Oval Definition:oval:org.opensuse.security:def:50404
Revision Date:2020-12-01Version:1
Title:Security update for elfutils (Moderate)
Description:

This update for elfutils fixes the following issues:

Security issues fixed:

- CVE-2017-7607: Fixed a heap-based buffer overflow in handle_gnu_hash (bsc#1033084) - CVE-2017-7608: Fixed a heap-based buffer overflow in ebl_object_note_type_name() (bsc#1033085) - CVE-2017-7609: Fixed a memory allocation failure in __libelf_decompress (bsc#1033086) - CVE-2017-7610: Fixed a heap-based buffer overflow in check_group (bsc#1033087) - CVE-2017-7611: Fixed a denial of service via a crafted ELF file (bsc#1033088) - CVE-2017-7612: Fixed a denial of service in check_sysv_hash() via a crafted ELF file (bsc#1033089) - CVE-2017-7613: Fixed denial of service caused by the missing validation of the number of sections and the number of segments in a crafted ELF file (bsc#1033090) - CVE-2018-16062: Fixed a heap-buffer overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390) - CVE-2018-16402: Fixed a denial of service/double free on an attempt to decompress the same section twice (bsc#1107066) - CVE-2018-16403: Fixed a heap buffer overflow in readelf (bsc#1107067) - CVE-2018-18310: Fixed an invalid address read problem in dwfl_segment_report_module.c (bsc#1111973) - CVE-2018-18520: Fixed bad handling of ar files inside are files (bsc#1112726) - CVE-2018-18521: Fixed a denial of service vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723) - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bsc#1123685) - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (bsc#1125007)
Family:unixClass:patch
Status:Reference(s):1033084
1033085
1033086
1033087
1033088
1033089
1033090
1040973
1068873
1073313
1088424
1091610
1092125
1097599
1097600
1098946
1103203
1104199
1104202
1106390
1107066
1107067
1109175
1109176
1109299
1111331
1111388
1111973
1112723
1112726
1114845
1115364
1117513
1123685
1125007
1125401
1131595
1135273
1142684
1143194
1143273
1150003
1150250
1151178
1156015
1160467
1160468
1166844
1169740
1171355
1172651
1173334
1173902
1173994
1177613
992038
CVE-2017-1000126
CVE-2017-17740
CVE-2017-7607
CVE-2017-7608
CVE-2017-7609
CVE-2017-7610
CVE-2017-7611
CVE-2017-7612
CVE-2017-7613
CVE-2017-9239
CVE-2018-10733
CVE-2018-10915
CVE-2018-10925
CVE-2018-1115
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-12264
CVE-2018-12265
CVE-2018-12648
CVE-2018-16062
CVE-2018-16402
CVE-2018-16403
CVE-2018-17229
CVE-2018-17230
CVE-2018-17282
CVE-2018-18310
CVE-2018-18520
CVE-2018-18521
CVE-2018-19108
CVE-2018-19607
CVE-2018-8956
CVE-2018-9305
CVE-2019-11091
CVE-2019-13057
CVE-2019-13114
CVE-2019-13565
CVE-2019-14896
CVE-2019-14897
CVE-2019-1547
CVE-2019-1563
CVE-2019-16239
CVE-2019-3886
CVE-2019-5068
CVE-2019-7150
CVE-2019-7665
CVE-2020-10531
CVE-2020-11868
CVE-2020-13817
CVE-2020-14318
CVE-2020-14323
CVE-2020-14383
CVE-2020-15025
SUSE-SU-2018:2564-1
SUSE-SU-2019:0720-1
SUSE-SU-2019:1285-1
SUSE-SU-2019:1356-1
SUSE-SU-2019:1486-1
SUSE-SU-2019:1603-1
SUSE-SU-2019:2395-1
SUSE-SU-2019:2403-1
SUSE-SU-2019:2737-1
SUSE-SU-2020:0111-1
SUSE-SU-2020:0132-1
SUSE-SU-2020:0819-2
SUSE-SU-2020:0921-1
SUSE-SU-2020:1823-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • xorg-x11-libX11-7.4-5.11.11 is installed
  • OR xorg-x11-libX11-32bit-7.4-5.11.11 is installed
  • OR xorg-x11-libX11-devel-7.4-5.11.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • compat-openssl097g-0.9.7g-146.22.36 is installed
  • OR compat-openssl097g-32bit-0.9.7g-146.22.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • augeas-0.9.0-3.17 is installed
  • OR libaugeas0-0.9.0-3.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • gdk-pixbuf-lang-2.30.6-1 is installed
  • OR gdk-pixbuf-query-loaders-2.30.6-1 is installed
  • OR gdk-pixbuf-query-loaders-32bit-2.30.6-1 is installed
  • OR libgdk_pixbuf-2_0-0-2.30.6-1 is installed
  • OR libgdk_pixbuf-2_0-0-32bit-2.30.6-1 is installed
  • OR typelib-1_0-GdkPixbuf-2_0-2.30.6-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • gdk-pixbuf-lang-2.30.6-1 is installed
  • OR gdk-pixbuf-query-loaders-2.30.6-1 is installed
  • OR gdk-pixbuf-query-loaders-32bit-2.30.6-1 is installed
  • OR libgdk_pixbuf-2_0-0-2.30.6-1 is installed
  • OR libgdk_pixbuf-2_0-0-32bit-2.30.6-1 is installed
