OVAL Reference oval:org.opensuse.security:def:51444

Oval Definition:

oval:org.opensuse.security:def:51444

Revision Date:	2020-12-01	Version:	1
Title:	Security update for git (Important)
Description:	This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (bsc#1158787). - CVE-2019-19604: Fixed a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (bsc#1158795). - CVE-2019-1387: Fixed recursive clones that are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (bsc#1158793). - CVE-2019-1354: Fixed issue on Windows that refuses to write tracked files with filenames that contain backslashes (bsc#1158792). - CVE-2019-1353: Fixed issue when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (bsc#1158791). - CVE-2019-1352: Fixed issue on Windows was unaware of NTFS Alternate Data Streams (bsc#1158790). - CVE-2019-1351: Fixed issue on Windows mistakes drive letters outside of the US-English alphabet as relative paths (bsc#1158789). - CVE-2019-1350: Fixed incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (bsc#1158788). - CVE-2019-1348: Fixed the --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (bsc#1158785). - Fixes an issue where git send-email failed to authenticate with SMTP server (bsc#1082023) Bug fixes: - Add zlib dependency, which used to be provided by openssl-devel, so that package can compile successfully after openssl upgrade to 1.1.1. (bsc#1149792).
Family:	unix	Class:	patch
Status:		Reference(s):	1065600 1065729 1082023 1134689 1138034 1140683 1149792 1155798 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1160467 1160468 1163985 1165692 1168468 1170603 1170826 1171675 1171688 1172538 1173100 1173257 1173477 1173659 1173691 1173694 1173700 1173701 1173743 1173869 1173874 1173875 1173876 1173880 1173942 1173963 1174003 1174098 1174117 1174121 1174186 1174247 1174748 1175132 1175520 1175599 1175621 1175807 1176019 1176031 1176400 1176907 1176946 1176979 1177027 1177090 1177109 1177121 1177193 1177194 1177206 1177258 1177271 1177283 1177284 1177285 1177286 1177297 1177340 1177384 1177511 1177617 1177681 1177683 1177685 1177687 1177694 1177697 1177719 1177724 1177725 1177726 954532 CVE-2009-0035 CVE-2010-1205 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3026 CVE-2011-3048 CVE-2011-3328 CVE-2011-3464 CVE-2012-2396 CVE-2012-3386 CVE-2012-4559 CVE-2012-4560 CVE-2012-4561 CVE-2013-0176 CVE-2014-0017 CVE-2014-8132 CVE-2015-3146 CVE-2017-18922 CVE-2018-21247 CVE-2019-10130 CVE-2019-10164 CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-1387 CVE-2019-14895 CVE-2019-14896 CVE-2019-14897 CVE-2019-16746 CVE-2019-19447 CVE-2019-19604 CVE-2019-20839 CVE-2019-20840 CVE-2019-9458 CVE-2020-11668 CVE-2020-12268 CVE-2020-12351 CVE-2020-12351 CVE-2020-12352 CVE-2020-12352 CVE-2020-13934 CVE-2020-13935 CVE-2020-14019 CVE-2020-14331 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-15780 CVE-2020-1720 CVE-2020-24490 CVE-2020-24553 CVE-2020-25641 CVE-2020-25643 CVE-2020-25645 CVE-2020-25645 SUSE-SU-2019:1810-1 SUSE-SU-2020:0045-1 SUSE-SU-2020:0204-1 SUSE-SU-2020:0589-1 SUSE-SU-2020:1220-1 SUSE-SU-2020:1922-1 SUSE-SU-2020:2046-1 SUSE-SU-2020:2109-1 SUSE-SU-2020:2513-1 SUSE-SU-2020:2776-1 SUSE-SU-2020:2972-1 SUSE-SU-2020:2980-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP2 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libgcrypt20-1.8.2-lp150.4 is installed OR libgcrypt20-32bit-1.8.2-lp150.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND libaugeas0-0.9.0-3.15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND rsync-3.0.4-2.49 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information vorbis-tools-1.4.0-23 is installed OR vorbis-tools-lang-1.4.0-23 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND ft2demos-2.6.3-7.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information emacs-24.3-19 is installed OR emacs-info-24.3-19 is installed OR emacs-x11-24.3-19 is installed OR etags-24.3-19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information postgresql10-10.9-4.13 is installed OR postgresql10-test-10.9-4.