OVAL Reference oval:org.opensuse.security:def:51029

Oval Definition:

oval:org.opensuse.security:def:51029

Revision Date:	2020-12-01	Version:	1
Title:	Security update for cf-cli (Moderate)
Description:	This update for cf-cli fixes the following issues: cf-cli was updated: to version 6.43.0 (bsc#1132242) Enhancements : - `cf curl` supports a new `--fail` flag (primarily for scripting purposes) which returns exit code `22` for server errors [story](https://www.pivotaltracker.com/story/show/130060949) - Improves `cf delete-orphaned-routes` such that it uses a different endpoint, reducing the chance of a race condition when two users are simultaneously deleting orphaned routes and associating routes with applications [story](https://www.pivotaltracker.com/story/show/163156064) - we've improved the speed of cf services - it now hits a single endpoint instead of making individual API calls Security: - CVE-2019-3781: CF CLI does not sanitize user’s password in verbose/trace/debug. - Fixes issue with running cf login in verbose mode whereby passwords which contains regex were not completely redacted - Fixes issue whilst running commands in verbose mode refresh tokens were not completely redacted Other Bug Fixes: - Updates help text for cf curlstory - Now refresh tokens work properly whilst using cf curl with V3 CC API endpoints story - Fixes performance degradation for cf services story - cf delete-service requires that you are targeting a space story - cf enable-service access for a service in an org will succeed if you have already enabled access for that service in that org story cf-cli was updated to version 6.42.0: Minor Enhancements: - updated `cf restage` help text and the first line in the command's output to indicate that using this command will cause app downtime [story](https://www.pivotaltracker.com/story/show/151841382) - updated the `cf bind-route-service` help text to clarify usage instructions [story](https://www.pivotaltracker.com/story/show/150111078) - improved an error message for `cf create-service-boker` to be more helpful when the CC API returns a `502` due to an invalid service broker catalog - upgraded to Golang 1.11.4 [story](https://www.pivotaltracker.com/story/show/162745359) - added a short name `ue` for `cf unset-env` [story](https://www.pivotaltracker.com/story/show/161632713) - updated `cf marketplace` command to include a new `broker` column to prepare for a upcoming services-related feature which will allow services to have the same name as long as they are associated with different service brokers [story](https://www.pivotaltracker.com/story/show/162699756) Bugs: - fix for `cf enable-service-access -p plan` whereby when we refactored the code in CLI `v6.41.0` it created service plan visibilities as part of a subsequent run of the command (the unrefactored code skipped creating the service plan visibilities); now the command will skip creating service plan visibilities as it did prior to the refactor [story](https://www.pivotaltracker.com/story/show/162747373) - updated the `cf rename-buildpack` help text which was missing reference to the `-s` stack flag [story](https://www.pivotaltracker.com/story/show/162428661) - updated help text for when users use `brew search cloudfoundry-cli` [story](https://www.pivotaltracker.com/story/show/161770940) - now when you run `cf service service-instance` for a route service, the route service url appears in the key value table [story](https://www.pivotaltracker.com/story/show/162498211) Update to version 6.41.0: Enhancements: - updated `cf --help` to include the `delete` command [story](https://www.pivotaltracker.com/story/show/161556511) Update to version 6.40.1: Bug Fixes: - Updates the minimum version for the buildpacks-stacks association feature. In [CLI v6.39.0](https://github.com/cloudfoundry/cli/releases/tag/v6.39.0), when the feature was released, we incorrectly set the minimum to cc api version as`2.114`. The minimum cc api version is now correctly