OVAL Reference oval:org.opensuse.security:def:51376

Oval Definition:

oval:org.opensuse.security:def:51376

Revision Date:	2020-12-01	Version:	1
Title:	Security update for libzypp, zypper (Important)
Description:	This update for libzypp, zypper, libsolv provides the following fixes: Security fixes in libzypp: - CVE-2018-7685: PackageProvider: Validate RPMs before caching (bsc#1091624, bsc#1088705) - CVE-2017-9269: Be sure bad packages do not stay in the cache (bsc#1045735) Changes in libzypp: - Update to version 17.6.4 - Automatically fetch repository signing key from gpgkey url (bsc#1088037) - lsof: use '-K i' if lsof supports it (bsc#1099847,bsc#1036304) - Check for not imported keys after multi key import from rpmdb (bsc#1096217) - Flags: make it std=c++14 ready - Ignore /var, /tmp and /proc in zypper ps. (bsc#1096617) - Show GPGME version in log - Adapt to changes in libgpgme11-11.1.0 breaking the signature verification (bsc#1100427) - RepoInfo::provideKey: add report telling where we look for missing keys. - Support listing gpgkey URLs in repo files (bsc#1088037) - Add new report to request user approval for importing a package key - Handle http error 502 Bad Gateway in curl backend (bsc#1070851) - Add filesize check for downloads with known size (bsc#408814) - Removed superfluous space in translation (bsc#1102019) - Prevent the system from sleeping during a commit - RepoManager: Explicitly request repo2solv to generate application pseudo packages. - libzypp-devel should not require cmake (bsc#1101349) - Avoid zombies from ExternalProgram - Update ApiConfig - HardLocksFile: Prevent against empty commit without Target having been been loaded (bsc#1096803) - lsof: use '-K i' if lsof supports it (bsc#1099847) - Add filesize check for downloads with known size (bsc#408814) - Fix detection of metalink downloads and prevent aborting if a metalink file is larger than the expected data file. - Require libsolv-devel >= 0.6.35 during build (fixing bsc#1100095) - Make use of %license macro (bsc#1082318) Security fix in zypper: - CVE-2017-9269: Improve signature check callback messages (bsc#1045735) Changes in zypper: - Always set error status if any nr of unknown repositories are passed to lr and ref (bsc#1093103) - Notify user about unsupported rpm V3 keys in an old rpm database (bsc#1096217) - Detect read only filesystem on system modifying operations (fixes #199) - Use %license (bsc#1082318) - Handle repo aliases containing multiple ':' in the PackageArgs parser (bsc #1041178) - Fix broken display of detailed query results. - Fix broken search for items with a dash. (bsc#907538, bsc#1043166, bsc#1070770) - Disable repository operations when searching installed packages. (bsc#1084525) - Prevent nested calls to exit() if aborted by a signal. (bsc#1092413) - ansi.h: Prevent ESC sequence strings from going out of scope. (bsc#1092413) - Fix some translation errors. - Support listing gpgkey URLs in repo files (bsc#1088037) - Check for root privileges in zypper verify and si (bsc#1058515) - XML attribute `packages-to-change` added (bsc#1102429) - Add expert (allow-*) options to all installer commands (bsc#428822) - Sort search results by multiple columns (bsc#1066215) - man: Strengthen that `--config FILE' affects zypper.conf, not zypp.conf (bsc#1100028) - Set error status if repositories passed to lr and ref are not known (bsc#1093103) - Do not override table style in search - Fix out of bound read in MbsIterator - Add --supplements switch to search and info - Add setter functions for zypp cache related config values to ZConfig Changes in libsolv: - convert repo2solv.sh script into a binary tool - Make use of %license macro (bsc#1082318)
Family:	unix	Class:	patch