  • OR typelib-1_0-GdkPixbuf-2_0-2.30.6-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • gnome-settings-daemon-3.20.1-40 is installed
  • OR gnome-settings-daemon-lang-3.20.1-40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND facter-2.4.6-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • cyrus-sasl-2.1.26-8.7 is installed
  • OR cyrus-sasl-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-crammd5-2.1.26-8.7 is installed
  • OR cyrus-sasl-crammd5-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-digestmd5-2.1.26-8.7 is installed
  • OR cyrus-sasl-digestmd5-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-gssapi-2.1.26-8.7 is installed
  • OR cyrus-sasl-gssapi-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-plain-2.1.26-8.7 is installed
  • OR cyrus-sasl-plain-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-saslauthd-2.1.26-8.7 is installed
  • OR libsasl2-3-2.1.26-8.7 is installed
  • OR libsasl2-3-32bit-2.1.26-8.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND icu-60.2-3.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 is installed
  • AND Package Information
  • elfutils-0.168-4.5 is installed
  • OR elfutils-lang-0.168-4.5 is installed
  • OR libasm-devel-0.168-4.5 is installed
  • OR libasm1-0.168-4.5 is installed
  • OR libdw-devel-0.168-4.5 is installed
  • OR libdw1-0.168-4.5 is installed
  • OR libdw1-32bit-0.168-4.5 is installed
  • OR libebl-devel-0.168-4.5 is installed
  • OR libebl-plugins-0.168-4.5 is installed
  • OR libebl-plugins-32bit-0.168-4.5 is installed
  • OR libelf-devel-0.168-4.5 is installed
  • OR libelf1-0.168-4.5 is installed
  • OR libelf1-32bit-0.168-4.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND ntp-4.2.8p15-4.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_22-default-6-2 is installed
  • OR kernel-livepatch-SLE15_Update_11-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • openconnect-7.08-6.3 is installed
  • OR openconnect-doc-7.08-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • exempi-2.4.5-3.3 is installed
  • OR exempi-tools-2.4.5-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • ctdb-pcp-pmda-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR ctdb-tests-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR libdcerpc-samr0-32bit-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR libsamba-policy0-python3-32bit-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR libsmbclient0-32bit-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR samba-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR samba-ad-dc-32bit-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR samba-client-32bit-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR samba-doc-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR samba-libs-python3-32bit-4.11.14+git.202.344b137b75d-4.14 is installed
  • OR samba-test-4.11.14+git.202.344b137b75d-4.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • libecpg6-10.5-4.5 is installed
  • OR postgresql10-10.5-4.5 is installed
  • OR postgresql10-contrib-10.5-4.5 is installed
  • OR postgresql10-devel-10.5-4.5 is installed
  • OR postgresql10-docs-10.5-4.5 is installed
  • OR postgresql10-plperl-10.5-4.5 is installed
  • OR postgresql10-plpython-10.5-4.5 is installed
  • OR postgresql10-pltcl-10.5-4.5 is installed
  • OR postgresql10-server-10.5-4.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • qemu-4.2.1-11.4 is installed
  • OR qemu-arm-4.2.1-11.4 is installed
  • OR qemu-audio-alsa-4.2.1-11.4 is installed
  • OR qemu-audio-pa-4.2.1-11.4 is installed
  • OR qemu-block-curl-4.2.1-11.4 is installed
  • OR qemu-block-iscsi-4.2.1-11.4 is installed
  • OR qemu-block-rbd-4.2.1-11.4 is installed
  • OR qemu-block-ssh-4.2.1-11.4 is installed
  • OR qemu-guest-agent-4.2.1-11.4 is installed
  • OR qemu-ipxe-1.0.0+-11.4 is installed
  • OR qemu-kvm-4.2.1-11.4 is installed
  • OR qemu-lang-4.2.1-11.4 is installed
  • OR qemu-microvm-4.2.1-11.4 is installed
  • OR qemu-ppc-4.2.1-11.4 is installed
  • OR qemu-s390-4.2.1-11.4 is installed
  • OR qemu-seabios-1.12.1+-11.4 is installed
  • OR qemu-sgabios-8-11.4 is installed
  • OR qemu-ui-curses-4.2.1-11.4 is installed
  • OR qemu-ui-gtk-4.2.1-11.4 is installed
  • OR qemu-ui-spice-app-4.2.1-11.4 is installed
  • OR qemu-vgabios-1.12.1+-11.4 is installed
  • OR qemu-x86-4.2.1-11.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • nodejs10-10.16.3-1.12 is installed
