OVAL Reference oval:org.opensuse.security:def:5096

Oval Definition:

oval:org.opensuse.security:def:5096

Revision Date:	2021-08-25	Version:	1
Title:	Security update for unrar (Moderate)
Description:	This update for unrar to version 5.6.1 fixes several issues. These security issues were fixed: - CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file (bsc#1054038). - CVE-2017-12940: Prevent out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function (bsc#1054038). - CVE-2017-12941: Prevent an out-of-bounds read in the Unpack::Unpack20 function (bsc#1054038). - CVE-2017-12942: Prevent a buffer overflow in the Unpack::LongLZ function (bsc#1054038). - CVE-2017-20006: Fixed heap-based buffer overflow in Unpack:CopyString (bsc#1187974). These non-security issues were fixed: - Added extraction support for .LZ archives created by Lzip compressor - Enable unpacking of files in ZIP archives compressed with XZ algorithm and encrypted with AES - Added support for PAX extended headers inside of TAR archive - If RAR recovery volumes (.rev files) are present in the same folder as usual RAR volumes, archive test command verifies .rev contents after completing testing .rar files - By default unrar skips symbolic links with absolute paths in link target when extracting unless -ola command line switch is specified - Added support for AES-NI CPU instructions - Support for a new RAR 5.0 archiving format - Wildcard exclusion mask for folders - Prevent conditional jumps depending on uninitialised values (bsc#1046882)
Family:	unix	Class:	patch
Status:		Reference(s):	1046882 1054038 1055014 1061843 1065600 1065729 1066382 1077428 1082318 1112178 1131277 1134760 1154980 1157712 1157714 1170415 1171558 1173432 1174748 1176354 1176485 1176560 1176713 1176723 1177086 1177101 1177271 1177281 1177410 1177411 1177470 1177687 1177719 1177740 1177749 1177750 1177753 1177754 1177755 1177766 1177855 1177856 1177861 1178003 1178027 1178166 1178185 1178187 1178188 1178202 1178234 1178330 1187974 CVE-2009-0035 CVE-2009-2624 CVE-2009-2625 CVE-2009-3560 CVE-2009-3720 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4536 CVE-2009-4538 CVE-2010-0001 CVE-2010-1146 CVE-2010-1163 CVE-2010-1172 CVE-2010-1436 CVE-2010-1641 CVE-2010-1646 CVE-2010-2066 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2011-0010 CVE-2011-0712 CVE-2011-1006 CVE-2011-1020 CVE-2011-1022 CVE-2011-1577 CVE-2011-2203 CVE-2012-0056 CVE-2012-0876 CVE-2012-1147 CVE-2012-1148 CVE-2012-2337 CVE-2012-2372 CVE-2012-6706 CVE-2013-0160 CVE-2013-0231 CVE-2013-0292 CVE-2013-0913 CVE-2013-1775 CVE-2013-1776 CVE-2013-1982 CVE-2013-2002 CVE-2013-2005 CVE-2013-2850 CVE-2013-4587 CVE-2013-6367 CVE-2013-6368 CVE-2013-6376 CVE-2014-00691 CVE-2014-0102 CVE-2014-0131 CVE-2014-0196 CVE-2014-1932 CVE-2014-2523 CVE-2014-2653 CVE-2014-3534 CVE-2014-3917 CVE-2014-3940 CVE-2014-4171 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4699 CVE-2014-4943 CVE-2014-5044 CVE-2014-5044 CVE-2014-5045 CVE-2014-5077 CVE-2014-5206 CVE-2014-5207 CVE-2014-5471 CVE-2014-5472 CVE-2015-5276 CVE-2017-12938 CVE-2017-12940 CVE-2017-12941 CVE-2017-12942 CVE-2017-20006 CVE-2019-18277 CVE-2020-0430 CVE-2020-14351 CVE-2020-16120 CVE-2020-25285 CVE-2020-25656 CVE-2020-27673 CVE-2020-27675 CVE-2020-8694 SUSE-SU-2019:3126-1 SUSE-SU-2020:3272-1 SUSE-SU-2021:2834-1
Platform(s):	openSUSE 13.1 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND haproxy-1.5.4-2.4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xorg-x11-libXt-7.4-1.19.1 is installed OR xorg-x11-libXt-32bit-7.4-1.19.1 is installed OR xorg-x11-libXt-devel-7.4-1.19.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libecpg6-9.1.15-0.3.1 is installed OR libpq5-9.1.15-0.3.1 is installed OR libpq5-32bit-9.1.15-0.3.1 is installed OR postgresql91-9.1.15-0.3.1 is installed OR postgresql91-docs-9.1.15-0.