5-4.32 is installed
  • OR php7-phar-7.2.5-4.32 is installed
  • OR php7-posix-7.2.5-4.32 is installed
  • OR php7-shmop-7.2.5-4.32 is installed
  • OR php7-snmp-7.2.5-4.32 is installed
  • OR php7-soap-7.2.5-4.32 is installed
  • OR php7-sockets-7.2.5-4.32 is installed
  • OR php7-sodium-7.2.5-4.32 is installed
  • OR php7-sqlite-7.2.5-4.32 is installed
  • OR php7-sysvmsg-7.2.5-4.32 is installed
  • OR php7-sysvsem-7.2.5-4.32 is installed
  • OR php7-sysvshm-7.2.5-4.32 is installed
  • OR php7-tokenizer-7.2.5-4.32 is installed
  • OR php7-wddx-7.2.5-4.32 is installed
  • OR php7-xmlreader-7.2.5-4.32 is installed
  • OR php7-xmlrpc-7.2.5-4.32 is installed
  • OR php7-xmlwriter-7.2.5-4.32 is installed
  • OR php7-xsl-7.2.5-4.32 is installed
  • OR php7-zip-7.2.5-4.32 is installed
  • OR php7-zlib-7.2.5-4.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libfreebl3-3.19.2.1-29 is installed
  • OR libfreebl3-32bit-3.19.2.1-29 is installed
  • OR libfreebl3-hmac-3.19.2.1-29 is installed
  • OR libfreebl3-hmac-32bit-3.19.2.1-29 is installed
  • OR libsoftokn3-3.19.2.1-29 is installed
  • OR libsoftokn3-32bit-3.19.2.1-29 is installed
  • OR libsoftokn3-hmac-3.19.2.1-29 is installed
  • OR libsoftokn3-hmac-32bit-3.19.2.1-29 is installed
  • OR mozilla-nss-3.19.2.1-29 is installed
  • OR mozilla-nss-32bit-3.19.2.1-29 is installed
  • OR mozilla-nss-certs-3.19.2.1-29 is installed
  • OR mozilla-nss-certs-32bit-3.19.2.1-29 is installed
  • OR mozilla-nss-sysinit-3.19.2.1-29 is installed
  • OR mozilla-nss-sysinit-32bit-3.19.2.1-29 is installed
  • OR mozilla-nss-tools-3.19.2.1-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND sudo-1.8.10p3-2.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gv-3.7.4-1 is installed
  • OR wdiff-1.2.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libdcerpc-atsvc0-4.2.4-28.29 is installed
  • OR samba-4.2.4-28.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_53-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_16-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cpp48-4.8.5-30 is installed
  • OR gcc48-4.8.5-30 is installed
  • OR gcc48-32bit-4.8.5-30 is installed
  • OR gcc48-c++-4.8.5-30 is installed
  • OR gcc48-info-4.8.5-30 is installed
  • OR gcc48-locale-4.8.5-30 is installed
  • OR libasan0-4.8.5-30 is installed
  • OR libasan0-32bit-4.8.5-30 is installed
  • OR libstdc++48-devel-4.8.5-30 is installed
  • OR libstdc++48-devel-32bit-4.8.5-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • bind-9.9.9P1-63.12 is installed
  • OR bind-chrootenv-9.9.9P1-63.12 is installed
  • OR bind-doc-9.9.9P1-63.12 is installed
  • OR bind-libs-9.9.9P1-63.12 is installed
  • OR bind-utils-9.9.9P1-63.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.2-3.54 is installed
  • OR libwebkit2gtk-4_0-37-2.28.2-3.54 is installed
  • OR libwebkit2gtk3-lang-2.28.2-3.54 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.2-3.54 is installed
  • OR webkit2gtk3-2.28.2-3.54 is installed
  • OR webkit2gtk3-devel-2.28.2-3.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND python-ipaddress-1.0.18-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.22 is installed
  • OR kernel-default-extra-4.12.14-25.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND python-Pillow-2.7.0-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • dovecot22-2.2.31-19.11 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.11 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.11 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • grafana-4.5.1-4.3 is installed
  • OR kafka-0.9.0.1-5.3 is installed
  • OR logstash-2.4.1-5.4 is installed
  • OR openstack-monasca-installer-20180622_15.06-3.6 is installed
    • BACK