| Revision Date: | 2021-11-17 | Version: | 1 |
| Title: | Security update for libarchive (Moderate) |
| Description: |
This update for libarchive fixes the following issues:
- CVE-2019-19221: Fixed out-of-bounds read caused by incorrect mbrtowc or mbtowc call (bsc#1157569)
- backporting symlink security fixes from 3.5.2: - extracting with ACLs modifies ACLs of target (bsc#1192425) - modifies file flags of target (bsc#1192426) - avoid follow on fixup entries (bsc#1192427)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1157569
1170643
1171863
1171864
1171866
1172348
1192425
1192426
1192427
CVE-2006-7250
CVE-2008-5077
CVE-2009-0590
CVE-2009-0591
CVE-2009-0789
CVE-2009-0945
CVE-2009-1377
CVE-2009-1378
CVE-2009-1379
CVE-2009-1386
CVE-2009-1387
CVE-2009-1720
CVE-2009-1721
CVE-2009-1886
CVE-2009-1888
CVE-2009-2285
CVE-2009-2347
CVE-2009-2624
CVE-2009-2813
CVE-2009-2906
CVE-2009-2948
CVE-2010-0001
CVE-2010-0547
CVE-2010-0728
CVE-2010-0740
CVE-2010-0742
CVE-2010-0787
CVE-2010-1172
CVE-2010-1205
CVE-2010-1633
CVE-2010-2065
CVE-2010-2067
CVE-2010-2233
CVE-2010-2240
CVE-2010-2939
CVE-2010-3864
CVE-2010-4665
CVE-2010-5298
CVE-2011-0014
CVE-2011-0192
CVE-2011-0460
CVE-2011-1167
CVE-2011-2501
CVE-2011-2690
CVE-2011-2691
CVE-2011-2692
CVE-2011-3026
CVE-2011-3048
CVE-2011-3193
CVE-2011-3207
CVE-2011-3210
CVE-2011-3328
CVE-2011-3464
CVE-2011-3922
CVE-2011-4108
CVE-2011-4576
CVE-2011-4577
CVE-2011-4619
CVE-2012-0027
CVE-2012-0050
CVE-2012-0786
CVE-2012-0884
CVE-2012-1165
CVE-2012-1173
CVE-2012-1586
CVE-2012-2110
CVE-2012-2113
CVE-2012-2686
CVE-2012-3386
CVE-2012-3401
CVE-2012-4564
CVE-2012-4929
CVE-2012-4929
CVE-2012-6093
CVE-2013-0166
CVE-2013-0169
CVE-2013-0254
CVE-2013-0292
CVE-2013-1940
CVE-2013-1960
CVE-2013-1961
CVE-2013-2062
CVE-2013-4231
CVE-2013-4232
CVE-2013-4243
CVE-2013-4244
CVE-2013-4353
CVE-2013-4396
CVE-2013-4549
CVE-2013-6424
CVE-2013-6449
CVE-2013-6450
CVE-2014-0076
CVE-2014-0160
CVE-2014-0190
CVE-2014-0195
CVE-2014-0198
CVE-2014-0221
CVE-2014-0224
CVE-2014-3470
CVE-2014-3505
CVE-2014-3506
CVE-2014-3507
CVE-2014-3508
CVE-2014-3509
CVE-2014-3510
CVE-2014-3511
CVE-2014-3512
CVE-2014-5139
CVE-2014-8137
CVE-2014-8138
CVE-2014-8157
CVE-2014-8158
CVE-2014-9029
CVE-2015-0295
CVE-2015-1858
CVE-2015-1859
CVE-2015-1860
CVE-2019-19221
CVE-2020-10543
CVE-2020-10878
CVE-2020-12723
CVE-2020-3899
SUSE-SU-2020:1198-1
SUSE-SU-2020:1682-1
SUSE-SU-2021:3722-1
|
| Platform(s): | openSUSE 13.1
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Live Patching 12 SP3
SUSE Linux Enterprise Module for Advanced Systems Management 12
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP5
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 12 SP2
SUSE OpenStack Cloud 5
| Product(s): | |
| Definition Synopsis |
| SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information
python-glanceclient-0.15.0-3.1 is installed
OR python-keystoneclient-1.0.0-19.1 is installed
OR python-keystoneclient-doc-1.0.0-19.1 is installed
OR python-keystonemiddleware-1.2.0-4.1 is installed
OR python-novaclient-2.20.0-6.1 is installed
OR python-novaclient-doc-2.20.0-6.1 is installed
OR python-swiftclient-2.3.1-3.1 is installed
OR python-swiftclient-doc-2.3.1-3.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 11 SP2 is installed
AND Package Information
cups-1.3.9-8.46.48.1 is installed
OR cups-client-1.3.9-8.46.48.1 is installed
OR cups-libs-1.3.9-8.46.48.1 is installed
OR cups-libs-32bit-1.3.9-8.46.48.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 11 SP3 is installed
AND Package Information
MozillaFirefox-24.8.0esr-0.8.1 is installed
OR MozillaFirefox-translations-24.8.0esr-0.8.1 is installed
OR libfreebl3-3.16.4-0.8.1 is installed
OR libfreebl3-32bit-3.16.4-0.8.1 is installed
OR libsoftokn3-3.16.4-0.8.1 is installed
