OVAL Reference oval:org.opensuse.security:def:5254

Oval Definition:

oval:org.opensuse.security:def:5254

Revision Date:	2022-01-25	Version:	1
Title:	Security update for expat (Important)
Description:	This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior (bsc#1194251). - CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog (bsc#1194362). - CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse.c (bsc#1194474). - CVE-2022-22823: Fixed integer overflow in build_model in xmlparse.c (bsc#1194476). - CVE-2022-22824: Fixed integer overflow in defineAttribute in xmlparse.c (bsc#1194477). - CVE-2022-22825: Fixed integer overflow in lookup in xmlparse.c (bsc#1194478). - CVE-2022-22826: Fixed integer overflow in nextScaffoldPart in xmlparse.c (bsc#1194479). - CVE-2022-22827: Fixed integer overflow in storeAtts in xmlparse.c (bsc#1194480).
Family:	unix	Class:	patch
Status:		Reference(s):	1167631 1177950 1178591 1194251 1194362 1194474 1194476 1194477 1194478 1194479 1194480 CVE-2007-6720 CVE-2008-1686 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2009-0163 CVE-2009-0179 CVE-2009-2820 CVE-2009-3553 CVE-2009-3995 CVE-2009-3996 CVE-2010-0393 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2522 CVE-2010-2523 CVE-2010-2546 CVE-2010-2761 CVE-2010-2941 CVE-2010-4410 CVE-2010-4411 CVE-2010-4494 CVE-2010-4777 CVE-2011-1097 CVE-2011-1898 CVE-2011-1944 CVE-2011-2483 CVE-2011-3177 CVE-2011-3848 CVE-2011-3872 CVE-2012-0029 CVE-2012-0217 CVE-2012-2625 CVE-2012-3355 CVE-2012-3432 CVE-2012-3433 CVE-2012-3864 CVE-2012-3865 CVE-2012-3866 CVE-2012-3867 CVE-2012-4411 CVE-2012-4535 CVE-2012-4536 CVE-2012-4537 CVE-2012-4538 CVE-2012-4539 CVE-2012-4544 CVE-2012-5134 CVE-2012-5510 CVE-2012-5511 CVE-2012-5513 CVE-2012-5514 CVE-2012-5515 CVE-2012-5519 CVE-2012-5525 CVE-2012-5634 CVE-2012-6075 CVE-2012-6094 CVE-2013-0151 CVE-2013-0152 CVE-2013-0153 CVE-2013-0338 CVE-2013-1442 CVE-2013-1917 CVE-2013-1918 CVE-2013-1919 CVE-2013-1922 CVE-2013-1952 CVE-2013-1969 CVE-2013-2007 CVE-2013-2063 CVE-2013-3495 CVE-2013-3567 CVE-2013-4242 CVE-2013-4355 CVE-2013-4356 CVE-2013-4361 CVE-2013-4375 CVE-2013-4416 CVE-2013-4494 CVE-2013-4540 CVE-2013-4551 CVE-2013-4553 CVE-2013-4554 CVE-2013-4761 CVE-2013-4956 CVE-2014-0191 CVE-2014-0222 CVE-2014-2855 CVE-2014-2856 CVE-2014-3124 CVE-2014-3248 CVE-2014-3253 CVE-2014-3537 CVE-2014-3591 CVE-2014-3615 CVE-2014-3660 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 CVE-2014-5146 CVE-2014-5149 CVE-2014-6268 CVE-2014-7154 CVE-2014-7155 CVE-2014-7156 CVE-2014-7188 CVE-2014-8594 CVE-2014-8595 CVE-2014-8866 CVE-2014-8867 CVE-2014-9030 CVE-2014-9065 CVE-2014-9066 CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2014-9679 CVE-2015-0361 CVE-2015-0837 CVE-2015-1158 CVE-2015-1159 CVE-2015-2044 CVE-2015-2045 CVE-2015-2151 CVE-2015-2152 CVE-2015-2751 CVE-2015-2752 CVE-2015-2756 CVE-2015-3259 CVE-2015-3340 CVE-2015-3456 CVE-2015-4037 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106 CVE-2015-5154 CVE-2015-5239 CVE-2015-5307 CVE-2015-6749 CVE-2015-6815 CVE-2015-7311 CVE-2015-7835 CVE-2015-7969 CVE-2015-7970 CVE-2015-7971 CVE-2015-7972 CVE-2020-1752 CVE-2020-28368 CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 SUSE-SU-2020:0820-1 SUSE-SU-2020:3416-1 SUSE-SU-2022:0179-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Real Time Extension 12 SP4 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information dnsmasq-2.71-4.1 is installed OR dnsmasq-utils-2.71-4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.8.0esr-0.10.1 is installed OR MozillaFirefox-translations-31.8.0esr-0.10.1 is installed OR libfreebl3-3.19.2_CKBI_1.98-0.10.1 is installed OR libfreebl3-32bit-3.19.2_CKBI_1.98-0.10.1 is installed OR libsoftokn3-3.19.2_CKBI_1.98-0.10.1 is installed OR libsoftokn3-32bit-3.19.2_CKBI_1.98-0.10.1 is installed OR mozilla-nspr-4.10.8-0.5.1 is installed OR mozilla-nspr-32bit-4.10.8-0.5.1 is installed OR mozilla-nss-3.19.2_CKBI_1.98-0.10.1 is installed OR mozilla-nss-32bit-3.19.2_CKBI_1.98-0.10.1 is installed OR mozilla-nss-tools-3.19.2_CKBI_1.98-0.10.