Oval Definition:	oval:org.opensuse.security:def:50506
Revision Date: 2020-12-01 Version: 1 Title: Security update for clamav (Moderate) Description: This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504). - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458). Non-security issues fixed: - Added the --max-scantime clamscan option and MaxScanTime clamd configuration option (bsc#1144504). - Increased the startup timeout of clamd to 5 minutes to cater for the grown virus database as a workaround until clamd has learned to talk to systemd to extend the timeout as long as needed (bsc#1151839). Family: unix Class: patch Status: Reference(s): 1027282 1027519 1029377 1029902 1040164 1042670 1061305 1062631 1065600 1065729 1070853 1071995 1079730 1079761 1081750 1083507 1085030 1086001 1088004 1088009 1088573 1091045 1094814 1098403 1107030 1107424 1109663 1109847 1111025 1117665 1119991 1120163 1120644 1122191 1125401 1125433 1129346 1129403 1130840 1133021 1133452 1136981 1136986 1136992 1137930 1137942 1138459 1141853 1143794 1144087 1144504 1145379 1145427 1145436 1145774 1146025 1146873 1149032 1149121 1149458 1149792 1149811 1149841 1149955 1151021 1151490 1151839 1152472 1152489 1152506 1153238 1153274 1154353 1154488 1154492 1155518 1156395 1157490 1157627 1158880 1159035 1159058 1159622 1160634 1165849 1167007 1167773 1167816 1169740 1169790 1170643 1170940 1171355 1171634 1171688 1172021 1172053 1172108 1172189 1172197 1172205 1172247 1172418 1172651 1172795 1172796 1172871 1172963 1173100 1173334 1173468 1173485 1173659 1173798 1173813 1173869 1173942 1173954 1173963 1174002 1174003 1174026 1174186 1174205 1174247 1174362 1174387 1174484 1174625 1174645 1174689 1174699 1174737 1174757 1174762 1174770 1174771 1174777 1174805 1174824 1174825 1174852 1174865 1174880 1174897 1174906 1174969 1175009 1175010 1175011 1175012 1175013 1175014 1175015 1175016 1175017 1175018 1175019 1175020 1175021 1175052 1175112 1175116 1175128 1175149 1175175 1175176 1175180 1175181 1175182 1175183 1175184 1175185 1175186 1175187 1175188 1175189 1175190 1175191 1175192 1175195 1175199 1175213 1175232 1175263 1175284 1175296 1175344 1175345 1175346 1175347 1175367 1175377 1175440 1175493 1175546 1175550 1175654 1175691 1175768 1175769 1175770 1175771 1175772 1175774 1175775 1175834 1175873 637176 658604 673071 709442 743787 747125 751718 754447 754677 787526 809831 831629 834601 871152 885662 885882 917607 942751 951166 983582 984751 985177 985348 989523 992038 CVE-2011-3389 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2013-1752 CVE-2013-4238 CVE-2014-2667 CVE-2014-4650 CVE-2016-0772 CVE-2016-1000110 CVE-2016-5636 CVE-2016-5699 CVE-2017-14988 CVE-2017-18207 CVE-2017-6888 CVE-2018-1000802 CVE-2018-1060 CVE-2018-1061 CVE-2018-12207 CVE-2018-14647 CVE-2018-16548 CVE-2018-20126 CVE-2018-20406 CVE-2018-20852 CVE-2018-8956 CVE-2019-10160 CVE-2019-11135 CVE-2019-12068 CVE-2019-12447 CVE-2019-12448 CVE-2019-12449 CVE-2019-12625 CVE-2019-12795 CVE-2019-12900 CVE-2019-14378 CVE-2019-14835 CVE-2019-14895 CVE-2019-15890 CVE-2019-15903 CVE-2019-16056 CVE-2019-16746 CVE-2019-16935 CVE-2019-19447 CVE-2019-19956 CVE-2019-5010 CVE-2019-9458 CVE-2019-9636 CVE-2019-9947 CVE-2020-0543 CVE-2020-11668 CVE-2020-11868 CVE-2020-12802 CVE-2020-12803 CVE-2020-13817 CVE-2020-14314 CVE-2020-14331 CVE-2020-14331 CVE-2020-14356 CVE-2020-15025 CVE-2020-15780 CVE-2020-16166 CVE-2020-1983 CVE-2020-3899 SUSE-SU-2019:0920-1 SUSE-SU-2019:1717-1 SUSE-SU-2019:2043-1 SUSE-SU-2019:2750-1 SUSE-SU-2019:2955-1 SUSE-SU-2019:3053-1 SUSE-SU-2020:0114-1 SUSE-SU-2020:1198-1 SUSE-SU-2020:1502-1 SUSE-SU-2020:1532-2 SUSE-SU-2020:1609-1 SUSE-SU-2020:1823-1 SUSE-SU-2020:2513-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Python2 packages 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information kde4-kgreeter-plugins-4.3.5-0.12.18 is installed OR