Oval Definition:oval:org.opensuse.security:def:52148
Revision Date:2020-12-01Version:1
Title:Security update for LibVNCServer (Important)
Description:

This update for LibVNCServer fixes the following issues:

- security update - added patches fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock() + LibVNCServer-CVE-2019-20839.patch fix CVE-2019-20840 [bsc#1173876], unaligned accesses in hybiReadAndDecode can lead to denial of service + LibVNCServer-CVE-2019-20840.patch fix CVE-2020-14398 [bsc#1173880], improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c + LibVNCServer-CVE-2020-14398.patch fix CVE-2020-14397 [bsc#1173700], NULL pointer dereference in libvncserver/rfbregion.c + LibVNCServer-CVE-2020-14397.patch fix CVE-2020-14399 [bsc#1173743], Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. + LibVNCServer-CVE-2020-14399.patch fix CVE-2020-14400 [bsc#1173691], Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. + LibVNCServer-CVE-2020-14400.patch fix CVE-2020-14401 [bsc#1173694], potential integer overflows in libvncserver/scale.c + LibVNCServer-CVE-2020-14401.patch fix CVE-2020-14402 [bsc#1173701], out-of-bounds access via encodings. + LibVNCServer-CVE-2020-14402,14403,14404.patch fix CVE-2017-18922 [bsc#1173477], preauth buffer overwrite
Family:unixClass:patch
Status:Reference(s):1084671
1092920
1106383
1133495
1137595
1151377
1154256
1154862
1155207
1155574
1156213
1156482
1158485
1159814
1160571
1161436
1162108
1162689
1162691
1166238
1167373
1168994
1169659
1170313
1173477
1173691
1173694
1173700
1173701
1173743
1173874
1173875
1173876
1173880
1175626
1175656
CVE-2008-0928
CVE-2008-1945
CVE-2008-2382
CVE-2008-4539
CVE-2009-0037
CVE-2009-0688
CVE-2009-2417
CVE-2011-1000
CVE-2012-2738
CVE-2012-3515
CVE-2013-0249
CVE-2013-1431
CVE-2013-1944
CVE-2013-2174
CVE-2013-2492
CVE-2013-4148
CVE-2013-4149
CVE-2013-4150
CVE-2013-4151
CVE-2013-4526
CVE-2013-4527
CVE-2013-4529
CVE-2013-4530
CVE-2013-4531
CVE-2013-4533
CVE-2013-4534
CVE-2013-4535
CVE-2013-4536
CVE-2013-4537
CVE-2013-4538
CVE-2013-4539
CVE-2013-4540
CVE-2013-4541
CVE-2013-4542
CVE-2013-4544
CVE-2013-4545
CVE-2013-6399
CVE-2014-0015
CVE-2014-0138
CVE-2014-0139
CVE-2014-0142
CVE-2014-0143
CVE-2014-0144
CVE-2014-0145
CVE-2014-0146
CVE-2014-0147
CVE-2014-0150
CVE-2014-0182
CVE-2014-0222
CVE-2014-0223
CVE-2014-2653
CVE-2014-3461
CVE-2014-3613
CVE-2014-3620
CVE-2014-3640
CVE-2014-3707
CVE-2014-7840
CVE-2014-8106
CVE-2014-8150
CVE-2014-8767
CVE-2014-8768
CVE-2014-8769
CVE-2014-9140
CVE-2015-0261
CVE-2015-1779
CVE-2015-2153
CVE-2015-2154
CVE-2015-2155
CVE-2015-3138
CVE-2015-3143
CVE-2015-3144
CVE-2015-3145
CVE-2015-3148
CVE-2015-3153
CVE-2015-3209
CVE-2015-3456
CVE-2015-4037
CVE-2015-5154
CVE-2015-5225
CVE-2015-5278
CVE-2015-5279
CVE-2015-5352
CVE-2015-5600
CVE-2015-5745
CVE-2015-6563
CVE-2015-6564
CVE-2015-6815
CVE-2015-6855
CVE-2015-7295
CVE-2015-7512
CVE-2015-7549
CVE-2015-8345
CVE-2015-8504
CVE-2015-8558
CVE-2015-8567
CVE-2015-8568
CVE-2015-8613
CVE-2015-8619