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information cpp48-4.8.5-24 is installed OR gcc48-4.8.5-24 is installed OR gcc48-32bit-4.8.5-24 is installed OR gcc48-c++-4.8.5-24 is installed OR gcc48-gij-4.8.5-24 is installed OR gcc48-gij-32bit-4.8.5-24 is installed OR gcc48-info-4.8.5-24 is installed OR libasan0-4.8.5-24 is installed OR libasan0-32bit-4.8.5-24 is installed OR libgcj48-4.8.5-24 is installed OR libgcj48-32bit-4.8.5-24 is installed OR libgcj48-jar-4.8.5-24 is installed OR libgcj_bc1-4.8.5-24 is installed OR libstdc++48-devel-4.8.5-24 is installed OR libstdc++48-devel-32bit-4.8.5-24 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND autofs-5.0.9-21 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information NetworkManager-1.0.12-12 is installed OR NetworkManager-lang-1.0.12-12 is installed OR libnm-glib-vpn1-1.0.12-12 is installed OR libnm-glib4-1.0.12-12 is installed OR libnm-util2-1.0.12-12 is installed OR libnm0-1.0.12-12 is installed OR typelib-1_0-NM-1_0-1.0.12-12 is installed OR typelib-1_0-NMClient-1_0-1.0.12-12 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND cifs-utils-6.5-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND Package Information cluster-fs-1.0-22.5 is installed OR cluster-network-1.4-26.4 is installed OR cluster-network-kmp-default-1.4_k3.12.61_52.133-26.4 is installed OR cluster-network-kmp-xen-1.4_k3.12.61_52.133-26.4 is installed OR dlm-kmp-default-4.0.2_k3.12.61_52.133-22.5 is installed OR dlm-kmp-xen-4.0.2_k3.12.61_52.133-22.5 is installed OR drbd-8.4.4.7-9.11 is installed OR drbd-kmp-default-8.4.4.7_k3.12.61_52.133-9.11 is installed OR drbd-kmp-xen-8.4.4.7_k3.12.61_52.133-9.11 is installed OR gfs2-kmp-default-3.1.6_k3.12.61_52.133-22.5 is installed OR gfs2-kmp-xen-3.1.6_k3.12.61_52.133-22.5 is installed OR ocfs2-kmp-default-1.8.2_k3.12.61_52.133-22.5 is installed OR ocfs2-kmp-xen-1.8.2_k3.12.61_52.133-22.5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND hawk2-1.0.1+git.1456406635.49e230d-12 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information cluster-md-kmp-default-4.4.21-69 is installed OR cluster-network-kmp-default-4.4.21-69 is installed OR dlm-kmp-default-4.4.21-69 is installed OR gfs2-kmp-default-4.4.21-69 is installed OR ocfs2-kmp-default-4.4.21-69 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.82-6.6.1 is installed OR dlm-kmp-default-4.4.82-6.6.1 is installed OR gfs2-kmp-default-4.4.82-6.6.1 is installed OR kernel-default-4.4.82-6.6.1 is installed OR ocfs2-kmp-default-4.4.82-6.6.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information cluster-md-kmp-default-4.12.14-94.41 is installed OR dlm-kmp-default-4.12.14-94.41 is installed OR gfs2-kmp-default-4.12.14-94.41 is installed OR ocfs2-kmp-default-4.12.14-94.41 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP1 is installed AND haproxy-2.0.10+git0.ac198b92-8.8 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information ImageMagick-config-6-SUSE-6.8.8.1-71.126 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.126 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.126 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.126 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_43-52_6-default-1-2.3 is installed OR kgraft-patch-3_12_43-52_6-xen-1-2.3 is installed OR kgraft-patch-SLE12_Update_5-1-2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_3-default-2-2.1 is installed OR kgraft-patch-SLE12-SP3_Update_1-2-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information salt-2016.11.4-46.7.1 is installed OR salt-api-2016.11.4-46.7.1 is installed OR salt-bash-completion-2016.11.4-46.7.1 is installed OR salt-cloud-2016.11.4-46.7.1 is installed OR salt-doc-2016.11.4-46.7.1 is installed OR salt-master-2016.11.4-46.7.1 is installed OR salt-minion-2016.11.4-46.7.1 is installed OR salt-proxy-2016.11.4-46.7.1 is installed OR salt-ssh-2016.11.4-46.7.1 is installed OR salt-syndic-2016.11.4-46.7.1 is installed OR salt-zsh-completion-2016.11.4-46.7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND portus-2.2.0-20.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.2-8.1 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.2-8.1 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.2-8.1 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.2-8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-PyYAML-3.10-15.