  • OR nodejs10-devel-10.16.3-1.12 is installed
  • OR nodejs10-docs-10.16.3-1.12 is installed
  • OR npm10-10.16.3-1.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND libmspack0-0.4-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_40-default-2-3 is installed
  • OR kgraft-patch-3_12_74-60_64_40-xen-2-3 is installed
  • OR kgraft-patch-SLE12-SP1_Update_15-2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libX11-6-1.6.2-4 is installed
  • OR libX11-6-32bit-1.6.2-4 is installed
  • OR libX11-data-1.6.2-4 is installed
  • OR libX11-xcb1-1.6.2-4 is installed
  • OR libX11-xcb1-32bit-1.6.2-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.85 is installed
  • OR kernel-default-base-4.4.121-92.85 is installed
  • OR kernel-default-devel-4.4.121-92.85 is installed
  • OR kernel-devel-4.4.121-92.85 is installed
  • OR kernel-macros-4.4.121-92.85 is installed
  • OR kernel-source-4.4.121-92.85 is installed
  • OR kernel-syms-4.4.121-92.85 is installed
  • OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.3.0-109.50 is installed
  • OR MozillaFirefox-devel-60.3.0-109.50 is installed
  • OR MozillaFirefox-translations-common-60.3.0-109.50 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND ucode-intel-20180807-13.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • evince-3.20.1-5 is installed
  • OR evince-browser-plugin-3.20.1-5 is installed
  • OR evince-lang-3.20.1-5 is installed
  • OR evince-plugin-djvudocument-3.20.1-5 is installed
  • OR evince-plugin-dvidocument-3.20.1-5 is installed
  • OR evince-plugin-pdfdocument-3.20.1-5 is installed
  • OR evince-plugin-psdocument-3.20.1-5 is installed
  • OR evince-plugin-tiffdocument-3.20.1-5 is installed
  • OR evince-plugin-xpsdocument-3.20.1-5 is installed
  • OR libevdocument3-4-3.20.1-5 is installed
  • OR libevview3-3-3.20.1-5 is installed
  • OR nautilus-evince-3.20.1-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_69-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • avahi-0.6.32-32.3 is installed
  • OR avahi-glib2-0.6.32-32.3 is installed
  • OR avahi-lang-0.6.32-32.3 is installed
  • OR avahi-utils-0.6.32-32.3 is installed
  • OR libavahi-client3-0.6.32-32.3 is installed
  • OR libavahi-client3-32bit-0.6.32-32.3 is installed
  • OR libavahi-common3-0.6.32-32.3 is installed
  • OR libavahi-common3-32bit-0.6.32-32.3 is installed
  • OR libavahi-core7-0.6.32-32.3 is installed
  • OR libavahi-glib1-0.6.32-32.3 is installed
  • OR libavahi-glib1-32bit-0.6.32-32.3 is installed
  • OR libdns_sd-0.6.32-32.3 is installed
  • OR libdns_sd-32bit-0.6.32-32.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • libssh2-1-1.8.0-4.10 is installed
  • OR libssh2-1-32bit-1.8.0-4.10 is installed
  • OR libssh2-devel-1.8.0-4.10 is installed
  • OR libssh2_org-1.8.0-4.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.15-3.41 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-3.41 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.15-3.41 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-3.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.6 is installed
  • OR kernel-default-extra-4.12.14-25.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • evolution-3.26.6-4.3 is installed
  • OR evolution-devel-3.26.6-4.3 is installed
  • OR evolution-lang-3.26.6-4.3 is installed
  • OR evolution-plugin-bogofilter-3.26.6-4.3 is installed
  • OR evolution-plugin-pst-import-3.26.6-4.3 is installed
  • OR evolution-plugin-spamassassin-3.26.6-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-horizon-plugin-manila-ui-1.2.1~a0~dev2-3 is installed
  • OR python-horizon-plugin-manila-ui-1.2.1~a0~dev2-3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libsnmp30-5.7.3-6.3 is installed
  • OR libsnmp30-32bit-5.7.3-6.3 is installed
  • OR net-snmp-5.7.3-6.3 is installed
  • OR perl-SNMP-5.7.3-6.3 is installed
  • OR snmp-mibs-5.7.3-6.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libsolv-0.6.36-2.27.19 is installed
  • OR libsolv-tools-0.6.36-2.27.19 is installed
  • OR libzypp-16.20.2-27.60 is installed
  • OR perl-solv-0.6.36-2.27.19 is installed
  • OR python-solv-0.6.36-2.27.19 is installed
  • OR zypper-1.13.54-18.40 is installed
  • OR zypper-log-1.13.54-18.40 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-Twisted-15.2.1-9.5 is installed
    • BACK