CVE-2015-8743
CVE-2015-8744
CVE-2015-8745
CVE-2016-10028
CVE-2016-10155
CVE-2016-1568
CVE-2016-1714
CVE-2016-1922
CVE-2016-1981
CVE-2016-2198
CVE-2016-3710
CVE-2016-3712
CVE-2016-4002
CVE-2016-4020
CVE-2016-4439
CVE-2016-4441
CVE-2016-4453
CVE-2016-4454
CVE-2016-4952
CVE-2016-4964
CVE-2016-5105
CVE-2016-5106
CVE-2016-5107
CVE-2016-5126
CVE-2016-5238
CVE-2016-5337
CVE-2016-5338
CVE-2016-5403
CVE-2016-6351
CVE-2016-6490
CVE-2016-6833
CVE-2016-6836
CVE-2016-6888
CVE-2016-7116
CVE-2016-7155
CVE-2016-7156
CVE-2016-7157
CVE-2016-7161
CVE-2016-7170
CVE-2016-7421
CVE-2016-7422
CVE-2016-7423
CVE-2016-7466
CVE-2016-7907
CVE-2016-7908
CVE-2016-7909
CVE-2016-7922
CVE-2016-7923
CVE-2016-7924
CVE-2016-7925
CVE-2016-7926
CVE-2016-7927
CVE-2016-7928
CVE-2016-7929
CVE-2016-7930
CVE-2016-7931
CVE-2016-7932
CVE-2016-7933
CVE-2016-7934
CVE-2016-7935
CVE-2016-7936
CVE-2016-7937
CVE-2016-7938
CVE-2016-7939
CVE-2016-7940
CVE-2016-7973
CVE-2016-7974
CVE-2016-7975
CVE-2016-7983
CVE-2016-7984
CVE-2016-7985
CVE-2016-7986
CVE-2016-7992
CVE-2016-7993
CVE-2016-7994
CVE-2016-7995
CVE-2016-8574
CVE-2016-8575
CVE-2016-8576
CVE-2016-8577
CVE-2016-8578
CVE-2016-8667
CVE-2016-8668
CVE-2016-8669
CVE-2016-8909
CVE-2016-8910
CVE-2016-9101
CVE-2016-9102
CVE-2016-9103
CVE-2016-9104
CVE-2016-9105
CVE-2016-9106
CVE-2016-9381
CVE-2016-9602
CVE-2016-9776
CVE-2016-9845
CVE-2016-9846
CVE-2016-9907
CVE-2016-9908
CVE-2016-9911
CVE-2016-9912
CVE-2016-9913
CVE-2016-9921
CVE-2016-9922
CVE-2016-9923
CVE-2017-18922
CVE-2017-2615
CVE-2017-2620
CVE-2017-2630
CVE-2017-2633
CVE-2017-5202
CVE-2017-5203
CVE-2017-5204
CVE-2017-5205
CVE-2017-5341
CVE-2017-5342
CVE-2017-5482
CVE-2017-5483
CVE-2017-5484
CVE-2017-5485
CVE-2017-5486
CVE-2017-5525
CVE-2017-5526
CVE-2017-5552
CVE-2017-5578
CVE-2017-5579
CVE-2017-5667
CVE-2017-5856
CVE-2017-5857
CVE-2017-5898
CVE-2017-5931
CVE-2017-5973
CVE-2017-5987
CVE-2017-6058
CVE-2017-6369
CVE-2017-6505
CVE-2017-7471
CVE-2017-7493
CVE-2017-8112
CVE-2017-8309
CVE-2017-8379
CVE-2017-8380
CVE-2017-9503
CVE-2017-9524
CVE-2018-21247
CVE-2019-11703
CVE-2019-11704
CVE-2019-11705
CVE-2019-11706
CVE-2019-12519
CVE-2019-12521
CVE-2019-12528
CVE-2019-17498
CVE-2019-18860
CVE-2019-20386
CVE-2019-20503
CVE-2019-20839
CVE-2019-20840
CVE-2019-5188
CVE-2020-10713
CVE-2020-11945
CVE-2020-14397
CVE-2020-14398
CVE-2020-14399
CVE-2020-14400
CVE-2020-14401
CVE-2020-14402
CVE-2020-1712
CVE-2020-6805
CVE-2020-6806
CVE-2020-6807
CVE-2020-6811
CVE-2020-6812
CVE-2020-6814
CVE-2020-8517
SUSE-SU-2019:1495-1
SUSE-SU-2019:2900-2
SUSE-SU-2020:0265-1
SUSE-SU-2020:0335-1
SUSE-SU-2020:0721-1
SUSE-SU-2020:1156-1
SUSE-SU-2020:2626-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libsnmp30-5.7.3-lp150.5 is installed
  • OR net-snmp-5.7.3-lp150.5 is installed
  • OR perl-SNMP-5.7.3-lp150.5 is installed
  • OR snmp-mibs-5.7.3-lp150.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libmysql55client18-5.5.45-0.11 is installed
  • OR libmysql55client18-32bit-5.5.45-0.11 is installed