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed AND Package Information LibVNCServer-0.9.10-4.22 is installed OR libvncserver0-0.9.10-4.22 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information git-2.16.4-3.17 is installed OR git-arch-2.16.4-3.17 is installed OR git-cvs-2.16.4-3.17 is installed OR git-daemon-2.16.4-3.17 is installed OR git-doc-2.16.4-3.17 is installed OR git-email-2.16.4-3.17 is installed OR git-gui-2.16.4-3.17 is installed OR git-svn-2.16.4-3.17 is installed OR git-web-2.16.4-3.17 is installed OR gitk-2.16.4-3.17 is installed OR perl-Authen-SASL-2.16-1.3 is installed OR perl-Net-SMTP-SSL-1.04-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information go1.15-1.15.2-1.3 is installed OR go1.15-doc-1.15.2-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_47-default-6-2 is installed OR kernel-livepatch-SLE15_Update_17-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_29-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_8-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Python2 packages 15 SP2 is installed AND Package Information python-rtslib-fb-2.1.73-3.3 is installed OR python2-rtslib-fb-2.1.73-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.36-4.41 is installed OR tomcat-admin-webapps-9.0.36-4.41 is installed OR tomcat-el-3_0-api-9.0.36-4.41 is installed OR tomcat-jsp-2_3-api-9.0.36-4.41 is installed OR tomcat-lib-9.0.36-4.41 is installed OR tomcat-servlet-4_0-api-9.0.36-4.41 is installed OR tomcat-webapps-9.0.36-4.41 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND w3m-0.5.3-153 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_45-default-3-2 is installed OR kgraft-patch-3_12_74-60_64_45-xen-3-2 is installed OR kgraft-patch-SLE12-SP1_Update_16-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND dnsmasq-2.71-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libmysqlclient18-10.0.35-29.20 is installed OR libmysqlclient18-32bit-10.0.35-29.20 is installed OR mariadb-10.0.35-29.20 is installed OR mariadb-client-10.0.35-29.20 is installed OR mariadb-errormessages-10.0.35-29.20 is installed OR mariadb-tools-10.0.35-29.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_32-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_11-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information bash-4.3-82 is installed OR bash-doc-4.3-82 is installed OR libreadline6-6.3-82 is installed OR libreadline6-32bit-6.3-82 is installed OR readline-doc-6.3-82 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND clamav-0.100.3-33.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libopenssl-devel-1.0.2j-60.39 is installed OR libopenssl1_0_0-1.0.2j-60.39 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed OR openssl-1.0.2j-60.39 is installed OR openssl-doc-1.0.2j-60.39 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information ghostscript-9.52-3.27 is installed OR ghostscript-devel-9.52-3.27 is installed OR ghostscript-x11-9.52-3.27 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.29 is installed OR kernel-default-extra-5.3.18-24.29 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND ucode-intel-20180703-13.25 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information ardana-db-9.0+git.1572311426.a6dc2fd-3.13 is installed OR ardana-keystone-9.0+git.1573069087.15ffd1c-3.13 is installed OR ardana-neutron-9.0+git.1572019823.6650494-3.16 is installed OR ardana-nova-9.0+git.1572618171.4460843-3.13 is installed OR openstack-barbican-7.0.1~dev21-3.3 is installed OR openstack-barbican-api-7.0.1~dev21-3.3 is installed OR openstack-barbican-keystone-listener-7.0.1~dev21-3.3 is installed OR openstack-barbican-retry-7.0.1~dev21-3.3 is installed OR openstack-barbican-worker-7.0.1~dev21-3.3 is installed OR openstack-heat-templates-0.0.0+git.1553459627.948e8cc-3.3 is installed OR openstack-keystone-14.1.1~dev28-3.16 is installed OR