Status:		Reference(s):	1013712 1036304 1041178 1043166 1045735 1051510 1055117 1058515 1065729 1066215 1070770 1070851 1071995 1082318 1083647 1083710 1084525 1088037 1088047 1088705 1091624 1091942 1092413 1093103 1094555 1096217 1096617 1096803 1098633 1099847 1100028 1100095 1100427 1101349 1102019 1102429 1103990 1103991 1103992 1104745 1106383 1109837 1111666 1112374 1114279 1114685 1119113 1119222 1119532 1120423 1123080 1125703 1127034 1127315 1127611 1128432 1128902 1129770 1130836 1132390 1133021 1133401 1133738 1134090 1134097 1134390 1134395 1134399 1134730 1134738 1135153 1135296 1135335 1135556 1135642 1135897 1136156 1136157 1136161 1136217 1136264 1136271 1136333 1136342 1136343 1136345 1136348 1136460 1136461 1136462 1136467 1137103 1137194 1137224 1137366 1137429 1137458 1137534 1137535 1137584 1137586 1137609 1137625 1137728 1137811 1137827 1137884 1137985 1138263 1138291 1138293 1138336 1138374 1138375 1138589 1138681 1138719 1138732 1138874 1138879 1139358 1139619 1139712 1139751 1139771 1139865 1140133 1140139 1140228 1140322 1140328 1140405 1140424 1140428 1140454 1140463 1140559 1140575 1140577 1140637 1140652 1140658 1140676 1140683 1140715 1140719 1140726 1140727 1140728 1140814 1140887 1140888 1140889 1140891 1140893 1140903 1140945 1140948 1140954 1140955 1140956 1140957 1140958 1140959 1140960 1140961 1140962 1140964 1140971 1140972 1140992 1141312 1141401 1141402 1141452 1141453 1141454 1141478 1141558 1142023 1142052 1142083 1142112 1142115 1142119 1142220 1142221 1142265 1142350 1142351 1142354 1142359 1142450 1142623 1142673 1142701 1142868 1143003 1143105 1143185 1143189 1143191 1143209 1143507 1149841 1151021 1154063 1156402 1172356 1172538 1173580 1174543 1174748 1175520 1175992 1176012 1176072 1176382 1176400 1176896 1176946 1177027 1177340 1177511 1177685 1177724 1177725 408814 428822 907538 CVE-2009-0159 CVE-2009-1252 CVE-2011-0460 CVE-2013-1989 CVE-2013-1990 CVE-2013-1999 CVE-2013-2066 CVE-2013-5211 CVE-2016-9798 CVE-2017-9269 CVE-2018-10689 CVE-2018-16871 CVE-2018-20836 CVE-2018-20855 CVE-2018-7685 CVE-2019-10638 CVE-2019-10639 CVE-2019-1125 CVE-2019-11478 CVE-2019-11599 CVE-2019-11810 CVE-2019-12614 CVE-2019-12817 CVE-2019-12818 CVE-2019-12819 CVE-2019-13233 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-14835 CVE-2019-2201 CVE-2020-0431 CVE-2020-12351 CVE-2020-12352 CVE-2020-14381 CVE-2020-14386 CVE-2020-24394 CVE-2020-25212 CVE-2020-25645 CVE-2020-4044 SUSE-SU-2018:2690-1 SUSE-SU-2019:0919-1 SUSE-SU-2019:2069-1 SUSE-SU-2019:2971-1 SUSE-SU-2019:3046-1 SUSE-SU-2020:1933-1 SUSE-SU-2020:2160-1 SUSE-SU-2020:2583-1 SUSE-SU-2020:2972-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND iputils-s20161105-lp150.5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information kernel-default-3.0.101-0.7.17 is installed OR kernel-default-base-3.0.101-0.7.17 is installed OR kernel-default-devel-3.0.101-0.7.17 is installed OR kernel-default-extra-3.0.101-0.7.17 is installed OR kernel-pae-3.0.101-0.7.17 is installed OR kernel-pae-base-3.0.101-0.7.17 is installed OR kernel-pae-devel-3.0.101-0.7.17 is installed OR kernel-pae-extra-3.0.101-0.7.17 is installed OR kernel-source-3.0.101-0.7.17 is installed OR kernel-syms-3.0.101-0.7.17 is installed OR kernel-trace-3.0.101-0.7.17 is installed OR kernel-trace-base-3.0.101-0.7.17 is installed OR kernel-trace-devel-3.0.101-0.7.17 is installed OR kernel-trace-extra-3.0.101-0.7.17 is installed OR kernel-xen-3.0.101-0.7.17 is installed OR kernel-xen-base-3.0.101-0.7.17 is installed OR kernel-xen-devel-3.0.101-0.7.17 is installed OR kernel-xen-extra-3.0.101-0.7.17 is installed OR xen-kmp-default-4.1.6_04_3.0.101_0.7.17-0.5 is installed OR xen-kmp-pae-4.1.6_04_3.0.101_0.7.17-0.5 is installed OR xen-kmp-trace-4.1.6_04_3.0.101_0.7.17-0.5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.2.0esr-0.7 is installed OR MozillaFirefox-branding-SLED-24-0.7 is installed OR MozillaFirefox-translations-24.2.0esr-0.7 is installed OR libfreebl3-3.15.3.1-0.7 is installed OR libfreebl3-32bit-3.15.3.1-0.7 is installed OR libsoftokn3-3.15.3.1-0.7 is installed OR libsoftokn3-32bit-3.15.3.1-0.7 is installed OR mozilla-nss-3.15.3.1-0.7 is installed OR mozilla-nss-32bit-3.15.3.1-0.7 is installed OR mozilla-nss-tools-3.15.3.1-0.7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.559-0.32 is installed OR flash-player-gnome-11.2.202.559-0.32 is installed OR flash-player-kde4-11.2.202.559-0.32 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information ntp-4.2.6p5-24 is installed OR ntp-doc-4.2.6p5-24 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND kbd-1.15.5-8.