Oval Definition:oval:org.opensuse.security:def:51386
Revision Date:2020-12-01Version:1
Title:Security update for libarchive (Moderate)
Description:



This update for libarchive fixes the following issues:

- CVE-2017-14501: An out-of-bounds read flaw existed in parse_file_info in archive_read_support_format_iso9660.c when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header. (bsc#1059139) - CVE-2017-14502: read_header in archive_read_support_format_rar.c suffered from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header. (bsc#1059134) - CVE-2017-14503: libarchive suffered from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16. (bsc#1059100)


Family:unixClass:patch
Status:Reference(s):1046299
1046303
1046305
1050244
1050536
1050545
1051510
1055014
1055186
1059100
1059134
1059139
1061840
1061843
1064802
1065600
1065729
1066129
1066382
1071995
1073513
1077428
1082635
1083647
1085030
1086323
1087092
1089644
1090631
1093205
1096254
1097583
1097584
1097585
1097586
1097587
1097588
1098291
1101674
1106279
1109158
1111666
1112178
1113956
1113994
1114279
1117665
1119461
1119465
1123034
1123080
1130840
1131277
1133140
1133452
1134303
1134760
1135642
1135854
1135873
1135967
1137040
1137799
1137861
1138190
1139073
1140090
1140729
1140845
1140883
1141600
1142635
1142667
1143706
1144333
1144338
1144375
1144449
1144903
1145099
1146612
1148410
1148868
1149119
1149853
1150452
1150457
1150465
1150660
1150875
1151508
1151807
1151927
1152033
1152624
1152665
1152685
1152696
1152697
1152788
1152790
1152791
1153108
1153112
1153158
1153161
1153236
1153263
1153476
1153509
1153607
1153646
1153681
1153713
1153717
1153718
1153719
1153811
1153969
1154108
1154189
1154242
1154268
1154354
1154372
1154521
1154578
1154607
1154608
1154610
1154611
1154651
1154737
1154747
1154848
1154858
1154905
1154956
1155061
1155178
1155179
1155184
1155186
1155419
1155671
1158983
1159058
1159913
1160471
1161016
1162002
1162063
1163309
1165631
1166985
1167104
1168081
1168959
1169194
1169514
1169771
1169795
1170011
1170415
1170441
1170442
1170592
1170617
1170618
1171124
1171424
1171529
1171530
1171558
1171732
1171739
1171743
1171753
1171759
1171835
1171841
1171868
1171904
1172247
1172257
1172344
1172458
1172484
1172537
1172538
1172687
1172719
1172759
1172775
1172781
1172782
1172783
1172871
1172872
1172999
1173060
1173074
1173146
1173265
1173280
1173284
1173428
1173432
1173514
1173567
1173573
1173746
1173818
1173820
1173825
1173826
1173833
1173838
1173839
1173845
1173857
1174113
1174115
1174122
1174123
1174157
1174186
1174187
1174296
1174343
1174356
1174386
1174409
1174438
1174462
1174543
1174641
1174748
1174863
1175370
1175441
1176354
1176485
1176494
1176560
1176590
1176713
1176723
1177086
1177101
1177271
1177281
1177410
1177411
1177470
1177687
1177719
1177740
1177749
1177750
1177753
1177754
1177755
1177766
1177855
1177856
1177861
1178003
1178027
1178166
1178185
1178187
1178188
1178202
1178234
1178330
802154
814594
919448
987367
998153
CVE-2007-6600
CVE-2009-4034
CVE-2009-4136
CVE-2010-1169
CVE-2010-1170
CVE-2010-2761
CVE-2010-3433
CVE-2010-4410
CVE-2010-4411
CVE-2010-4777
CVE-2012-0866
CVE-2012-0867
CVE-2012-0868
CVE-2012-2143
CVE-2012-2655
CVE-2012-3488
CVE-2012-3489
CVE-2013-0255
CVE-2013-1899
CVE-2013-1900
CVE-2013-1901
CVE-2013-1988
CVE-2014-0060
CVE-2014-0061
CVE-2014-0062
CVE-2014-0063
CVE-2014-0064
CVE-2014-0065
CVE-2014-0066
CVE-2014-0067
CVE-2014-6272
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
CVE-2015-5288
CVE-2015-5289
CVE-2017-14501
CVE-2017-14502
CVE-2017-14503
CVE-2018-1000656
CVE-2018-12207
CVE-2019-10220
CVE-2019-11135
CVE-2019-15681
CVE-2019-15690
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16995
CVE-2019-17056
CVE-2019-17133
CVE-2019-17666
