OVAL Reference oval:org.opensuse.security:def:52431

Oval Definition:

oval:org.opensuse.security:def:52431

Revision Date:	2020-12-01	Version:	1
Title:	Security update for go1.14 (Important)
Description:	This update for go1.14 fixes the following issues: - go1.14 was updated to version 1.14.7 - CVE-2020-16845: dUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (bsc#1174977). - go1.14.6 (released 2020-07-16) includes fixes to the go command, the compiler, the linker, vet, and the database/sql, encoding/json, net/http, reflect, and testing packages. Refs bsc#1164903 go1.14 release tracking Refs bsc#1174153 bsc#1174191 * go#39991 runtime: missing deferreturn on linux/ppc64le * go#39920 net/http: panic on misformed If-None-Match Header with http.ServeContent * go#39849 cmd/compile: internal compile error when using sync.Pool: mismatched zero/store sizes * go#39824 cmd/go: TestBuildIDContainsArchModeEnv/386 fails on linux/386 in Go 1.14 and 1.13, not 1.15 * go#39698 reflect: panic from malloc after MakeFunc function returns value that is also stored globally * go#39636 reflect: DeepEqual can return true for values that are not equal * go#39585 encoding/json: incorrect object key unmarshaling when using custom TextUnmarshaler as Key with string va lues * go#39562 cmd/compile/internal/ssa: TestNexting/dlv-dbg-hist failing on linux-386-longtest builder because it trie s to use an older version of dlv which only supports linux/amd64 * go#39308 testing: streaming output loses parallel subtest associations * go#39288 cmd/vet: update for new number formats * go#39101 database/sql: context cancellation allows statements to execute after rollback * go#38030 doc: BuildNameToCertificate deprecated in go 1.14 not mentioned in the release notes * go#40212 net/http: Expect 100-continue panics in httputil.ReverseProxy bsc#1174153 CVE-2020-15586 * go#40210 crypto/x509: Certificate.Verify method seemingly ignoring EKU requirements on Windows bsc#1174191 CVE-2020-14039 (Windows only) - Add patch to ensure /etc/hosts is used if /etc/nsswitch.conf is not present bsc#1172868 gh#golang/go#35305
Family:	unix	Class:	patch
Status:		Reference(s):	1137595 1138872 1164903 1169832 1170826 1171862 1172868 1173674 1174153 1174191 1174977 1175992 1176072 1176382 CVE-2008-1227 CVE-2009-0696 CVE-2009-1885 CVE-2009-4022 CVE-2010-2242 CVE-2010-3613 CVE-2010-3614 CVE-2010-3615 CVE-2011-0414 CVE-2011-1146 CVE-2011-1907 CVE-2011-1910 CVE-2011-2054 CVE-2011-2464 CVE-2011-2511 CVE-2011-4313 CVE-2011-4600 CVE-2012-0035 CVE-2012-1667 CVE-2012-3445 CVE-2012-3466 CVE-2012-3817 CVE-2012-3868 CVE-2012-4244 CVE-2012-5166 CVE-2012-5688 CVE-2012-5689 CVE-2013-0170 CVE-2013-1962 CVE-2013-2218 CVE-2013-2230 CVE-2013-2266 CVE-2013-4153 CVE-2013-4154 CVE-2013-4239 CVE-2013-4296 CVE-2013-4297 CVE-2013-4311 CVE-2013-4399 CVE-2013-4400 CVE-2013-4401 CVE-2013-4854 CVE-2013-6436 CVE-2013-6456 CVE-2013-6457 CVE-2013-6458 CVE-2013-6473 CVE-2013-6474 CVE-2013-6475 CVE-2013-6476 CVE-2014-0028 CVE-2014-0179 CVE-2014-0591 CVE-2014-1447 CVE-2014-2707 CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2014-3633 CVE-2014-3657 CVE-2014-4336 CVE-2014-4337 CVE-2014-4338 CVE-2014-7823 CVE-2014-8131 CVE-2014-8500 CVE-2015-0236 CVE-2015-0252 CVE-2015-1349 CVE-2015-2265 CVE-2015-3258 CVE-2015-3279 CVE-2015-4620 CVE-2015-5191 CVE-2015-5247 CVE-2015-5313 CVE-2015-5477 CVE-2015-5722 CVE-2015-7542 CVE-2015-8000 CVE-2015-8704 CVE-2016-0729 CVE-2016-1285 CVE-2016-1286 CVE-2016-2099 CVE-2016-2775 CVE-2016-2776 CVE-2016-2851 CVE-2016-4463 CVE-2016-6170 CVE-2016-8864 CVE-2016-9131 CVE-2016-9147 CVE-2016-9444 CVE-2017-1000256 CVE-2017-2635 CVE-2017-3135 CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 CVE-2017-3142 CVE-2017-3143 CVE-2017-5715 CVE-2018-1064 CVE-2018-3639 CVE-2018-5748 CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 CVE-2019-11707 CVE-2019-11708 CVE-2020-12823 CVE-2020-14039 CVE-2020-14386 CVE-2020-15503 CVE-2020-15586 CVE-2020-16845 CVE-2020-24394 CVE-2020-25212 SUSE-SU-2019:1683-1 SUSE-SU-2020:1930-1 SUSE-SU-2020:2029-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information bzip2-1.0.6-lp150.3 is installed OR libbz2-1-1.0.6-lp150.3 is installed OR libbz2-1-32bit-1.0.6-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libsvn_auth_gnome_keyring-1-0-1.10.6-lp151.4.3 is installed OR libsvn_auth_kwallet-1-0-1.10.6-lp151.4.3 is installed OR subversion-1.10.6-lp151.4.3 is installed OR subversion-bash-completion-1.10.6-lp151.4.3 is installed OR subversion-devel-1.10.6-lp151.4.3 is installed OR subversion-perl-1.10.6-lp151.4.3 is installed OR subversion-python-1.10.6-lp151.4.3 is installed OR subversion-python-ctypes-1.10.6-lp151.4.3 is installed OR subversion-ruby-1.10.6-lp151.4.3 is installed OR subversion-server-1.10.6-lp151.4.3 is installed OR subversion-tools-1.10.6-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.4esr-0.5 is installed OR MozillaFirefox-branding-SLED-7-0.6.9 is installed OR MozillaFirefox-translations-17.0.4esr-0.5 is installed OR beagle-0.3.8-56.51 is installed OR beagle-evolution-0.3.8-56.51 is installed OR beagle-firefox-0.3.8-56.51 is installed OR beagle-gui-0.3.8-56.51 is installed OR beagle-lang-0.3.8-56.51 is installed OR libfreebl3-3.14.2-0.4.3 is installed OR libfreebl3-32bit-3.14.2-0.4.3 is installed OR mhtml-firefox-0.5-1.47.51 is installed OR mozilla-nspr-4.9.5-0.3 is installed OR mozilla-nspr-32bit-4.9.5-0.3 is installed OR mozilla-nss-3.14.2-0.4.3 is installed OR mozilla-nss-32bit-3.14.2-0.4.3 is installed OR mozilla-nss-tools-3.14.2-0.