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information evince-3.20.1-5 is installed OR evince-browser-plugin-3.20.1-5 is installed OR evince-lang-3.20.1-5 is installed OR evince-plugin-djvudocument-3.20.1-5 is installed OR evince-plugin-dvidocument-3.20.1-5 is installed OR evince-plugin-pdfdocument-3.20.1-5 is installed OR evince-plugin-psdocument-3.20.1-5 is installed OR evince-plugin-tiffdocument-3.20.1-5 is installed OR evince-plugin-xpsdocument-3.20.1-5 is installed OR libevdocument3-4-3.20.1-5 is installed OR libevview3-3-3.20.1-5 is installed OR nautilus-evince-3.20.1-5 is installed OR typelib-1_0-EvinceDocument-3_0-3.20.1-5 is installed OR typelib-1_0-EvinceView-3_0-3.20.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND coolkey-1.1.0-147 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information cpio-2.11-36.3 is installed OR cpio-lang-2.11-36.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND libjpeg-turbo-1.5.3-5.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information libsolv-0.6.35-3.5 is installed OR perl-solv-0.6.35-3.5 is installed OR python3-solv-0.6.35-3.5 is installed OR ruby-solv-0.6.35-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_25-default-6-2 is installed OR kernel-livepatch-SLE15_Update_7-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_15-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_4-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information kernel-azure-4.12.14-8.13 is installed OR kernel-azure-base-4.12.14-8.13 is installed OR kernel-azure-devel-4.12.14-8.13 is installed OR kernel-devel-azure-4.12.14-8.13 is installed OR kernel-source-azure-4.12.14-8.13 is installed OR kernel-syms-azure-4.12.14-8.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information xen-4.13.1_06-3.7 is installed OR xen-devel-4.13.1_06-3.7 is installed OR xen-tools-4.13.1_06-3.7 is installed OR xen-tools-xendomains-wait-disk-4.13.1_06-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ntp-4.2.8p4-1 is installed OR ntp-doc-4.2.8p4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information postgresql94-9.4.13-21.5 is installed OR postgresql94-contrib-9.4.13-21.5 is installed OR postgresql94-docs-9.4.13-21.5 is installed OR postgresql94-server-9.4.13-21.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.50-28 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr3.50-28 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr3.50-28 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr3.50-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libXcursor-1.1.14-4.6 is installed OR libXcursor1-1.1.14-4.6 is installed OR libXcursor1-32bit-1.1.14-4.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND libksba8-1.3.0-23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information avahi-0.6.32-5.8 is installed OR avahi-compat-howl-devel-0.6.32-5.8 is installed OR avahi-compat-mDNSResponder-devel-0.6.32-5.8 is installed OR avahi-glib2-0.6.32-5.8 is installed OR avahi-lang-0.6.32-5.8 is installed OR avahi-utils-0.6.32-5.8 is installed OR libavahi-client3-0.6.32-5.8 is installed OR libavahi-client3-32bit-0.6.32-5.8 is installed OR libavahi-common3-0.6.32-5.8 is installed OR libavahi-common3-32bit-0.6.32-5.8 is installed OR libavahi-core7-0.6.32-5.8 is installed OR libavahi-devel-0.6.32-5.8 is installed OR libavahi-glib-devel-0.6.32-5.8 is installed OR libavahi-glib1-0.6.32-5.8 is installed OR libavahi-gobject0-0.6.32-5.8 is installed OR libavahi-ui-gtk3-0-0.6.32-5.8 is installed OR libavahi-ui0-0.6.32-5.8 is installed OR libdns_sd-0.6.32-5.8 is installed OR libhowl0-0.6.32-5.8 is installed OR typelib-1_0-Avahi-0_6-0.6.32-5.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libpainter0-0.9.6-4.8 is installed OR librfxencode0-0.9.6-4.8 is installed OR xrdp-0.9.6-4.8 is installed OR xrdp-devel-0.9.6-4.8 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information bluez-5.48-5.19 is installed OR bluez-cups-5.48-5.19 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libgcrypt-1.6.1-16.68 is installed OR libgcrypt20-1.6.1-16.68 is installed OR libgcrypt20-32bit-1.6.1-16.68 is installed OR libgcrypt20-hmac-1.6.1-16.68 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed

BACK