set to [`2.112`](https://github.com/cloudfoundry/capi-release/releases/tag/1.58.0). [story](https://www.pivotaltracker.com/story/show/161464797) - Fixes a bug with inspecting a service instance `cf service service-instance`, now the `documentation` url displays correctly for services which populate that field [story](https://www.pivotaltracker.com/story/show/161251875) Update to version 6.40.0: Bug Fixes: - Fix bug where trailing slash on cf api would break listing commands for older CC APIs story. For older versions of CC API, if the API URL had a trailing slash, some requests would fail with an 'Unknown request' error. These requests are now handled properly. Update to version 6.39.0: Enhancements: - for users on cc api 3.27, cf start is enhanced to display the new cf app v3 output. For users on cc api 3.27 or lower, users will see the same v2 output. Note that if you use v3 commands to create and start your app, if you subsequently use cf stop and cf start, the routes property in cf app will not populate even though the route exists story - for users on cc api 3.27, cf restart is enhanced to display the new cf app v3 output. For users on cc api 3.27 or lower, users will see the same v2 output. story - for users on cc api 3.27, cf restage is enhanced to display the new cf app v3 output. For users on cc api 3.27 or lower, users will see the same v2 output. story - improved help text for -d domains for cf push to include examples of usage story - cf v3-scale displays additional app information story - if you've created an internal domain, and it is the first domain in cc, the CLI will now ignore the internal domain and instead choose the next non-internal domain when you push an app story Bug Fixes: - Fix for users on macOS attempting to brew install cf-cli the CF CLI using the unreleased master branch of Homebrew story - Fixes an issue whereby, due to a recent cc api change, when you execute cf push and watch the cf app command, the app display returned a 400 error story - Fixes a bug whereby if you logged in using client credentials, cf auth user pass --client credentials you were unable to create an org; now create-org will assign the role to the user id specified in your manifest story - fixes an issue introduced when we refactored cf start and as part of that work, we stopped blocking on the initial connection with the logging backend; now the CLI blocks until the NOAA connection is made, or the default dial timeout of five seconds is reached story update to version 6.38.0: Enhancements: - v3-ssh process type now defaults to web story - Support added for setting tags for user provided service instances story - Now a warning appears if you attempt to use deprecated properties and variable substitution story - Updated usage so now you can rename the cf binary use it with every command story - cf events now displays the Diego cell_id and instance guid in crash events story - Includes cf service service-instance table display improvements wherein the service instance information is now grouped separately from the binding information story - cf service service-instance table display information for user provided services changed: status has been added to the table story Bug Fixes: - the CLI now properly handles escaped commas in the X-Cf-Warnings header Update to version 6.37.0: Enhancements - The api/cloudcontroller/ccv2 package has been updated with more functions #1343 - Now a warning appears if you are using a API version older than 2.69.0, which is no longer officially supported - Now the CLI reads the username and password from the environment variables #1358 Bug Fixes: - Fixes bug whereby X-Cf-Warnings were not being unescaped when displayed to user #1361 - When using CF_TRACE=1, passwords are now sanitized #1375 and tracker Update to version 6.36.0: Bug Fixes: - int64 support for cf/flags library, #1333 - Debian package, #1336 - Web action flag not working on CLI 0.6.5, #1337 - When a cf push upload fails/Consul is down, a panic occurs, #1340 and #1351 update to version 6.35.2: Bug Fixes: - Providing a clearer services authorization warning message when a service has been disabled for the organization, fixing #1344