OR libsoftokn3-32bit-3.16.4-0.8.1 is installed
OR mozilla-nspr-4.10.7-0.3.1 is installed
OR mozilla-nspr-32bit-4.10.7-0.3.1 is installed
OR mozilla-nss-3.16.4-0.8.1 is installed
OR mozilla-nss-32bit-3.16.4-0.8.1 is installed
OR mozilla-nss-tools-3.16.4-0.8.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 is installed
AND gzip-1.6-7 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP1 is installed
AND cifs-utils-6.4-6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP2 is installed
AND Package Information
bind-libs-9.9.9P1-46 is installed
OR bind-libs-32bit-9.9.9P1-46 is installed
OR bind-utils-9.9.9P1-46 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP3 is installed
AND binutils-2.26.1-9.12 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
gpgme-1.5.1-1 is installed
OR libgpgme11-1.5.1-1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 12 SP2 is installed
AND ctdb-4.4.2-29 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 12 SP3 is installed
AND conntrack-tools-1.4.2-5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 12 SP4 is installed
AND Package Information
cluster-md-kmp-default-4.12.14-94.41 is installed
OR dlm-kmp-default-4.12.14-94.41 is installed
OR gfs2-kmp-default-4.12.14-94.41 is installed
OR ocfs2-kmp-default-4.12.14-94.41 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 12 SP5 is installed
AND Package Information
cluster-md-kmp-default-4.12.14-120 is installed
OR dlm-kmp-default-4.12.14-120 is installed
OR gfs2-kmp-default-4.12.14-120 is installed
OR ocfs2-kmp-default-4.12.14-120 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
AND Package Information
apache-commons-daemon-1.0.15-6 is installed
OR apache-commons-daemon-javadoc-1.0.15-6 is installed
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed
AND
libjavascriptcoregtk-4_0-18-2.28.2-3.54 is installed
OR libwebkit2gtk-4_0-37-2.28.2-3.54 is installed
OR libwebkit2gtk3-lang-2.28.2-3.54 is installed
OR webkit2gtk-4_0-injected-bundles-2.28.2-3.54 is installed
OR webkit2gtk3-2.28.2-3.54 is installed
OR webkit2gtk3-devel-2.28.2-3.54 is installed
OR Package Information
SUSE Linux Enterprise High Performance Computing 15-LTSS is installed
AND
libjavascriptcoregtk-4_0-18-2.28.2-3.54 is installed
OR libwebkit2gtk-4_0-37-2.28.2-3.54 is installed
OR libwebkit2gtk3-lang-2.28.2-3.54 is installed
OR webkit2gtk-4_0-injected-bundles-2.28.2-3.54 is installed
OR webkit2gtk3-2.28.2-3.54 is installed
OR webkit2gtk3-devel-2.28.2-3.54 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Live Patching 12 is installed
AND Package Information
kgraft-patch-3_12_39-47-default-1-2 is installed
OR kgraft-patch-3_12_39-47-xen-1-2 is installed
OR kgraft-patch-SLE12_Update_4-1-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Live Patching 12 SP3 is installed
AND Package Information
kgraft-patch-4_4_82-6_3-default-3-2.1 is installed
OR kgraft-patch-SLE12-SP3_Update_1-3-2.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed
AND Package Information
salt-2016.11.4-46.7.1 is installed
OR salt-api-2016.11.4-46.7.1 is installed
OR salt-bash-completion-2016.11.4-46.7.1 is installed
OR salt-cloud-2016.11.4-46.7.1 is installed
OR salt-doc-2016.11.4-46.7.1 is installed
OR salt-master-2016.11.4-46.7.1 is installed
OR salt-minion-2016.11.4-46.7.1 is installed
OR salt-proxy-2016.11.4-46.7.1 is installed
OR salt-ssh-2016.11.4-46.7.1 is installed
OR salt-syndic-2016.11.4-46.7.1 is installed
OR salt-zsh-completion-2016.11.4-46.7.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Containers 12 is installed
AND Package Information
ruby2.1-rubygem-rack-1_4-1.4.5-8.10 is installed
OR rubygem-rack-1_4-1.4.5-8.10 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Legacy Software 12 is installed
AND Package Information