CVE-2019-20788
CVE-2019-20810
CVE-2019-20908
CVE-2019-5108
CVE-2019-9947
CVE-2020-0305
CVE-2020-0430
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10769
CVE-2020-10773
CVE-2020-10781
CVE-2020-12771
CVE-2020-12888
CVE-2020-13974
CVE-2020-14351
CVE-2020-14364
CVE-2020-14374
CVE-2020-14375
CVE-2020-14376
CVE-2020-14377
CVE-2020-14378
CVE-2020-14416
CVE-2020-14556
CVE-2020-14562
CVE-2020-14573
CVE-2020-14577
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-15393
CVE-2020-15780
CVE-2020-15863
CVE-2020-16092
CVE-2020-16120
CVE-2020-1749
CVE-2020-24352
CVE-2020-25285
CVE-2020-25656
CVE-2020-27673
CVE-2020-27675
CVE-2020-8694
SUSE-SU-2018:3571-1
SUSE-SU-2019:0657-1
SUSE-SU-2019:1352-2
SUSE-SU-2019:2947-1
SUSE-SU-2020:1164-1
SUSE-SU-2020:2103-1
SUSE-SU-2020:2143-1
SUSE-SU-2020:2767-1
SUSE-SU-2020:2877-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Public Cloud 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • kinit-5.45.0-lp150.1 is installed
  • OR kinit-lang-5.45.0-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND libotr2-3.2.0-10.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • flash-player-11.2.202.540-0.23 is installed
  • OR flash-player-gnome-11.2.202.540-0.23 is installed
  • OR flash-player-kde4-11.2.202.540-0.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • gpg2-2.0.9-25.33.41 is installed
  • OR gpg2-lang-2.0.9-25.33.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • perl-5.18.2-3 is installed
  • OR perl-32bit-5.18.2-3 is installed
  • OR perl-base-5.18.2-3 is installed
  • OR perl-doc-5.18.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libXRes1-1.0.7-3 is installed
  • OR libXRes1-32bit-1.0.7-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • gd-2.1.0-12 is installed
  • OR gd-32bit-2.1.0-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • curl-7.37.0-36 is installed
  • OR libcurl4-7.37.0-36 is installed
  • OR libcurl4-32bit-7.37.0-36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • cyrus-sasl-2.1.26-8.7 is installed
  • OR cyrus-sasl-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-crammd5-2.1.26-8.7 is installed
  • OR cyrus-sasl-crammd5-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-digestmd5-2.1.26-8.7 is installed
  • OR cyrus-sasl-digestmd5-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-gssapi-2.1.26-8.7 is installed
  • OR cyrus-sasl-gssapi-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-plain-2.1.26-8.7 is installed
  • OR cyrus-sasl-plain-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-saslauthd-2.1.26-8.7 is installed
  • OR libsasl2-3-2.1.26-8.7 is installed
  • OR libsasl2-3-32bit-2.1.26-8.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • python-Flask-0.12.4-3.3 is installed
  • OR python2-Flask-0.12.4-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND Package Information
  • bsdtar-3.3.2-3.3 is installed
  • OR libarchive-3.3.2-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • python3-base-3.6.8-3.16 is installed
  • OR python3-tools-3.6.8-3.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_28-default-6-2 is installed
  • OR kernel-livepatch-SLE15_Update_8-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.26 is installed
  • OR kernel-default-livepatch-4.12.14-197.26 is installed
  • OR kernel-default-livepatch-devel-4.12.14-197.26 is installed
  • OR kernel-livepatch-4_12_14-197_26-default-1-3.5 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_7-1-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed
  • AND Package Information
  • kernel-azure-4.12.14-8.38 is installed
  • OR kernel-azure-base-4.12.14-8.38 is installed
  • OR kernel-azure-devel-4.12.14-8.38 is installed
  • OR kernel-devel-azure-4.12.14-8.38 is installed