Family:	unix	Class:	patch
Status:		Reference(s):	1103676 1118367 1118368 1129991 1132242 1138687 1143913 1144903 1152763 1153108 1153158 1153161 1153921 1166066 1166916 1172442 1172443 1172686 1172698 1172704 1172728 1173157 1173477 1173576 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1173937 1174139 1174157 1174633 1174635 1174638 1174955 1175465 1175478 1176430 1177155 1177943 1178890 1178891 935393 CVE-2015-3243 CVE-2017-18922 CVE-2018-1000223 CVE-2018-21247 CVE-2019-10215 CVE-2019-10220 CVE-2019-17133 CVE-2019-20839 CVE-2019-20840 CVE-2019-3695 CVE-2019-3696 CVE-2019-3781 CVE-2019-6471 CVE-2020-0034 CVE-2020-11080 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 CVE-2020-15095 CVE-2020-15708 CVE-2020-25637 CVE-2020-27745 CVE-2020-27746 CVE-2020-7598 CVE-2020-8023 CVE-2020-8174 SUSE-SU-2018:1937-2 SUSE-SU-2018:3068-1 SUSE-SU-2019:1220-1 SUSE-SU-2019:2550-1 SUSE-SU-2020:0357-1 SUSE-SU-2020:1297-2 SUSE-SU-2020:1900-1 SUSE-SU-2020:1922-1 SUSE-SU-2020:2241-1 SUSE-SU-2020:2800-1 SUSE-SU-2020:3460-1 SUSE-SU-2020:3505-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for CAP 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information gtk2-2.18.9-0.23 is installed OR gtk2-32bit-2.18.9-0.23 is installed OR gtk2-devel-2.18.9-0.23 is installed OR gtk2-lang-2.18.9-0.23 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libtiff3-3.8.2-141.160 is installed OR libtiff3-32bit-3.8.2-141.160 is installed OR tiff-3.8.2-141.160 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libpython2_7-1_0-2.7.7-2 is installed OR libpython2_7-1_0-32bit-2.7.7-2 is installed OR python-base-2.7.7-2 is installed OR python-devel-2.7.7-2 is installed OR python-xml-2.7.7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information e2fsprogs-1.42.11-7 is installed OR libcom_err2-1.42.11-7 is installed OR libcom_err2-32bit-1.42.11-7 is installed OR libext2fs2-1.42.11-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bash-4.3-78 is installed OR bash-doc-4.3-78 is installed OR bash-lang-4.3-78 is installed OR libreadline6-6.3-78 is installed OR libreadline6-32bit-6.3-78 is installed OR readline-doc-6.3-78 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information finch-2.12.0-3.3 is installed OR libpurple-2.12.0-3.3 is installed OR libpurple-branding-upstream-2.12.0-3.3 is installed OR libpurple-lang-2.12.0-3.3 is installed OR libpurple-plugin-sametime-2.12.0-3.3 is installed OR libpurple-tcl-2.12.0-3.3 is installed OR pidgin-2.12.0-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information libvpx-1.6.1-6.6 is installed OR vpx-tools-1.6.1-6.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for CAP 15 is installed AND cf-cli-6.43.0-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information libSoundTouch0-1.8.0-3.3 is installed OR soundtouch-1.8.0-3.3 is installed OR soundtouch-devel-1.8.0-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed AND Package Information libpmi0-18.08.9-3.16 is installed OR libslurm33-18.08.9-3.16 is installed OR perl-slurm-18.08.9-3.16 is installed OR slurm-18.08.9-3.16 is installed OR slurm-auth-none-18.08.9-3.16 is installed OR slurm-config-18.08.9-3.16 is installed OR slurm-config-man-18.08.9-3.16 is installed OR slurm-devel-18.08.9-3.16 is installed OR slurm-doc-18.08.9-3.16 is installed OR slurm-lua-18.08.9-3.16 is installed OR slurm-munge-18.08.9-3.16 is installed OR slurm-node-18.08.9-3.16 is installed OR slurm-pam_slurm-18.08.9-3.16 is installed OR slurm-plugins-18.08.9-3.16 is installed OR slurm-slurmdbd-18.08.9-3.16 is installed OR slurm-sql-18.08.9-3.16 is installed OR slurm-sview-18.08.9-3.16 is installed OR slurm-torque-18.08.9-3.