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-11.3 is installed OR php5-5.5.14-11.3 is installed OR php5-bcmath-5.5.14-11.3 is installed OR php5-bz2-5.5.14-11.3 is installed OR php5-calendar-5.5.14-11.3 is installed OR php5-ctype-5.5.14-11.3 is installed OR php5-curl-5.5.14-11.3 is installed OR php5-dba-5.5.14-11.3 is installed OR php5-dom-5.5.14-11.3 is installed OR php5-enchant-5.5.14-11.3 is installed OR php5-exif-5.5.14-11.3 is installed OR php5-fastcgi-5.5.14-11.3 is installed OR php5-fileinfo-5.5.14-11.3 is installed OR php5-fpm-5.5.14-11.3 is installed OR php5-ftp-5.5.14-11.3 is installed OR php5-gd-5.5.14-11.3 is installed OR php5-gettext-5.5.14-11.3 is installed OR php5-gmp-5.5.14-11.3 is installed OR php5-iconv-5.5.14-11.3 is installed OR php5-intl-5.5.14-11.3 is installed OR php5-json-5.5.14-11.3 is installed OR php5-ldap-5.5.14-11.3 is installed OR php5-mbstring-5.5.14-11.3 is installed OR php5-mcrypt-5.5.14-11.3 is installed OR php5-mysql-5.5.14-11.3 is installed OR php5-odbc-5.5.14-11.3 is installed OR php5-openssl-5.5.14-11.3 is installed OR php5-pcntl-5.5.14-11.3 is installed OR php5-pdo-5.5.14-11.3 is installed OR php5-pear-5.5.14-11.3 is installed OR php5-pgsql-5.5.14-11.3 is installed OR php5-pspell-5.5.14-11.3 is installed OR php5-shmop-5.5.14-11.3 is installed OR php5-snmp-5.5.14-11.3 is installed OR php5-soap-5.5.14-11.3 is installed OR php5-sockets-5.5.14-11.3 is installed OR php5-sqlite-5.5.14-11.3 is installed OR php5-suhosin-5.5.14-11.3 is installed OR php5-sysvmsg-5.5.14-11.3 is installed OR php5-sysvsem-5.5.14-11.3 is installed OR php5-sysvshm-5.5.14-11.3 is installed OR php5-tokenizer-5.5.14-11.3 is installed OR php5-wddx-5.5.14-11.3 is installed OR php5-xmlreader-5.5.14-11.3 is installed OR php5-xmlrpc-5.5.14-11.3 is installed OR php5-xmlwriter-5.5.14-11.3 is installed OR php5-xsl-5.5.14-11.3 is installed OR php5-zip-5.5.14-11.3 is installed OR php5-zlib-5.5.14-11.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information OpenEXR-1.6.1-83.17.1 is installed OR OpenEXR-32bit-1.6.1-83.17.1 is installed OR OpenEXR-x86-1.6.1-83.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND mutt-1.5.17-42.33.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.28.2 is installed OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information accountsservice-0.6.35-1 is installed OR accountsservice-lang-0.6.35-1 is installed OR libaccountsservice0-0.6.35-1 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-33.1 is installed OR libMagickCore-6_Q16-1-6.8.8.1-33.1 is installed OR libMagickWand-6_Q16-1-6.8.8.1-33.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libpcsclite1-1.8.10-3 is installed OR pcsc-lite-1.8.10-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND Package Information libunrar-devel-5.6.1-4.5.1 is installed OR libunrar5_6_1-5.6.1-4.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_51-52_34-default-5-2.2 is installed OR kgraft-patch-3_12_51-52_34-xen-5-2.2 is installed OR kgraft-patch-SLE12_Update_10-5-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information kernel-default-4.4.103-92.53 is installed OR kernel-default-base-4.4.103-92.53 is installed OR kernel-default-devel-4.4.103-92.53 is installed OR kernel-devel-4.4.103-92.53 is installed OR kernel-macros-4.4.103-92.53 is installed OR kernel-source-4.4.103-92.53 is installed OR kernel-syms-4.4.103-92.53 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information libldb-devel-3.6.3-76.1 is installed OR libnetapi-devel-3.6.3-76.1 is installed OR libnetapi0-3.6.3-76.1 is installed OR libsmbclient-devel-3.6.3-76.1 is installed OR libsmbsharemodes-devel-3.6.3-76.1 is installed OR libsmbsharemodes0-3.6.3-76.1 is installed OR libtalloc-devel-3.6.3-76.1 is installed OR libtdb-devel-3.6.3-76.1 is installed OR libtevent-devel-3.6.3-76.1 is installed OR libwbclient-devel-3.6.3-76.1 is installed OR samba-3.6.3-76.1 is installed OR samba-devel-3.6.3-76.1 is installed OR samba-test-3.6.3-76.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND wireshark-devel-1.12.7-15 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND alsa-devel-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information python-base-2.7.7-9.3 is installed OR python-devel-2.7.7-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information libmysqlclient_r18-10.0.27-12.1 is installed OR libmysqlclient_r18-32bit-10.0.27-12.1 is installed OR mariadb-10.0.27-12.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information gd-2.1.0-20.1 is installed OR gd-32bit-2.1.0-20.1 is installed

BACK