Oval Definition:	oval:org.opensuse.security:def:51520
Revision Date: 2020-12-01 Version: 1 Title: Security update for libsolv, libzypp, zypper (Moderate) Description: This update for libsolv, libzypp, zypper fixes the following issues: Security issue fixed: - CVE-2019-18900: Fixed assert cookie file that was world readable (bsc#1158763). Bug fixes - Fixed removing orphaned packages dropped by to-be-installed products (bsc#1155819). - Adds libzypp API to mark all obsolete kernels according to the existing purge-kernel script rules (bsc#1155198). - Do not enforce 'en' being in RequestedLocales If the user decides to have a system without explicit language support he may do so (bsc#1155678). - Load only target resolvables for zypper rm (bsc#1157377). - Fix broken search by filelist (bsc#1135114). - Replace python by a bash script in zypper-log (fixes#304, fixes#306, bsc#1156158). - Do not sort out requested locales which are not available (bsc#1155678). - Prevent listing duplicate matches in tables. XML result is provided within the new list-patches-byissue element (bsc#1154805). - XML add patch issue-date and issue-list (bsc#1154805). - Fix zypper lp --cve/bugzilla/issue options (bsc#1155298). - Always execute commit when adding/removing locales (fixes bsc#1155205). - Fix description of --table-style,-s in man page (bsc#1154804). Family: unix Class: patch Status: Reference(s): 1103203 1114837 1125330 1129821 1130262 1133089 1135114 1140738 1141329 1141330 1141332 1141442 1145095 1146360 1151793 1154804 1154805 1155094 1155198 1155205 1155298 1155678 1155819 1156158 1156323 1156324 1156326 1156328 1156329 1157377 1158763 1160467 1160468 1162825 1168994 1171863 1171864 1171866 1172348 1173812 1174463 1174570 1176382 1176764 CVE-2009-0793 CVE-2011-1145 CVE-2011-3602 CVE-2013-4276 CVE-2014-0011 CVE-2014-8240 CVE-2015-0255 CVE-2018-16850 CVE-2018-18335 CVE-2018-18356 CVE-2018-18506 CVE-2018-18509 CVE-2019-11041 CVE-2019-11042 CVE-2019-12523 CVE-2019-12525 CVE-2019-12526 CVE-2019-12527 CVE-2019-12529 CVE-2019-12854 CVE-2019-13345 CVE-2019-14896 CVE-2019-14897 CVE-2019-18348 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-18900 CVE-2019-20919 CVE-2019-3688 CVE-2019-5785 CVE-2019-9674 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9794 CVE-2019-9795 CVE-2019-9796 CVE-2019-9801 CVE-2019-9810 CVE-2019-9813 CVE-2020-10543 CVE-2020-10713 CVE-2020-10878 CVE-2020-12723 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-15706 CVE-2020-15707 CVE-2020-25212 SUSE-SU-2018:3942-1 SUSE-SU-2019:0853-1 SUSE-SU-2019:2503-1 SUSE-SU-2019:2975-1 SUSE-SU-2020:0432-1 SUSE-SU-2020:1339-1 SUSE-SU-2020:1682-1 SUSE-SU-2020:2073-1 SUSE-SU-2020:2827-1 SUSE-SU-2020:3181-1 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libsqlite3-0-3.23.1-lp150.1 is installed OR sqlite3-3.23.1-lp150.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND icedtea-web-1.4.2-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information kernel-default-3.0.101-71 is installed OR kernel-default-base-3.0.101-71 is installed OR kernel-default-devel-3.0.101-71 is installed OR kernel-default-extra-3.0.101-71 is installed OR kernel-pae-3.0.101-71 is installed OR kernel-pae-base-3.0.101-71 is installed OR kernel-pae-devel-3.0.101-71 is installed OR kernel-pae-extra-3.0.101-71 is installed OR kernel-source-3.0.101-71 is installed OR kernel-syms-3.0.101-71 is installed OR kernel-trace-3.0.101-71 is installed OR kernel-trace-devel-3.0.101-71 is installed OR kernel-xen-3.0.101-71 is installed OR kernel-xen-base-3.0.101-71 is installed OR kernel-xen-devel-3.0.101-71 is installed OR kernel-xen-extra-3.0.101-71 