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-openjdk-1.8.0.272-3.42 is installed OR java-1_8_0-openjdk-demo-1.8.0.272-3.42 is installed OR java-1_8_0-openjdk-devel-1.8.0.272-3.42 is installed OR java-1_8_0-openjdk-headless-1.8.0.272-3.42 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_17-default-5-2 is installed OR kernel-livepatch-SLE15_Update_10-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information openldap2-2.4.46-9.31 is installed OR openldap2-back-sock-2.4.46-9.31 is installed OR openldap2-back-sql-2.4.46-9.31 is installed OR openldap2-contrib-2.4.46-9.31 is installed OR openldap2-doc-2.4.46-9.31 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information rsyslog-8.33.1-3.3 is installed OR rsyslog-module-gssapi-8.33.1-3.3 is installed OR rsyslog-module-mysql-8.33.1-3.3 is installed OR rsyslog-module-pgsql-8.33.1-3.3 is installed OR rsyslog-module-relp-8.33.1-3.3 is installed OR rsyslog-module-snmp-8.33.1-3.3 is installed OR rsyslog-module-udpspoof-8.33.1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information bind-9.11.2-12.13 is installed OR bind-chrootenv-9.11.2-12.13 is installed OR bind-doc-9.11.2-12.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed AND Package Information nodejs8-8.17.0-10.3 is installed OR nodejs8-devel-8.17.0-10.3 is installed OR nodejs8-docs-8.17.0-10.3 is installed OR npm8-8.17.0-10.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information sysconfig-0.83.8-7 is installed OR sysconfig-netconfig-0.83.8-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_45-default-6-2 is installed OR kgraft-patch-3_12_74-60_64_45-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_16-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND busybox-1.21.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND binutils-2.32-9.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180425-13.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libdcerpc-atsvc0-4.2.4-28.29 is installed OR samba-4.2.4-28.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information fetchmail-6.3.26-12 is installed OR fetchmailconf-6.3.26-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND sudo-1.8.20p2-3.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND iputils-s20121221-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libpcp-devel-3.11.9-5.8 is installed OR libpcp3-3.11.9-5.8 is installed OR libpcp_gui2-3.11.9-5.8 is installed OR libpcp_import1-3.11.9-5.8 is installed OR libpcp_mmv1-3.11.9-5.8 is installed OR libpcp_trace2-3.11.9-5.8 is installed OR libpcp_web1-3.11.9-5.8 is installed OR pcp-3.11.9-5.8 is installed OR pcp-conf-3.11.9-5.8 is installed OR pcp-devel-3.11.9-5.8 is installed OR pcp-doc-3.11.9-5.8 is installed OR pcp-import-iostat2pcp-3.11.9-5.8 is installed OR pcp-import-mrtg2pcp-3.11.9-5.8 is installed OR pcp-import-sar2pcp-3.11.9-5.8 is installed OR perl-PCP-LogImport-3.11.9-5.8 is installed OR perl-PCP-LogSummary-3.11.9-5.8 is installed OR perl-PCP-MMV-3.11.9-5.8 is installed OR perl-PCP-PMDA-3.11.9-5.8 is installed OR python-pcp-3.11.9-5.8 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information xorg-x11-server-1.20.3-14.5 is installed OR xorg-x11-server-wayland-1.20.3-14.5 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information MozillaThunderbird-68.10.0-3.88 is installed OR MozillaThunderbird-translations-common-68.10.0-3.88 is installed OR MozillaThunderbird-translations-other-68.10.0-3.88 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information openstack-glance-13.0.1~a0~dev6-4.3 is installed OR openstack-glance-api-13.0.1~a0~dev6-4.3 is installed OR openstack-glance-doc-13.0.1~a0~dev6-4.3 is installed OR openstack-glance-glare-13.0.1~a0~dev6-4.3 is installed OR openstack-glance-registry-13.0.1~a0~dev6-4.3 is installed OR python-glance-13.0.1~a0~dev6-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ibus-1.5.13-15.11 is installed OR ibus-gtk-1.5.13-15.11 is installed OR ibus-gtk3-1.5.13-15.11 is installed OR ibus-lang-1.5.13-15.11 is installed OR libibus-1_0-5-1.5.13-15.11 is installed OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed

BACK