kdebase4-wallpapers-4.3.5-0.11.18 is installed OR kdebase4-workspace-4.3.5-0.12.18 is installed OR kdebase4-workspace-ksysguardd-4.3.5-0.12.18 is installed OR kdm-4.3.5-0.12.18 is installed OR kwin-4.3.5-0.12.18 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-38.3.0esr-22 is installed OR MozillaFirefox-translations-38.3.0esr-22 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information cpio-2.11-26 is installed OR cpio-lang-2.11-26 is installed OR tar-1.27.1-2 is installed OR tar-lang-1.27.1-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information gnome-online-accounts-3.10.5-1 is installed OR gnome-online-accounts-lang-3.10.5-1 is installed OR libgoa-1_0-0-3.10.5-1 is installed OR libgoa-backend-1_0-1-3.10.5-1 is installed OR typelib-1_0-Goa-1_0-3.10.5-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND argyllcms-1.6.3-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information e2fsprogs-1.42.11-15 is installed OR libcom_err2-1.42.11-15 is installed OR libcom_err2-32bit-1.42.11-15 is installed OR libext2fs2-1.42.11-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND libXxf86dga1-1.1.4-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information clamav-0.100.3-3.14 is installed OR clamav-devel-0.100.3-3.14 is installed OR libclamav7-0.100.3-3.14 is installed OR libclammspack0-0.100.3-3.14 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND ntp-4.2.8p15-4.10 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_14-default-4-2 is installed OR kernel-livepatch-SLE15_Update_9-4-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_29-default-6-2 is installed OR kernel-livepatch-SLE15-SP1_Update_8-6-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information libpython3_6m1_0-32bit-3.6.10-3.42 is installed OR python3-3.6.10-3.42 is installed OR python3-32bit-3.6.10-3.42 is installed OR python3-base-3.6.10-3.42 is installed OR python3-base-32bit-3.6.10-3.42 is installed OR python3-doc-3.6.10-3.42 is installed OR python3-testsuite-3.6.10-3.42 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information gvfs-1.34.2.1-4.13 is installed OR gvfs-32bit-1.34.2.1-4.13 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information cluster-md-kmp-preempt-5.3.18-24.12 is installed OR dlm-kmp-preempt-5.3.18-24.12 is installed OR gfs2-kmp-preempt-5.3.18-24.12 is installed OR kernel-debug-5.3.18-24.12 is installed OR kernel-debug-devel-5.3.18-24.12 is installed OR kernel-debug-livepatch-devel-5.3.18-24.12 is installed OR kernel-default-5.3.18-24.12 is installed OR kernel-default-base-5.3.18-24.12.1.9.4 is installed OR kernel-default-base-rebuild-5.3.18-24.12.1.9.4 is installed OR kernel-default-livepatch-5.3.18-24.12 is installed OR kernel-docs-5.3.18-24.12 is installed OR kernel-docs-html-5.3.18-24.12 is installed OR kernel-kvmsmall-5.3.18-24.12 is installed OR kernel-kvmsmall-devel-5.3.18-24.12 is installed OR kernel-kvmsmall-livepatch-devel-5.3.18-24.12 is installed OR kernel-obs-qa-5.3.18-24.12 is installed OR kernel-preempt-5.3.18-24.12 is installed OR kernel-preempt-extra-5.3.18-24.12 is installed OR kernel-preempt-livepatch-devel-5.3.18-24.12 is installed OR kernel-source-5.3.18-24.12 is installed OR kernel-source-vanilla-5.3.18-24.12 is installed OR kselftests-kmp-default-5.3.18-24.12 is installed OR kselftests-kmp-preempt-5.3.18-24.12 is installed OR ocfs2-kmp-preempt-5.3.18-24.12 is installed OR reiserfs-kmp-preempt-5.3.18-24.