Oval Definition:	oval:org.opensuse.security:def:50415
Revision Date: 2020-12-01 Version: 1 Title: Security update for libu2f-host, pam_u2f (Moderate) Description: This update for libu2f-host and pam_u2f to version 1.0.8 fixes the following issues: Security issues fixed for libu2f-host: - CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response (bsc#1128140). Security issues fixed for pam_u2f: - CVE-2019-12209: Fixed an issue where symlinks in the user's directory were followed (bsc#1135729). - CVE-2019-12210: Fixed file descriptor leaks (bsc#1135727). Family: unix Class: patch Status: Reference(s): 1058115 1071995 1083689 1092187 1099465 1104841 1105606 1108474 1108674 1109609 1114529 1120189 1123371 1123377 1123378 1125330 1127987 1128140 1129528 1129821 1130262 1132385 1135727 1135729 1137990 1138425 1138464 1141844 1142031 1144797 1145092 1149332 1149429 1151186 1151582 1153423 1153869 1154366 1154738 1157292 1157893 1158996 1160220 1160236 1160968 1162972 1165629 1165631 1166066 1171988 1172428 1173477 1173691 1173694 1173700 1173701 1173743 1173798 1173874 1173875 1173876 1173880 1174205 1174757 1175112 1175122 1175128 1175204 1175213 1175515 1175518 1175691 1175992 1176069 1176116 1176256 1176257 1176258 1176259 991201 CVE-2016-5416 CVE-2017-18922 CVE-2018-1054 CVE-2018-10871 CVE-2018-1089 CVE-2018-10935 CVE-2018-14638 CVE-2018-14648 CVE-2018-16847 CVE-2018-16890 CVE-2018-18335 CVE-2018-18356 CVE-2018-18506 CVE-2018-21247 CVE-2019-10208 CVE-2019-11597 CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-12209 CVE-2019-12210 CVE-2019-13616 CVE-2019-13626 CVE-2019-15903 CVE-2019-19126 CVE-2019-20839 CVE-2019-20840 CVE-2019-3822 CVE-2019-3823 CVE-2019-3883 CVE-2019-4732 CVE-2019-5785 CVE-2019-9578 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9794 CVE-2019-9795 CVE-2019-9796 CVE-2019-9801 CVE-2019-9810 CVE-2019-9813 CVE-2020-0034 CVE-2020-10135 CVE-2020-14314 CVE-2020-14331 CVE-2020-14356 CVE-2020-14386 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-15166 CVE-2020-16166 CVE-2020-1749 CVE-2020-24394 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 CVE-2020-5395 CVE-2020-5496 SUSE-SU-2018:4086-1 SUSE-SU-2019:0248-1 SUSE-SU-2019:0871-1 SUSE-SU-2019:1750-1 SUSE-SU-2019:1773-1 SUSE-SU-2019:2155-1 SUSE-SU-2019:2228-1 SUSE-SU-2019:2463-1 SUSE-SU-2019:2871-1 SUSE-SU-2020:0118-1 SUSE-SU-2020:0262-1 SUSE-SU-2020:0466-1 SUSE-SU-2020:1922-1 SUSE-SU-2020:2610-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-17.0.9esr-0.7 is installed OR MozillaFirefox-translations-17.0.9esr-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND dhcpcd-3.2.3-45.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information gpgme-1.5.1-1 is installed OR libgpgme11-1.5.1-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND hardlink-1.0-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information emacs-24.3-25.3 is installed OR emacs-info-24.3-25.3 is installed OR emacs-x11-24.3-25.3 is installed OR etags-24.3-25.3 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed AND Package Information LibVNCServer-0.9.10-4.22 is installed OR libvncserver0-0.9.10-4.22 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libu2f-host-1.1.6-3.6 is installed OR libu2f-host-devel-1.1.6-3.6 is installed OR libu2f-host0-1.1.6-3.6 is installed OR pam_u2f-1.0.8-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.5-3.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.5-3.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.5-3.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.5-3.33 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-150.58 is installed OR kernel-default-livepatch-4.12.14-150.58 is installed OR kernel-livepatch-4_12_14-150_58-default-1-1.3 is installed OR kernel-livepatch-SLE15_Update_20-1-1.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information MozillaFirefox-68.2.0-3.59 is installed OR MozillaFirefox-branding-upstream-68.2.0-3.59 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information ImageMagick-7.0.7.34-3.64 is installed OR ImageMagick-config-7-upstream-7.0.7.34-3.64 is installed OR ImageMagick-devel-32bit-7.0.7.34-3.64 is installed OR ImageMagick-doc-7.0.7.34-3.64 is installed OR ImageMagick-extra-7.0.7.34-3.64 is installed OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-3.64 is installed OR libMagick++-devel-32bit-7.0.7.34-3.64 is installed OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-3.64 is installed OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-3.64 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information libvpx-1.6.1-6.6 is installed OR libvpx4-32bit-1.6.1-6.6 is installed OR vpx-tools-1.6.1-6.