  • OR kernel-source-azure-4.12.14-8.38 is installed
  • OR kernel-syms-azure-4.12.14-8.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • qemu-4.2.1-11.10 is installed
  • OR qemu-arm-4.2.1-11.10 is installed
  • OR qemu-audio-alsa-4.2.1-11.10 is installed
  • OR qemu-audio-pa-4.2.1-11.10 is installed
  • OR qemu-block-curl-4.2.1-11.10 is installed
  • OR qemu-block-iscsi-4.2.1-11.10 is installed
  • OR qemu-block-rbd-4.2.1-11.10 is installed
  • OR qemu-block-ssh-4.2.1-11.10 is installed
  • OR qemu-guest-agent-4.2.1-11.10 is installed
  • OR qemu-ipxe-1.0.0+-11.10 is installed
  • OR qemu-kvm-4.2.1-11.10 is installed
  • OR qemu-lang-4.2.1-11.10 is installed
  • OR qemu-microvm-4.2.1-11.10 is installed
  • OR qemu-ppc-4.2.1-11.10 is installed
  • OR qemu-s390-4.2.1-11.10 is installed
  • OR qemu-seabios-1.12.1+-11.10 is installed
  • OR qemu-sgabios-8-11.10 is installed
  • OR qemu-ui-curses-4.2.1-11.10 is installed
  • OR qemu-ui-gtk-4.2.1-11.10 is installed
  • OR qemu-ui-spice-app-4.2.1-11.10 is installed
  • OR qemu-vgabios-1.12.1+-11.10 is installed
  • OR qemu-x86-4.2.1-11.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • pam-modules-12.1-23 is installed
  • OR pam-modules-32bit-12.1-23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_48-default-3-2 is installed
  • OR kgraft-patch-3_12_74-60_64_48-xen-3-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_17-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libIlmImf-Imf_2_1-21-2.1.0-4 is installed
  • OR openexr-2.1.0-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • openslp-2.0.0-18.17 is installed
  • OR openslp-32bit-2.0.0-18.17 is installed
  • OR openslp-server-2.0.0-18.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • gpg2-2.0.24-9.3 is installed
  • OR gpg2-lang-2.0.24-9.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND clamav-0.100.2-33.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • bash-4.3-82 is installed
  • OR bash-doc-4.3-82 is installed
  • OR libreadline6-6.3-82 is installed
  • OR libreadline6-32bit-6.3-82 is installed
  • OR readline-doc-6.3-82 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.15 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed
  • OR sqlite3-3.8.10.2-9.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_61-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_19-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_69-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed
  • OR openssl-1.0.2j-60.39 is installed
  • OR openssl-doc-1.0.2j-60.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND libmodplug1-0.8.9.0+git20170610.f6dd59a-15.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • dpdk-18.11.9-3.25 is installed
  • OR dpdk-devel-18.11.9-3.25 is installed
  • OR dpdk-kmp-default-18.11.9_k4.12.14_150.58-3.25 is installed
  • OR dpdk-thunderx-18.11.9-3.25 is installed
  • OR dpdk-thunderx-devel-18.11.9-3.25 is installed
  • OR dpdk-thunderx-kmp-default-18.11.9_k4.12.14_150.58-3.25 is installed
  • OR dpdk-tools-18.11.9-3.25 is installed
  • OR libdpdk-18_11-18.11.9-3.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • java-11-openjdk-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-demo-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-devel-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-headless-11.0.8.0-3.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.14 is installed
  • OR libvncclient0-0.9.10-4.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed
  • OR openssl-1.0.2j-60.30 is installed
  • OR openssl-doc-1.0.2j-60.30 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND cobbler-2.6.6-49.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • BACK