java-1_6_0-ibm-1.6.0_sr16.20-30.1 is installed
OR java-1_6_0-ibm-fonts-1.6.0_sr16.20-30.1 is installed
OR java-1_6_0-ibm-jdbc-1.6.0_sr16.20-30.1 is installed
OR java-1_6_0-ibm-plugin-1.6.0_sr16.20-30.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Public Cloud 12 is installed
AND python-setuptools-1.1.7-7.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Web Scripting 12 is installed
AND python3-3.4.1-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 11 SP2 is installed
AND aaa_base-11-6.65.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 11 SP3 is installed
AND unzip-6.00-11.7.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 11 SP4 is installed
AND apache2-mod_jk-1.2.40-0.2.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 is installed
AND Package Information
aaa_base-13.2+git20140911.61c1681-1 is installed
OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP1 is installed
AND Package Information
xscreensaver-5.22-7.1 is installed
OR xscreensaver-data-5.22-7.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2 is installed
AND p7zip-9.20.1-6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3 is installed
AND Package Information
colord-gtk-lang-0.1.26-6 is installed
OR libcolord-gtk1-0.1.26-6 is installed
OR libcolord2-1.3.3-12 is installed
OR libcolord2-32bit-1.3.3-12 is installed
OR libcolorhug2-1.3.3-12 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP4 is installed
AND Package Information
MozillaFirefox-52.9.0esr-109.38 is installed
OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise Server 12 SP5 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed
AND libarchive-devel-3.3.3-32.5.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12-LTSS is installed
AND Package Information
kgraft-patch-3_12_51-52_39-default-4-2.2 is installed
OR kgraft-patch-3_12_51-52_39-xen-4-2.2 is installed
OR kgraft-patch-SLE12_Update_11-4-2.2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
AND Package Information
qemu-2.6.2-39 is installed
OR qemu-arm-2.6.2-39 is installed
OR qemu-block-curl-2.6.2-39 is installed
OR qemu-block-rbd-2.6.2-39 is installed
OR qemu-block-ssh-2.6.2-39 is installed
OR qemu-guest-agent-2.6.2-39 is installed
OR qemu-ipxe-1.0.0-39 is installed
OR qemu-lang-2.6.2-39 is installed
OR qemu-tools-2.6.2-39 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
AND Package Information
libsndfile-1.0.25-28.1 is installed
OR libsndfile-devel-1.0.25-28.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
AND Package Information
gimp-devel-2.8.18-4 is installed
OR libgimp-2_0-0-2.8.18-4 is installed
OR libgimpui-2_0-0-2.8.18-4 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
AND Package Information
ImageMagick-6.8.8.1-70 is installed
OR ImageMagick-devel-6.8.8.1-70 is installed
OR libMagick++-6_Q16-3-6.8.8.1-70 is installed
OR libMagick++-devel-6.8.8.1-70 is installed
OR perl-PerlMagick-6.8.8.1-70 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
AND Package Information
DirectFB-devel-1.7.1-6 is installed
OR lib++dfb-devel-1.7.1-6 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 12 is installed
AND Package Information
finch-2.10.9-8.1 is installed
OR libpurple-2.10.9-8.1 is installed
OR libpurple-lang-2.10.9-8.1 is installed
OR libpurple-meanwhile-2.10.9-8.1 is installed
OR libpurple-tcl-2.10.9-8.1 is installed
OR pidgin-2.10.9-8.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 12 SP1 is installed
AND Package Information
ImageMagick-6.8.8.1-30.2 is installed
OR libMagick++-6_Q16-3-6.8.8.1-30.2 is installed
OR libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 12 SP2 is installed
AND Package Information
libpcrecpp0-8.39-5.1 is installed
OR libpcrecpp0-32bit-8.39-5.1 is installed
OR pcre-8.39-5.1 is installed
|