Oval Definition:oval:org.opensuse.security:def:51417
Revision Date:2020-12-01Version:1
Title:Security update for openldap2 (Moderate)
Description:

This update for openldap2 fixes the following issues:

Security issue fixed:

- CVE-2019-13565: Fixed an authentication bypass when using SASL authentication and session encryption (bsc#1143194). - CVE-2019-13057: Fixed an issue with delegated database admin privileges (bsc#1143273). - CVE-2017-17740: When both the nops module and the member of overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. (bsc#1073313)

Non-security issues fixed:

- Fixed broken shebang line in openldap_update_modules_path.sh (bsc#1114845). - Create files in /var/lib/ldap/ during initial start to allow for transactional updates (bsc#1111388) - Fixed incorrect post script call causing tmpfiles creation not to be run (bsc#1111388).
Family:unixClass:patch
Status:Reference(s):1051510
1055014
1055186
1061843
1065600
1065729
1071995
1073313
1077428
1083647
1085030
1109911
1111388
1111666
1113956
1114279
1114845
1118338
1120386
1127532
1129923
1134760
1137325
1142685
1143194
1143273
1144903
1145051
1145929
1148868
1152489
1153108
1153158
1153161
1154661
1157424
1158983
1159037
1159198
1159199
1159973
1161561
1161951
1162171
1163102
1163103
1163104
1163403
1163897
1164284
1164777
1164780
1164893
1165019
1165182
1165185
1165211
1165823
1165949
1166780
1166860
1166861
1166862
1166864
1166866
1166867
1166868
1166870
1166940
1166982
1167005
1167216
1167288
1167290
1167316
1167421
1167423
1167627
1167629
1168075
1168202
1168273
1168276
1168295
1168367
1168424
1168443
1168486
1168552
1168760
1168762
1168763
1168764
1168765
1168829
1168854
1168881
1168884
1168952
1169013
1169057
1169307
1169308
1169390
1169512
1169514
1169625
1171252
1171254
1171746
1172437
1173477
1173691
1173694
1173700
1173701
1173743
1173874
1173875
1173876
1173880
1174748
1174969
1175052
1175898
1176485
1176713
1176733
1177086
1177353
1177410
1177411
1177470
1177739
1177749
1177750
1177754
1177755
1177765
1177814
1177817
1177854
1177855
1177856
1177861
1178002
1178079
1178246
CVE-2006-7250
CVE-2008-5077
CVE-2009-0590
CVE-2009-0591
CVE-2009-0789
CVE-2009-1377
CVE-2009-1378
CVE-2009-1379
CVE-2009-1386
CVE-2009-1387
CVE-2009-3245
CVE-2009-3555
CVE-2009-4355
CVE-2009-5146
CVE-2010-0740
CVE-2010-0742
CVE-2010-1633
CVE-2010-2939
CVE-2010-3864
CVE-2010-4180
CVE-2010-4252
CVE-2010-5298
CVE-2011-0014
CVE-2011-1000
CVE-2011-1946
CVE-2011-3207
CVE-2011-3210
CVE-2011-4108
CVE-2011-4109
CVE-2011-4354
CVE-2011-4576
CVE-2011-4577
CVE-2011-4619
CVE-2011-5095
CVE-2012-0027
CVE-2012-0050
CVE-2012-0884
CVE-2012-1165
CVE-2012-2110
CVE-2012-2131
CVE-2012-2333
CVE-2012-2686
CVE-2012-4929
CVE-2013-0166
CVE-2013-0169
CVE-2013-1431
CVE-2013-4353
CVE-2013-6449
CVE-2013-6450
CVE-2014-0076
CVE-2014-0160
CVE-2014-0195
CVE-2014-0198
CVE-2014-0221
CVE-2014-0224
CVE-2014-3470
CVE-2014-3505
CVE-2014-3506
CVE-2014-3507
CVE-2014-3508
CVE-2014-3509
CVE-2014-3510
CVE-2014-3511
CVE-2014-3512
CVE-2014-3513
CVE-2014-3566
CVE-2014-3567
CVE-2014-3568
CVE-2014-3570
CVE-2014-3571
CVE-2014-3572
CVE-2014-5139
CVE-2014-8275
CVE-2015-0204
CVE-2015-0205
CVE-2015-0206
CVE-2015-0209
CVE-2015-0286
CVE-2015-0287
CVE-2015-0288
CVE-2015-0289
CVE-2015-0292
CVE-2015-0293
CVE-2015-1788
CVE-2015-1789
CVE-2015-1790
CVE-2015-1791
CVE-2015-1792
CVE-2015-3216
CVE-2015-4000
CVE-2017-17740
CVE-2017-18922
CVE-2018-1000199
CVE-2018-21247
CVE-2019-10220
CVE-2019-13057
CVE-2019-13565
CVE-2019-15604
CVE-2019-15605
CVE-2019-15606
CVE-2019-17133
CVE-2019-18218
CVE-2019-19770
CVE-2019-20839
CVE-2019-20840
CVE-2019-3701
CVE-2019-5737
CVE-2019-9458
CVE-2020-10757
CVE-2020-10942
CVE-2020-11494
CVE-2020-11669
CVE-2020-12653
CVE-2020-12654
CVE-2020-14351
CVE-2020-14397
CVE-2020-14398
CVE-2020-14399
CVE-2020-14400
CVE-2020-14401
CVE-2020-14402
CVE-2020-16120
CVE-2020-25285
CVE-2020-26117
