Oval Definition:	oval:org.opensuse.security:def:51430
Revision Date: 2020-12-01 Version: 1 Title: Security update for libarchive (Moderate) Description: This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder (bsc#1120653). - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder (bsc#1120654). - CVE-2019-1000019: Fixed an Out-Of-Bounds Read vulnerability in 7zip decompression (bsc#1124341). - CVE-2019-1000020: Fixed an Infinite Loop vulnerability in ISO9660 parser (bsc#1124342). - CVE-2019-18408: Fixed a use-after-free in RAR format support (bsc#1155079). Family: unix Class: patch Status: Reference(s): 1050305 1051510 1065600 1065729 1071995 1083647 1085030 1088263 1091606 1094779 1095601 1095639 1096360 1098891 1103203 1104876 1109911 1111666 1113956 1114279 1118338 1120386 1120653 1120654 1124341 1124342 1135114 1137325 1142685 1145051 1145929 1146657 1148868 1154804 1154805 1155079 1155198 1155205 1155298 1155678 1155819 1156158 1157377 1157424 1158763 1158983 1159037 1159198 1159199 1159670 1160467 1160468 1161561 1161951 1162171 1163403 1163897 1164284 1164777 1164780 1164893 1165019 1165182 1165185 1165211 1165823 1165949 1166780 1166860 1166861 1166862 1166864 1166866 1166867 1166868 1166870 1166940 1166982 1167005 1167216 1167288 1167290 1167316 1167421 1167423 1167627 1167629 1168075 1168202 1168273 1168276 1168295 1168367 1168424 1168443 1168486 1168552 1168760 1168762 1168763 1168764 1168765 1168829 1168854 1168881 1168884 1168930 1168952 1169013 1169057 1169307 1169308 1169390 1169514 1169625 1173674 1173703 1175987 1176024 1176179 1176294 1176397 1177867 1178319 1178361 1178362 1178485 CVE-2009-0945 CVE-2011-3193 CVE-2011-3922 CVE-2012-0037 CVE-2012-4929 CVE-2012-6093 CVE-2013-0254 CVE-2013-4549 CVE-2014-0190 CVE-2014-4607 CVE-2014-4910 CVE-2015-0295 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2018-1000877 CVE-2018-1000878 CVE-2018-10583 CVE-2019-1000019 CVE-2019-1000020 CVE-2019-10086 CVE-2019-14896 CVE-2019-14897 CVE-2019-18408 CVE-2019-18900 CVE-2019-19770 CVE-2019-3701 CVE-2019-9458 CVE-2020-10942 CVE-2020-11494 CVE-2020-11669 CVE-2020-15503 CVE-2020-16846 CVE-2020-17490 CVE-2020-24977 CVE-2020-25592 CVE-2020-5260 CVE-2020-8834 SUSE-SU-2018:3683-1 SUSE-SU-2019:2245-1 SUSE-SU-2019:3093-1 SUSE-SU-2020:0204-1 SUSE-SU-2020:0432-1 SUSE-SU-2020:0991-1 SUSE-SU-2020:1146-1 SUSE-SU-2020:2025-1 SUSE-SU-2020:2029-1 SUSE-SU-2020:2612-1 SUSE-SU-2020:3244-1 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libcairo-gobject2-1.15.10-lp150.2 is installed OR libcairo2-1.15.10-lp150.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xorg-x11-libXt-7.4-1.19 is installed OR xorg-x11-libXt-32bit-7.4-1.19 is installed OR xorg-x11-libXt-devel-7.4-1.19 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information krb5-1.6.3-133.49.66 is installed OR krb5-32bit-1.6.3-133.49.66 is installed OR krb5-client-1.6.3-133.49.66 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libmysql55client18-5.5.47-0.17 is installed OR libmysql55client18-32bit-5.5.47-0.17 is installed OR libmysql55client_r18-5.5.47-0.17 is installed OR libmysql55client_r18-32bit-5.5.47-0.17 is installed OR mysql-5.5.47-0.17 is installed OR mysql-client-5.5.47-0.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND xf86-video-intel-2.99.914-4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information liblzo2-2-2.08-1 is installed OR liblzo2-2-32bit-2.08-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information e2fsprogs-1.42.11-7 is installed OR libcom_err2-1.42.11-7 is installed OR libcom_err2-32bit-1.42.11-7 is installed OR libext2fs2-1.42.11-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information curl-7.37.0-36 is installed OR libcurl4-7.37.0-36 is installed OR libcurl4-32bit-7.37.0-36 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND autofs-5.0.9-28.3 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information libxmlsec1-gcrypt1-1.2.26-3.3 is installed OR