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libldap-2_4-2-2.4.26-0.62.2 is installed OR libldap-2_4-2-32bit-2.4.26-0.62.2 is installed OR openldap2-client-2.4.26-0.62.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND mipv6d-2.0.2.umip.0.4-19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information cups-1.7.5-9 is installed OR cups-client-1.7.5-9 is installed OR cups-libs-1.7.5-9 is installed OR cups-libs-32bit-1.7.5-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND clamav-0.100.2-33.18 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND python-PyYAML-3.10-17 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information cluster-md-kmp-default-4.12.14-120 is installed OR dlm-kmp-default-4.12.14-120 is installed OR gfs2-kmp-default-4.12.14-120 is installed OR ocfs2-kmp-default-4.12.14-120 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information PackageKit-1.1.3-24.9 is installed OR PackageKit-backend-zypp-1.1.3-24.9 is installed OR PackageKit-lang-1.1.3-24.9 is installed OR libpackagekit-glib2-18-1.1.3-24.9 is installed OR typelib-1_0-PackageKitGlib-1_0-1.1.3-24.9 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND xen-4.10.4_20-3.47 is installed OR xen-devel-4.10.4_20-3.47 is installed OR xen-libs-4.10.4_20-3.47 is installed OR xen-tools-4.10.4_20-3.47 is installed OR xen-tools-domU-4.10.4_20-3.47 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND xen-4.10.4_20-3.47 is installed OR xen-devel-4.10.4_20-3.47 is installed OR xen-libs-4.10.4_20-3.47 is installed OR xen-tools-4.10.4_20-3.47 is installed OR xen-tools-domU-4.10.4_20-3.47 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_51-60_20-default-3-2 is installed OR kgraft-patch-3_12_51-60_20-xen-3-2 is installed OR kgraft-patch-SLE12-SP1_Update_1-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_3-default-1-2.1 is installed OR kgraft-patch-SLE12-SP3_Update_1-1-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND facter-2.0.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND Package Information sles12-docker-image-1.1.2-20160727 is installed OR sles12sp1-docker-image-1.0.5-20160727 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.15-27.1 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.15-27.1 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.15-27.1 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.15-27.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.39-47.1 is installed OR kernel-ec2-devel-3.12.39-47.1 is installed OR kernel-ec2-extra-3.12.39-47.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-30.1 is installed OR php5-5.5.14-30.1 is installed OR php5-bcmath-5.5.14-30.1 is installed OR php5-bz2-5.5.14-30.1 is installed OR php5-calendar-5.5.14-30.1 is installed OR php5-ctype-5.5.14-30.1 is installed OR php5-curl-5.5.14-30.1 is installed OR php5-dba-5.5.14-30.1 is installed OR php5-dom-5.5.14-30.1 is installed OR php5-enchant-5.5.14-30.1 is installed OR php5-exif-5.5.14-30.1 is installed OR php5-fastcgi-5.5.14-30.1 is installed OR php5-fileinfo-5.5.14-30.1 is installed OR php5-fpm-5.5.14-30.1 is installed OR php5-ftp-5.5.14-30.1 is installed OR php5-gd-5.5.14-30.1 is installed OR php5-gettext-5.5.14-30.1 is installed OR php5-gmp-5.5.14-30.1 is installed OR php5-iconv-5.5.14-30.1 is installed OR php5-intl-5.5.14-30.1 is installed OR php5-json-5.5.14-30.1 is installed OR php5-ldap-5.5.14-30.1 is installed OR php5-mbstring-5.5.14-30.1 is installed OR php5-mcrypt-5.5.14-30.1 is installed OR php5-mysql-5.5.14-30.1 is installed OR php5-odbc-5.5.14-30.1 is installed OR php5-openssl-5.5.14-30.1 is installed OR php5-pcntl-5.5.14-30.1 is installed OR php5-pdo-5.5.14-30.1 is installed OR php5-pear-5.5.14-30.1 is installed OR php5-pgsql-5.5.14-30.1 is installed OR php5-pspell-5.5.14-30.1 is installed OR php5-shmop-5.5.14-30.1 is installed OR php5-snmp-5.5.14-30.1 is installed OR php5-soap-5.5.14-30.1 is installed OR php5-sockets-5.5.14-30.1 is installed OR php5-sqlite-5.5.14-30.1 is installed OR php5-suhosin-5.5.14-30.1 is installed OR php5-sysvmsg-5.5.14-30.1 