  • OR libmysql55client_r18-5.5.45-0.11 is installed
  • OR libmysql55client_r18-32bit-5.5.45-0.11 is installed
  • OR mysql-5.5.45-0.11 is installed
  • OR mysql-client-5.5.45-0.11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • icu-52.1-7 is installed
  • OR libicu52_1-52.1-7 is installed
  • OR libicu52_1-32bit-52.1-7 is installed
  • OR libicu52_1-data-52.1-7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • curl-7.37.0-15 is installed
  • OR libcurl4-7.37.0-15 is installed
  • OR libcurl4-32bit-7.37.0-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • cyrus-sasl-2.1.26-7 is installed
  • OR cyrus-sasl-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-crammd5-2.1.26-7 is installed
  • OR cyrus-sasl-crammd5-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-digestmd5-2.1.26-7 is installed
  • OR cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-gssapi-2.1.26-7 is installed
  • OR cyrus-sasl-gssapi-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-plain-2.1.26-7 is installed
  • OR cyrus-sasl-plain-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-saslauthd-2.1.26-7 is installed
  • OR libsasl2-3-2.1.26-7 is installed
  • OR libsasl2-3-32bit-2.1.26-7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND libfbembed2_5-2.5.2.26539-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libXdmcp6-1.1.1-12 is installed
  • OR libXdmcp6-32bit-1.1.1-12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.22 is installed
  • OR LibVNCServer-devel-0.9.10-4.22 is installed
  • OR libvncserver0-0.9.10-4.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cups-1.7.5-9 is installed
  • OR cups-client-1.7.5-9 is installed
  • OR cups-libs-1.7.5-9 is installed
  • OR cups-libs-32bit-1.7.5-9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.51 is installed
  • OR kernel-default-base-3.12.74-60.64.51 is installed
  • OR kernel-default-devel-3.12.74-60.64.51 is installed
  • OR kernel-default-man-3.12.74-60.64.51 is installed
  • OR kernel-devel-3.12.74-60.64.51 is installed
  • OR kernel-macros-3.12.74-60.64.51 is installed
  • OR kernel-source-3.12.74-60.64.51 is installed
  • OR kernel-syms-3.12.74-60.64.51 is installed
  • OR kernel-xen-3.12.74-60.64.51 is installed
  • OR kernel-xen-base-3.12.74-60.64.51 is installed
  • OR kernel-xen-devel-3.12.74-60.64.51 is installed
  • OR kgraft-patch-3_12_74-60_64_51-default-1-2 is installed
  • OR kgraft-patch-3_12_74-60_64_51-xen-1-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_18-1-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND dnsmasq-2.71-10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ghostscript-9.26-23.16 is installed
  • OR ghostscript-x11-9.26-23.16 is installed
  • OR libspectre-0.2.7-12.4 is installed
  • OR libspectre1-0.2.7-12.4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-8-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND coolkey-1.1.0-147 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libvirt-3.3.0-5.40 is installed