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information lcms-1.19-17 is installed OR liblcms1-1.19-17 is installed OR liblcms1-32bit-1.19-17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information lcms-1.19-17 is installed OR liblcms1-1.19-17 is installed OR liblcms1-32bit-1.19-17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND libgadu3-1.11.4-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libXrender1-0.9.8-7 is installed OR libXrender1-32bit-0.9.8-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information cups-filters-1.0.58-19.2 is installed OR cups-filters-cups-browsed-1.0.58-19.2 is installed OR cups-filters-foomatic-rip-1.0.58-19.2 is installed OR cups-filters-ghostscript-1.0.58-19.2 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information php7-7.2.5-4.40 is installed OR php7-embed-7.2.5-4.40 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed AND Package Information perl-5.26.1-7.12 is installed OR perl-32bit-5.26.1-7.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND Package Information libsolv-0.7.10-3.13 is installed OR perl-solv-0.7.10-3.13 is installed OR ruby-solv-0.7.10-3.13 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_26-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_7-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND Package Information kernel-livepatch-5_3_18-24_24-default-2-2 is installed OR kernel-livepatch-SLE15-SP2_Update_4-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information postgresql10-10.6-4.8 is installed OR postgresql10-test-10.6-4.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-2.7.17-7.38 is installed OR python-base-2.7.17-7.38 is installed OR python-curses-2.7.17-7.38 is installed OR python-devel-2.7.17-7.38 is installed OR python-gdbm-2.7.17-7.38 is installed OR python-xml-2.7.17-7.38 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND squid-4.9-5.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.40.2-1 is installed OR librsvg-2-2-2.40.2-1 is installed OR librsvg-2-2-32bit-2.40.2-1 is installed OR rsvg-view-2.40.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-9-4 is installed OR kgraft-patch-3_12_67-60_64_24-xen-9-4 is installed OR kgraft-patch-SLE12-SP1_Update_11-9-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND autofs-5.0.9-21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information e2fsprogs-1.42.11-15 is installed OR libcom_err2-1.42.11-15 is installed OR libcom_err2-32bit-1.42.11-15 is installed OR libext2fs2-1.42.11-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.21 is installed OR apache2-doc-2.4.23-29.21 is installed OR apache2-example-pages-2.4.23-29.21 is installed OR apache2-prefork-2.4.23-29.21 is installed OR apache2-utils-2.4.23-29.21 is installed OR apache2-worker-2.4.23-29.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information grub2-2.02-19.48 is installed OR grub2-arm64-efi-2.02-19.48 is installed OR grub2-i386-pc-2.02-19.48 is installed OR grub2-powerpc-ieee1275-2.02-19.48 is installed OR grub2-s390x-emu-2.02-19.48 is installed OR grub2-snapper-plugin-2.02-19.48 is installed OR grub2-systemd-sleep-plugin-2.02-19.48 is installed OR grub2-x86_64-efi-2.02-19.48 is installed OR grub2-x86_64-xen-2.02-19.48 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND perl-DBI-1.639-3.11 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information MozillaThunderbird-60.6.1-3.28 is installed OR MozillaThunderbird-translations-common-60.6.1-3.28 is installed OR MozillaThunderbird-translations-other-60.6.1-3.28 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-devel-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openstack-ceilometer-7.0.4~a0~dev7-3 