openstack-neutron-13.0.6~dev8-3.16 is installed OR openstack-neutron-dhcp-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-gbp-5.0.1~dev476-3.13 is installed OR openstack-neutron-ha-tool-13.0.6~dev8-3.16 is installed OR openstack-neutron-l3-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-lbaas-13.0.1~dev16-3.13 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev16-3.13 is installed OR openstack-neutron-linuxbridge-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-macvtap-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-metadata-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-metering-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-openvswitch-agent-13.0.6~dev8-3.16 is installed OR openstack-neutron-server-13.0.6~dev8-3.16 is installed OR openstack-nova-18.2.4~dev22-3.16 is installed OR openstack-nova-api-18.2.4~dev22-3.16 is installed OR openstack-nova-cells-18.2.4~dev22-3.16 is installed OR openstack-nova-compute-18.2.4~dev22-3.16 is installed OR openstack-nova-conductor-18.2.4~dev22-3.16 is installed OR openstack-nova-console-18.2.4~dev22-3.16 is installed OR openstack-nova-novncproxy-18.2.4~dev22-3.16 is installed OR openstack-nova-placement-api-18.2.4~dev22-3.16 is installed OR openstack-nova-scheduler-18.2.4~dev22-3.16 is installed OR openstack-nova-serialproxy-18.2.4~dev22-3.16 is installed OR openstack-nova-vncproxy-18.2.4~dev22-3.16 is installed OR openstack-octavia-3.2.1~dev3-3.16 is installed OR openstack-octavia-amphora-agent-3.2.1~dev3-3.16 is installed OR openstack-octavia-api-3.2.1~dev3-3.16 is installed OR openstack-octavia-health-manager-3.2.1~dev3-3.16 is installed OR openstack-octavia-housekeeping-3.2.1~dev3-3.16 is installed OR openstack-octavia-worker-3.2.1~dev3-3.16 is installed OR openstack-sahara-9.0.2~dev14-3.6 is installed OR openstack-sahara-api-9.0.2~dev14-3.6 is installed OR openstack-sahara-engine-9.0.2~dev14-3.6 is installed OR python-barbican-7.0.1~dev21-3.3 is installed OR python-keystone-14.1.1~dev28-3.16 is installed OR python-neutron-13.0.6~dev8-3.16 is installed OR python-neutron-gbp-5.0.1~dev476-3.13 is installed OR python-neutron-lbaas-13.0.1~dev16-3.13 is installed OR python-nova-18.2.4~dev22-3.16 is installed OR python-octavia-3.2.1~dev3-3.16 is installed OR python-psutil-5.4.6-3.3 is installed OR python-sahara-9.0.2~dev14-3.6 is installed OR release-notes-suse-openstack-cloud-9.20191025-3.15 is installed OR venv-openstack-barbican-7.0.1~dev21-3.13 is installed OR venv-openstack-barbican-x86_64-7.0.1~dev21-3.13 is installed OR venv-openstack-cinder-13.0.8~dev8-3.13 is installed OR venv-openstack-cinder-x86_64-13.0.8~dev8-3.13 is installed OR venv-openstack-designate-7.0.1~dev22-3.13 is installed OR venv-openstack-designate-x86_64-7.0.1~dev22-3.13 is installed OR venv-openstack-heat-11.0.3~dev23-3.13 is installed OR venv-openstack-heat-x86_64-11.0.3~dev23-3.13 is installed OR venv-openstack-keystone-14.1.1~dev28-3.13 is installed OR venv-openstack-keystone-x86_64-14.1.1~dev28-3.13 is installed OR venv-openstack-magnum-7.1.1~dev28-4.13 is installed OR venv-openstack-magnum-x86_64-7.1.1~dev28-4.13 is installed OR venv-openstack-manila-7.3.1~dev15-3.13 is installed OR venv-openstack-manila-x86_64-7.3.1~dev15-3.13 is installed OR venv-openstack-monasca-ceilometer-1.8.2~dev3-3.13 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.13 is installed OR venv-openstack-neutron-13.0.6~dev8-6.13 is installed OR venv-openstack-neutron-x86_64-13.0.6~dev8-6.13 is installed OR venv-openstack-nova-18.2.4~dev22-3.13 is installed OR venv-openstack-nova-x86_64-18.2.4~dev22-3.13 is installed OR venv-openstack-octavia-3.2.1~dev3-4.13 is installed OR venv-openstack-octavia-x86_64-3.2.1~dev3-4.13 is installed OR venv-openstack-sahara-9.0.2~dev14-3.13 is installed OR venv-openstack-sahara-x86_64-9.0.2~dev14-3.13 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.14.3-11.15 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.6 is installed

BACK