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP2 is installed AND Package Information python-libxml2-python-2.9.7-3.22 is installed OR python2-libxml2-python-2.9.7-3.22 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information qemu-3.1.1.1-9.6 is installed OR qemu-arm-3.1.1.1-9.6 is installed OR qemu-audio-alsa-3.1.1.1-9.6 is installed OR qemu-audio-oss-3.1.1.1-9.6 is installed OR qemu-audio-pa-3.1.1.1-9.6 is installed OR qemu-block-curl-3.1.1.1-9.6 is installed OR qemu-block-iscsi-3.1.1.1-9.6 is installed OR qemu-block-rbd-3.1.1.1-9.6 is installed OR qemu-block-ssh-3.1.1.1-9.6 is installed OR qemu-guest-agent-3.1.1.1-9.6 is installed OR qemu-ipxe-1.0.0+-9.6 is installed OR qemu-kvm-3.1.1.1-9.6 is installed OR qemu-lang-3.1.1.1-9.6 is installed OR qemu-ppc-3.1.1.1-9.6 is installed OR qemu-s390-3.1.1.1-9.6 is installed OR qemu-seabios-1.12.0-9.6 is installed OR qemu-sgabios-8-9.6 is installed OR qemu-ui-curses-3.1.1.1-9.6 is installed OR qemu-ui-gtk-3.1.1.1-9.6 is installed OR qemu-vgabios-1.12.0-9.6 is installed OR qemu-x86-3.1.1.1-9.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information sysconfig-0.83.8-7 is installed OR sysconfig-netconfig-0.83.8-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND dnsmasq-2.78-18.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_perl-2.0.8-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND yast2-smt-3.0.14-17.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libsystemd0-228-150.66 is installed OR libsystemd0-32bit-228-150.66 is installed OR libudev-devel-228-150.66 is installed OR libudev1-228-150.66 is installed OR libudev1-32bit-228-150.66 is installed OR systemd-228-150.66 is installed OR systemd-32bit-228-150.66 is installed OR systemd-bash-completion-228-150.66 is installed OR systemd-sysvinit-228-150.66 is installed OR udev-228-150.66 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libhivex0-1.3.10-4 is installed OR perl-Win-Hivex-1.3.10-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libldap-2_4-2-2.4.46-9.28 is installed OR libldap-2_4-2-32bit-2.4.46-9.28 is installed OR libldap-data-2.4.46-9.28 is installed OR openldap2-2.4.46-9.28 is installed OR openldap2-back-meta-2.4.46-9.28 is installed OR openldap2-back-perl-2.4.46-9.28 is installed OR openldap2-client-2.4.46-9.28 is installed OR openldap2-devel-2.4.46-9.28 is installed OR openldap2-devel-32bit-2.4.46-9.28 is installed OR openldap2-devel-static-2.4.46-9.28 is installed OR openldap2-ppolicy-check-password-1.2-9.28 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information dovecot23-2.3.10-4.22 is installed OR dovecot23-backend-mysql-2.3.10-4.22 is installed OR dovecot23-backend-pgsql-2.3.10-4.22 is installed OR dovecot23-backend-sqlite-2.3.10-4.22 is installed OR dovecot23-devel-2.3.10-4.22 is installed OR dovecot23-fts-2.3.10-4.22 is installed OR dovecot23-fts-lucene-2.3.10-4.22 is installed OR dovecot23-fts-solr-2.3.10-4.22 is installed OR dovecot23-fts-squat-2.3.10-4.22 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information freerdp-2.0.0~rc4-3.3 is installed OR freerdp-devel-2.0.0~rc4-3.3 is installed OR libfreerdp2-2.0.0~rc4-3.3 is installed OR libwinpr2-2.0.0~rc4-3.3 is installed OR winpr2-devel-2.0.0~rc4-3.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.8.0-3.80 is installed OR MozillaThunderbird-translations-common-68.8.0-3.80 is installed OR MozillaThunderbird-translations-other-68.8.0-3.80 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information LibVNCServer-0.9.10-4.19 is installed OR libvncclient0-0.9.10-4.19 is installed OR libvncserver0-0.9.10-4.19 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information git-2.12.3-27.14 is installed OR git-arch-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-credential-gnome-keyring-2.12.3-27.14 is installed OR git-cvs-2.12.3-27.14 is installed OR git-daemon-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed OR git-email-2.12.3-27.14 is installed OR git-gui-2.12.3-27.14 is installed OR git-svn-2.12.3-27.14 is installed OR git-web-2.12.3-27.14 is installed OR gitk-2.12.3-27.14 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information storm-1.0.5-5 is installed OR storm-nimbus-1.0.5-5 is installed OR storm-supervisor-1.0.5-5 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed
BACK