is installed OR openstack-ceilometer-agent-central-7.0.4~a0~dev7-3 is installed OR openstack-ceilometer-agent-compute-7.0.4~a0~dev7-3 is installed OR openstack-ceilometer-agent-ipmi-7.0.4~a0~dev7-3 is installed OR openstack-ceilometer-agent-notification-7.0.4~a0~dev7-3 is installed OR openstack-ceilometer-api-7.0.4~a0~dev7-3 is installed OR openstack-ceilometer-collector-7.0.4~a0~dev7-3 is installed OR openstack-ceilometer-doc-7.0.4~a0~dev7-3 is installed OR openstack-ceilometer-polling-7.0.4~a0~dev7-3 is installed OR openstack-cinder-9.1.5~a0~dev1-3 is installed OR openstack-cinder-api-9.1.5~a0~dev1-3 is installed OR openstack-cinder-backup-9.1.5~a0~dev1-3 is installed OR openstack-cinder-doc-9.1.5~a0~dev1-3 is installed OR openstack-cinder-scheduler-9.1.5~a0~dev1-3 is installed OR openstack-cinder-volume-9.1.5~a0~dev1-3 is installed OR openstack-dashboard-10.0.4~a0~dev2-3 is installed OR openstack-glance-13.0.1~a0~dev6-3 is installed OR openstack-glance-api-13.0.1~a0~dev6-3 is installed OR openstack-glance-doc-13.0.1~a0~dev6-3 is installed OR openstack-glance-glare-13.0.1~a0~dev6-3 is installed OR openstack-glance-registry-13.0.1~a0~dev6-3 is installed OR openstack-heat-7.0.4~a0~dev4-4 is installed OR openstack-heat-api-7.0.4~a0~dev4-4 is installed OR openstack-heat-api-cfn-7.0.4~a0~dev4-4 is installed OR openstack-heat-api-cloudwatch-7.0.4~a0~dev4-4 is installed OR openstack-heat-doc-7.0.4~a0~dev4-4 is installed OR openstack-heat-engine-7.0.4~a0~dev4-4 is installed OR openstack-heat-plugin-heat_docker-7.0.4~a0~dev4-4 is installed OR openstack-heat-test-7.0.4~a0~dev4-4 is installed OR openstack-keystone-10.0.2~a0~dev2-6 is installed OR openstack-keystone-doc-10.0.2~a0~dev2-6 is installed OR openstack-magnum-3.1.2~a0~dev22-13 is installed OR openstack-magnum-api-3.1.2~a0~dev22-13 is installed OR openstack-magnum-conductor-3.1.2~a0~dev22-13 is installed OR openstack-magnum-doc-3.1.2~a0~dev22-13 is installed OR openstack-manila-3.0.1~a0~dev27-3 is installed OR openstack-manila-api-3.0.1~a0~dev27-3 is installed OR openstack-manila-data-3.0.1~a0~dev27-3 is installed OR openstack-manila-doc-3.0.1~a0~dev27-3 is installed OR openstack-manila-scheduler-3.0.1~a0~dev27-3 is installed OR openstack-manila-share-3.0.1~a0~dev27-3 is installed OR openstack-nova-14.0.6~a0~dev16-3 is installed OR openstack-nova-api-14.0.6~a0~dev16-3 is installed OR openstack-nova-cells-14.0.6~a0~dev16-3 is installed OR openstack-nova-cert-14.0.6~a0~dev16-3 is installed OR openstack-nova-compute-14.0.6~a0~dev16-3 is installed OR openstack-nova-conductor-14.0.6~a0~dev16-3 is installed OR openstack-nova-console-14.0.6~a0~dev16-3 is installed OR openstack-nova-consoleauth-14.0.6~a0~dev16-3 is installed OR openstack-nova-doc-14.0.6~a0~dev16-3 is installed OR openstack-nova-novncproxy-14.0.6~a0~dev16-3 is installed OR openstack-nova-placement-api-14.0.6~a0~dev16-3 is installed OR openstack-nova-scheduler-14.0.6~a0~dev16-3 is installed OR openstack-nova-serialproxy-14.0.6~a0~dev16-3 is installed OR openstack-nova-vncproxy-14.0.6~a0~dev16-3 is installed OR python-ceilometer-7.0.4~a0~dev7-3 is installed OR python-cinder-9.1.5~a0~dev1-3 is installed OR python-glance-13.0.1~a0~dev6-3 is installed OR python-heat-7.0.4~a0~dev4-4 is installed OR python-horizon-10.0.4~a0~dev2-3 is installed OR python-keystone-10.0.2~a0~dev2-6 is installed OR python-magnum-3.1.2~a0~dev22-13 is installed OR python-manila-3.0.1~a0~dev27-3 is installed OR python-nova-14.0.6~a0~dev16-3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND slf4j-1.7.12-3.3 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed
BACK