is installed OR php5-sysvsem-5.5.14-30.1 is installed OR php5-sysvshm-5.5.14-30.1 is installed OR php5-tokenizer-5.5.14-30.1 is installed OR php5-wddx-5.5.14-30.1 is installed OR php5-xmlreader-5.5.14-30.1 is installed OR php5-xmlrpc-5.5.14-30.1 is installed OR php5-xmlwriter-5.5.14-30.1 is installed OR php5-xsl-5.5.14-30.1 is installed OR php5-zip-5.5.14-30.1 is installed OR php5-zlib-5.5.14-30.1 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.61-60.18.1 is installed OR kernel-compute-base-3.12.61-60.18.1 is installed OR kernel-compute-devel-3.12.61-60.18.1 is installed OR kernel-compute_debug-3.12.61-60.18.1 is installed OR kernel-compute_debug-devel-3.12.61-60.18.1 is installed OR kernel-devel-rt-3.12.61-60.18.1 is installed OR kernel-rt-3.12.61-60.18.1 is installed OR kernel-rt-base-3.12.61-60.18.1 is installed OR kernel-rt-devel-3.12.61-60.18.1 is installed OR kernel-rt_debug-3.12.61-60.18.1 is installed OR kernel-rt_debug-devel-3.12.61-60.18.1 is installed OR kernel-source-rt-3.12.61-60.18.1 is installed OR kernel-syms-rt-3.12.61-60.18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP4 is installed AND Package Information cluster-md-kmp-rt-4.12.14-8.6 is installed OR dlm-kmp-rt-4.12.14-8.6 is installed OR gfs2-kmp-rt-4.12.14-8.6 is installed OR kernel-devel-rt-4.12.14-8.6 is installed OR kernel-rt-4.12.14-8.6 is installed OR kernel-rt-base-4.12.14-8.6 is installed OR kernel-rt-devel-4.12.14-8.6 is installed OR kernel-rt_debug-4.12.14-8.6 is installed OR kernel-rt_debug-devel-4.12.14-8.6 is installed OR kernel-source-rt-4.12.14-8.6 is installed OR kernel-syms-rt-4.12.14-8.6 is installed OR ocfs2-kmp-rt-4.12.14-8.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information PackageKit-0.3.14-2.23.126 is installed OR PackageKit-lang-0.3.14-2.23.126 is installed OR hal-0.5.12-23.58.22 is installed OR hal-32bit-0.5.12-23.58.22 is installed OR hal-doc-0.5.12-23.58.21 is installed OR hal-x86-0.5.12-23.58.22 is installed OR libpackagekit-glib10-0.3.14-2.23.126 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND jakarta-commons-httpclient3-3.0.1-253.36.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND apache2-mod_nss-1.0.8-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND w3m-0.5.3.git20161120-160.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND busybox-1.21.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND ant-1.9.4-3.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND libexpat-devel-2.1.0-21.12.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_49-default-5-2.1 is installed OR kgraft-patch-3_12_60-52_49-xen-5-2.1 is installed OR kgraft-patch-SLE12_Update_14-5-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information libvorbis-1.3.3-10.6 is installed OR libvorbis-doc-1.3.3-10.6 is installed OR libvorbis0-1.3.3-10.6 is installed OR libvorbisenc2-1.3.3-10.6 is installed OR libvorbisfile3-1.3.3-10.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 is installed AND Package Information kgraft-patch-3_12_55-52_45-default-2-2 is installed OR kgraft-patch-3_12_55-52_45-xen-2-2 is installed OR kgraft-patch-SLE12_Update_13-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND a2ps-devel-4.13-1326.37.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND libsndfile-devel-1.0.25-25 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR ImageMagick-devel-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagick++-devel-6.8.8.1-70 is installed OR perl-PerlMagick-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information FastCGI-2.4.0-168 is installed OR FastCGI-devel-2.4.0-168 is installed OR perl-FastCGI-2.4.0-168 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information libuuid-devel-2.25-10.1 is installed OR util-linux-2.25-10.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information freerdp-1.0.2-9.1 is installed OR libfreerdp-1_0-1.0.2-9.1 is installed OR libfreerdp-1_0-plugins-1.0.2-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information gd-2.1.0-20.1 is installed OR gd-32bit-2.1.0-20.1 is installed

BACK