  • OR libvirt-admin-3.3.0-5.40 is installed
  • OR libvirt-client-3.3.0-5.40 is installed
  • OR libvirt-daemon-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-hooks-3.3.0-5.40 is installed
  • OR libvirt-daemon-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-xen-3.3.0-5.40 is installed
  • OR libvirt-doc-3.3.0-5.40 is installed
  • OR libvirt-libs-3.3.0-5.40 is installed
  • OR libvirt-lock-sanlock-3.3.0-5.40 is installed
  • OR libvirt-nss-3.3.0-5.40 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libsolv-0.6.36-2.27.19 is installed
  • OR libsolv-tools-0.6.36-2.27.19 is installed
  • OR libzypp-16.20.2-27.60 is installed
  • OR perl-solv-0.6.36-2.27.19 is installed
  • OR python-solv-0.6.36-2.27.19 is installed
  • OR zypper-1.13.54-18.40 is installed
  • OR zypper-log-1.13.54-18.40 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND unzip-6.00-33.8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_perl-2.0.8-11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • libssh2-1-1.8.0-4.10 is installed
  • OR libssh2-1-32bit-1.8.0-4.10 is installed
  • OR libssh2-devel-1.8.0-4.10 is installed
  • OR libssh2_org-1.8.0-4.10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND squid-4.11-5.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.0-3.36 is installed
  • OR MozillaThunderbird-translations-common-60.7.0-3.36 is installed
  • OR MozillaThunderbird-translations-other-60.7.0-3.36 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-68.6.0-3.74 is installed
  • OR MozillaThunderbird-translations-common-68.6.0-3.74 is installed
  • OR MozillaThunderbird-translations-other-68.6.0-3.74 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.51 is installed
  • OR kernel-default-base-3.12.74-60.64.51 is installed
  • OR kernel-default-devel-3.12.74-60.64.51 is installed
  • OR kernel-devel-3.12.74-60.64.51 is installed
  • OR kernel-macros-3.12.74-60.64.51 is installed
  • OR kernel-source-3.12.74-60.64.51 is installed
  • OR kernel-syms-3.12.74-60.64.51 is installed
  • OR kernel-xen-3.12.74-60.64.51 is installed
  • OR kernel-xen-base-3.12.74-60.64.51 is installed
  • OR kernel-xen-devel-3.12.74-60.64.51 is installed
  • OR kgraft-patch-3_12_74-60_64_51-default-1-2 is installed
  • OR kgraft-patch-3_12_74-60_64_51-xen-1-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_18-1-2 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • python-amqp-1.4.9-3.3 is installed
  • OR python-oslo.messaging-5.10.2-3.9 is installed
  • OR python-ovs-2.5.0-3.3 is installed
  • OR python-paramiko-2.0.9-3.6 is installed
  • OR python-psql2mysql-0.5.0+git.1539592188.13e5d0f-1.9 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libsolv-0.6.36-2.16 is installed
  • OR libsolv-tools-0.6.36-2.16 is installed
  • OR libzypp-16.20.0-2.39 is installed
  • OR perl-solv-0.6.36-2.16 is installed
  • OR python-solv-0.6.36-2.16 is installed
  • OR zypper-1.13.51-21.26 is installed
  • OR zypper-log-1.13.51-21.26 is installed
  • BACK