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.5.3esr-0.8 is installed OR MozillaFirefox-translations-31.5.3esr-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information gnome-keyring-3.10.1-4 is installed OR gnome-keyring-32bit-3.10.1-4 is installed OR gnome-keyring-lang-3.10.1-4 is installed OR gnome-keyring-pam-3.10.1-4 is installed OR gnome-keyring-pam-32bit-3.10.1-4 is installed OR libgck-modules-gnome-keyring-3.10.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information cups-filters-1.0.58-8 is installed OR cups-filters-cups-browsed-1.0.58-8 is installed OR cups-filters-foomatic-rip-1.0.58-8 is installed OR cups-filters-ghostscript-1.0.58-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information emacs-24.3-16 is installed OR emacs-info-24.3-16 is installed OR emacs-x11-24.3-16 is installed OR etags-24.3-16 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gwenhywfar-lang-4.9.0beta-3.3 is installed OR gwenhywfar-tools-4.9.0beta-3.3 is installed OR libgwengui-gtk2-0-4.9.0beta-3.3 is installed OR libgwenhywfar60-4.9.0beta-3.3 is installed OR libgwenhywfar60-plugins-4.9.0beta-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information go1.14-1.14.7-1.15 is installed OR go1.14-race-1.14.7-1.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information jakarta-commons-fileupload-1.1.1-120 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-120 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_32-default-7-4 is installed OR kgraft-patch-3_12_69-60_64_32-xen-7-4 is installed OR kgraft-patch-SLE12-SP1_Update_13-7-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information xen-4.7.4_02-43.21 is installed OR xen-doc-html-4.7.4_02-43.21 is installed OR xen-libs-4.7.4_02-43.21 is installed OR xen-libs-32bit-4.7.4_02-43.21 is installed OR xen-tools-4.7.4_02-43.21 is installed OR xen-tools-domU-4.7.4_02-43.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.120 is installed OR kernel-default-base-4.4.121-92.120 is installed OR kernel-default-devel-4.4.121-92.120 is installed OR kernel-devel-4.4.121-92.120 is installed OR kernel-macros-4.4.121-92.120 is installed OR kernel-source-4.4.121-92.120 is installed OR kernel-syms-4.4.121-92.120 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-devel-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND binutils-2.32-9.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.21 is installed OR apache2-doc-2.4.23-29.21 is installed OR apache2-example-pages-2.4.23-29.21 is installed OR apache2-prefork-2.4.23-29.21 is installed OR apache2-utils-2.4.23-29.21 is installed OR apache2-worker-2.4.23-29.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information kbd-2.0.4-8.10 is installed OR kbd-legacy-2.0.4-8.10 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information MozillaThunderbird-60.7.2-3.43 is installed OR MozillaThunderbird-translations-common-60.7.2-3.43 is installed OR MozillaThunderbird-translations-other-60.7.2-3.43 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information openconnect-7.08-6.9 is installed OR openconnect-devel-7.08-6.9 is installed OR openconnect-lang-7.08-6.9 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information libraw-0.18.9-3.11 is installed OR libraw-devel-0.18.9-3.11 is installed OR libraw16-0.18.9-3.11 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-bson-1_11-1.11.1-2 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information glibc-2.22-62.13 is installed OR glibc-32bit-2.22-62.13 is installed OR glibc-devel-2.22-62.13 is installed OR glibc-devel-32bit-2.22-62.13 is installed OR glibc-html-2.22-62.13 is installed OR glibc-i18ndata-2.22-62.13 is installed OR glibc-info-2.22-62.13 is installed OR glibc-locale-2.22-62.13 is installed OR glibc-locale-32bit-2.22-62.13 is installed OR glibc-profile-2.22-62.13 is installed OR glibc-profile-32bit-2.22-62.13 is installed OR nscd-2.22-62.13 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND cobbler-2.6.6-49.9 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmariadb3-3.0.3-3.3 is installed OR mariadb-10.2.15-4.3 is installed OR mariadb-client-10.2.15-4.3 is installed OR mariadb-connector-c-3.0.3-3.3 is installed OR mariadb-errormessages-10.2.15-4.3 is installed OR mariadb-galera-10.2.15-4.3 is installed OR mariadb-tools-10.2.15-4.3 is installed OR xtrabackup-2.4.10-4.3 is installed

BACK