CVE-2020-8834
SUSE-SU-2019:0627-1
SUSE-SU-2019:2395-1
SUSE-SU-2020:0413-1
SUSE-SU-2020:0455-1
SUSE-SU-2020:1146-1
SUSE-SU-2020:1294-1
SUSE-SU-2020:1922-1
SUSE-SU-2020:2882-1
SUSE-SU-2020:3122-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Live Patching 15 SP2
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libXv1-1.0.11-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libvirt-0.9.6-0.21 is installed
  • OR libvirt-client-0.9.6-0.21 is installed
  • OR libvirt-client-32bit-0.9.6-0.21 is installed
  • OR libvirt-doc-0.9.6-0.21 is installed
  • OR libvirt-python-0.9.6-0.21 is installed
  • OR virt-manager-0.9.0-3.19 is installed
  • OR vm-install-0.5.10-0.5 is installed
  • OR xen-4.1.2_20-0.5 is installed
  • OR xen-doc-html-4.1.2_20-0.5 is installed
  • OR xen-doc-pdf-4.1.2_20-0.5 is installed
  • OR xen-kmp-default-4.1.2_20_3.0.38_0.5-0.5 is installed
  • OR xen-kmp-trace-4.1.2_20_3.0.38_0.5-0.5 is installed
  • OR xen-libs-4.1.2_20-0.5 is installed
  • OR xen-libs-32bit-4.1.2_20-0.5 is installed
  • OR xen-tools-4.1.2_20-0.5 is installed
  • OR xen-tools-domU-4.1.2_20-0.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • kde4-kgreeter-plugins-4.3.5-0.12.18 is installed
  • OR kdebase4-wallpapers-4.3.5-0.11.18 is installed
  • OR kdebase4-workspace-4.3.5-0.12.18 is installed
  • OR kdebase4-workspace-ksysguardd-4.3.5-0.12.18 is installed
  • OR kdm-4.3.5-0.12.18 is installed
  • OR kwin-4.3.5-0.12.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • libvdpau-0.4.1-16.20 is installed
  • OR libvdpau1-0.4.1-16.20 is installed
  • OR libvdpau1-32bit-0.4.1-16.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND telepathy-gabble-0.18.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libgnomesu-1.0.0-352 is installed
  • OR libgnomesu-lang-1.0.0-352 is installed
  • OR libgnomesu0-1.0.0-352 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • cups-1.7.5-12 is installed
  • OR cups-client-1.7.5-12 is installed
  • OR cups-libs-1.7.5-12 is installed
  • OR cups-libs-32bit-1.7.5-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND cifs-utils-6.5-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.22 is installed
  • OR libvncserver0-0.9.10-4.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND Package Information
  • openldap2-2.4.46-9.19 is installed
  • OR openldap2-devel-32bit-2.4.46-9.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • kernel-docs-4.12.14-197.40 is installed
  • OR kernel-obs-build-4.12.14-197.40 is installed
  • OR kernel-source-4.12.14-197.40 is installed
  • OR kernel-syms-4.12.14-197.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_35-default-6-2 is installed
  • OR kernel-livepatch-SLE15_Update_14-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_7-default-5-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_2-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed
  • AND Package Information
  • kernel-default-5.3.18-24.34 is installed
  • OR kernel-default-livepatch-5.3.18-24.34 is installed
  • OR kernel-default-livepatch-devel-5.3.18-24.34 is installed
  • OR kernel-livepatch-5_3_18-24_34-default-1-5.3 is installed
  • OR kernel-livepatch-SLE15-SP2_Update_6-1-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
  • AND Package Information
  • python-magic-5.32-7.8 is installed
  • OR python2-magic-5.32-7.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • nodejs10-10.15.2-1.6 is installed
  • OR nodejs10-devel-10.15.2-1.6 is installed
  • OR nodejs10-docs-10.15.2-1.6 is installed
  • OR npm10-10.15.2-1.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • rsyslog-8.4.0-8 is installed
  • OR rsyslog-diag-tools-8.4.0-8 is installed
  • OR rsyslog-doc-8.4.0-8 is installed
  • OR rsyslog-module-gssapi-8.4.0-8 is installed
  • OR rsyslog-module-gtls-8.4.0-8 is installed
  • OR rsyslog-module-mysql-8.4.0-8 is installed