libxmlsec1-gnutls1-1.2.26-3.3 is installed OR libxmlsec1-openssl1-1.2.26-3.3 is installed OR xmlsec1-1.2.26-3.3 is installed OR xmlsec1-gnutls-devel-1.2.26-3.3 is installed OR xmlsec1-openssl-devel-1.2.26-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information libsolv-0.7.10-3.13 is installed OR python-solv-0.7.10-3.13 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information bsdtar-3.3.2-3.11 is installed OR libarchive-3.3.2-3.11 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND perl-YAML-LibYAML-0.69-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_47-default-2-2 is installed OR kernel-livepatch-SLE15_Update_17-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.40 is installed OR kernel-default-livepatch-4.12.14-197.40 is installed OR kernel-default-livepatch-devel-4.12.14-197.40 is installed OR kernel-livepatch-4_12_14-197_40-default-1-3.3 is installed OR kernel-livepatch-SLE15-SP1_Update_11-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-libxml2-python-2.9.7-3.25 is installed OR python2-libxml2-python-2.9.7-3.25 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND apache-commons-beanutils-1.9.2-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information sysconfig-0.83.8-7 is installed OR sysconfig-netconfig-0.83.8-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_32-default-4-3 is installed OR kgraft-patch-3_12_69-60_64_32-xen-4-3 is installed OR kgraft-patch-SLE12-SP1_Update_13-4-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpp48-4.8.5-30 is installed OR gcc48-4.8.5-30 is installed OR gcc48-32bit-4.8.5-30 is installed OR gcc48-c++-4.8.5-30 is installed OR gcc48-info-4.8.5-30 is installed OR gcc48-locale-4.8.5-30 is installed OR libasan0-4.8.5-30 is installed OR libasan0-32bit-4.8.5-30 is installed OR libstdc++48-devel-4.8.5-30 is installed OR libstdc++48-devel-32bit-4.8.5-30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-default-man-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR libwebkit2gtk3-lang-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ImageMagick-6.8.8.1-71.74 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.74 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.74 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information git-2.16.4-3.20 is installed OR git-arch-2.16.4-3.20 is installed OR git-core-2.16.4-3.20 is installed OR git-cvs-2.16.4-3.20 is installed OR git-daemon-2.16.4-3.20 is installed OR git-doc-2.16.4-3.20 is installed OR git-email-2.16.4-3.20 is installed OR git-gui-2.16.4-3.20 is installed OR git-svn-2.16.4-3.20 is installed OR git-web-2.16.4-3.20 is installed OR gitk-2.16.4-3.20 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information python2-salt-3000-5.91 is installed OR python3-salt-3000-5.91 is installed OR salt-3000-5.91 is installed OR salt-api-3000-5.91 is installed OR salt-bash-completion-3000-5.91 is installed OR salt-cloud-3000-5.91 is installed OR salt-doc-3000-5.91 is installed OR salt-fish-completion-3000-5.91 is installed OR salt-master-3000-5.91 is installed OR salt-minion-3000-5.91 is installed OR salt-proxy-3000-5.91 is installed OR salt-ssh-3000-5.91 is installed OR salt-standalone-formulas-configuration-3000-5.91 is installed OR salt-syndic-3000-5.91 is installed OR salt-zsh-completion-3000-5.91 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information libraw-0.18.9-3.11 is installed OR libraw-devel-0.18.9-3.11 is installed OR libraw16-0.18.9-3.11 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libmariadb3-3.0.3-3.3 is installed OR mariadb-10.2.15-4.3 is installed OR mariadb-client-10.2.15-4.3 is installed OR mariadb-connector-c-3.0.3-3.3 is installed OR mariadb-errormessages-10.2.15-4.3 is installed OR mariadb-galera-10.2.15-4.3 is installed OR mariadb-tools-10.2.15-4.3 is installed OR xtrabackup-2.4.10-4.3 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Django1-1.11.20-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
BACK