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information qemu-2.11.2-9.17 is installed OR qemu-arm-2.11.2-9.17 is installed OR qemu-block-curl-2.11.2-9.17 is installed OR qemu-block-iscsi-2.11.2-9.17 is installed OR qemu-block-rbd-2.11.2-9.17 is installed OR qemu-block-ssh-2.11.2-9.17 is installed OR qemu-guest-agent-2.11.2-9.17 is installed OR qemu-ipxe-1.0.0+-9.17 is installed OR qemu-kvm-2.11.2-9.17 is installed OR qemu-lang-2.11.2-9.17 is installed OR qemu-ppc-2.11.2-9.17 is installed OR qemu-s390-2.11.2-9.17 is installed OR qemu-seabios-1.11.0-9.17 is installed OR qemu-sgabios-8-9.17 is installed OR qemu-vgabios-1.11.0-9.17 is installed OR qemu-x86-2.11.2-9.17 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information xen-4.13.1_08-3.10 is installed OR xen-devel-4.13.1_08-3.10 is installed OR xen-tools-4.13.1_08-3.10 is installed OR xen-tools-xendomains-wait-disk-4.13.1_08-3.10 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.35-4.35 is installed OR tomcat-admin-webapps-9.0.35-4.35 is installed OR tomcat-el-3_0-api-9.0.35-4.35 is installed OR tomcat-jsp-2_3-api-9.0.35-4.35 is installed OR tomcat-lib-9.0.35-4.35 is installed OR tomcat-servlet-4_0-api-9.0.35-4.35 is installed OR tomcat-webapps-9.0.35-4.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libpoppler-glib8-0.24.4-3 is installed OR libpoppler-qt4-4-0.24.4-3 is installed OR libpoppler44-0.24.4-3 is installed OR poppler-tools-0.24.4-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_48-default-2-2 is installed OR kgraft-patch-3_12_74-60_64_48-xen-2-2 is installed OR kgraft-patch-SLE12-SP1_Update_17-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXt6-1.1.4-3 is installed OR libXt6-32bit-1.1.4-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.92 is installed OR kernel-default-base-4.4.121-92.92 is installed OR kernel-default-devel-4.4.121-92.92 is installed OR kernel-devel-4.4.121-92.92 is installed OR kernel-macros-4.4.121-92.92 is installed OR kernel-source-4.4.121-92.92 is installed OR kernel-syms-4.4.121-92.92 is installed OR kgraft-patch-4_4_121-92_92-default-1-3.7 is installed OR kgraft-patch-SLE12-SP2_Update_24-1-3.7 is installed OR lttng-modules-2.7.1-9.4 is installed OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gdm-3.10.0.1-52 is installed OR gdm-lang-3.10.0.1-52 is installed OR gdmflexiserver-3.10.0.1-52 is installed OR libgdm1-3.10.0.1-52 is installed OR typelib-1_0-Gdm-1_0-3.10.0.1-52 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND permissions-20180125-3.27 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information python-pip-10.0.1-3.3 is installed OR python2-pip-10.0.1-3.3 is installed OR python3-pip-10.0.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information ffmpeg-3.4.2-4.12 is installed OR libavcodec-devel-3.4.2-4.12 is installed OR libavformat-devel-3.4.2-4.12 is installed OR libavformat57-3.4.2-4.12 is installed OR libavresample-devel-3.4.2-4.12 is installed OR libavresample3-3.4.2-4.12 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information libixion-0.14.1-4.3 is installed OR libixion-0_14-0-0.14.1-4.3 is installed OR liborcus-0.14.1-3.3 is installed OR liborcus-0_14-0-0.14.1-3.3 is installed OR liborcus-devel-0.14.1-3.3 is installed OR myspell-af_ZA-20190423-3.9 is installed OR myspell-ar-20190423-3.9 is installed OR myspell-bg_BG-20190423-3.9 is installed OR myspell-bn_BD-20190423-3.9 is installed OR myspell-br_FR-20190423-3.9 is installed OR myspell-ca-20190423-3.9 is installed OR myspell-cs_CZ-20190423-3.9 is installed OR myspell-da_DK-20190423-3.9 is installed OR myspell-dictionaries-20190423-3.9 is installed OR myspell-el_GR-20190423-3.9 is installed OR myspell-et_EE-20190423-3.9 is installed OR myspell-fr_FR-20190423-3.9 is installed OR myspell-gl-20190423-3.9 is installed OR myspell-gu_IN-20190423-3.9 is installed OR myspell-he_IL-20190423-3.9 is installed OR myspell-hi_IN-20190423-3.9 is installed OR myspell-hr_HR-20190423-3.9 is installed OR myspell-it_IT-20190423-3.9 is installed OR myspell-lt_LT-20190423-3.9 is installed OR myspell-lv_LV-20190423-3.9 is installed OR myspell-nl_NL-20190423-3.9 is installed OR myspell-nn_NO-20190423-3.9 is installed OR myspell-pl_PL-20190423-3.9 is installed OR myspell-pt_PT-20190423-3.9 is installed OR myspell-si_LK-20190423-3.9 is installed OR myspell-sk_SK-20190423-3.9 is installed OR myspell-sl_SI-20190423-3.9 is installed OR myspell-sr-20190423-3.9 is installed OR myspell-sv_SE-20190423-3.9 is installed OR myspell-te_IN-20190423-3.9 is installed OR myspell-th_TH-20190423-3.9 is installed OR myspell-tr_TR-20190423-3.9 is installed OR myspell-uk_UA-20190423-3.9 is installed OR myspell-zu_ZA-20190423-3.9 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-devel-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND python-pycrypto-2.6.1-10.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-Twisted-15.2.1-9.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed
BACK