  • OR rsyslog-module-pgsql-8.4.0-8 is installed
  • OR rsyslog-module-relp-8.4.0-8 is installed
  • OR rsyslog-module-snmp-8.4.0-8 is installed
  • OR rsyslog-module-udpspoof-8.4.0-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.48 is installed
  • OR kernel-default-base-3.12.74-60.64.48 is installed
  • OR kernel-default-devel-3.12.74-60.64.48 is installed
  • OR kernel-default-man-3.12.74-60.64.48 is installed
  • OR kernel-devel-3.12.74-60.64.48 is installed
  • OR kernel-macros-3.12.74-60.64.48 is installed
  • OR kernel-source-3.12.74-60.64.48 is installed
  • OR kernel-syms-3.12.74-60.64.48 is installed
  • OR kernel-xen-3.12.74-60.64.48 is installed
  • OR kernel-xen-base-3.12.74-60.64.48 is installed
  • OR kernel-xen-devel-3.12.74-60.64.48 is installed
  • OR kgraft-patch-3_12_74-60_64_48-default-1-2 is installed
  • OR kgraft-patch-3_12_74-60_64_48-xen-1-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_17-1-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR avahi-utils-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-firmware-20170530-21.22 is installed
  • OR ucode-amd-20170530-21.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND yast2-smt-3.0.14-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libvirt-2.0.0-27.42 is installed
  • OR libvirt-client-2.0.0-27.42 is installed
  • OR libvirt-daemon-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.42 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-xen-2.0.0-27.42 is installed
  • OR libvirt-doc-2.0.0-27.42 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.42 is installed
  • OR libvirt-nss-2.0.0-27.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • apache2-2.4.23-28 is installed
  • OR apache2-doc-2.4.23-28 is installed
  • OR apache2-example-pages-2.4.23-28 is installed
  • OR apache2-prefork-2.4.23-28 is installed
  • OR apache2-utils-2.4.23-28 is installed
  • OR apache2-worker-2.4.23-28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND ucode-intel-20190618-13.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • MozillaFirefox-60.4.0esr-109.55 is installed
  • OR MozillaFirefox-translations-common-60.4.0esr-109.55 is installed
  • OR libfreebl3-3.40.1-58.18 is installed
  • OR libfreebl3-32bit-3.40.1-58.18 is installed
  • OR libsoftokn3-3.40.1-58.18 is installed
  • OR libsoftokn3-32bit-3.40.1-58.18 is installed
  • OR mozilla-nspr-4.20-19.6 is installed
  • OR mozilla-nspr-32bit-4.20-19.6 is installed
  • OR mozilla-nss-3.40.1-58.18 is installed
  • OR mozilla-nss-32bit-3.40.1-58.18 is installed
  • OR mozilla-nss-certs-3.40.1-58.18 is installed
  • OR mozilla-nss-certs-32bit-3.40.1-58.18 is installed
  • OR mozilla-nss-sysinit-3.40.1-58.18 is installed
  • OR mozilla-nss-sysinit-32bit-3.40.1-58.18 is installed
  • OR mozilla-nss-tools-3.40.1-58.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.16 is installed
  • OR python3-base-3.4.6-25.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • nodejs10-10.19.0-1.18 is installed
  • OR nodejs10-devel-10.19.0-1.18 is installed
  • OR nodejs10-docs-10.19.0-1.18 is installed
  • OR npm10-10.19.0-1.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • libXvnc1-1.8.0-13.14 is installed
  • OR tigervnc-1.8.0-13.14 is installed
  • OR xorg-x11-Xvnc-1.8.0-13.14 is installed
  • OR xorg-x11-Xvnc-novnc-1.8.0-13.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND enigmail-2.1.5-3.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openstack-glance-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-api-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-doc-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-glare-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-registry-13.0.1~a0~dev6-4.3 is installed
  • OR python-glance-13.0.1~a0~dev6-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-Django-1.11.11-3.3 is installed
    • BACK