OVAL Reference oval:org.opensuse.security:def:52600

Oval Definition:

oval:org.opensuse.security:def:52600

Revision Date:	2020-12-01	Version:	1
Title:	Security update for openldap2 (Moderate)
Description:	This update for openldap2 fixes the following issues: Security issue fixed: - CVE-2019-13565: Fixed an authentication bypass when using SASL authentication and session encryption (bsc#1143194). - CVE-2019-13057: Fixed an issue with delegated database admin privileges (bsc#1143273). - CVE-2017-17740: When both the nops module and the member of overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. (bsc#1073313) Non-security issues fixed: - Fixed broken shebang line in openldap_update_modules_path.sh (bsc#1114845). - Create files in /var/lib/ldap/ during initial start to allow for transactional updates (bsc#1111388) - Fixed incorrect post script call causing tmpfiles creation not to be run (bsc#1111388).
Family:	unix	Class:	patch
Status:		Reference(s):	1073313 1106191 1111388 1114845 1143194 1143273 897890 900941 901223 908009 914041 922033 CVE-2006-7250 CVE-2008-5077 CVE-2008-5984 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-1886 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 CVE-2010-0547 CVE-2010-0728 CVE-2010-0740 CVE-2010-0742 CVE-2010-0787 CVE-2010-1633 CVE-2010-2939 CVE-2010-3864 CVE-2010-4341 CVE-2010-5298 CVE-2011-0014 CVE-2011-0421 CVE-2011-1758 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050 CVE-2012-0884 CVE-2012-1162 CVE-2012-1163 CVE-2012-1165 CVE-2012-1586 CVE-2012-2110 CVE-2012-2396 CVE-2012-2686 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-0219 CVE-2013-0220 CVE-2013-0287 CVE-2013-4143 CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 CVE-2014-0076 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-1568 CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 CVE-2014-1585 CVE-2014-1586 CVE-2014-1587 CVE-2014-1588 CVE-2014-1590 CVE-2014-1592 CVE-2014-1593 CVE-2014-1594 CVE-2014-1595 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-5139 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2014-8104 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-0295 CVE-2015-0332 CVE-2015-0333 CVE-2015-0334 CVE-2015-0335 CVE-2015-0336 CVE-2015-0337 CVE-2015-0338 CVE-2015-0339 CVE-2015-0340 CVE-2015-0341 CVE-2015-0342 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0848 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2015-2331 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2015-3216 CVE-2015-4000 CVE-2015-4588 CVE-2015-4695 CVE-2015-4696 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7052 CVE-2016-7055 CVE-2017-17740 CVE-2017-3731 CVE-2017-3732 CVE-2017-5838 CVE-2018-10938 CVE-2019-13057 CVE-2019-13565 SUSE-SU-2015:0491-1 SUSE-SU-2015:0503-1 SUSE-SU-2018:2964-1 SUSE-SU-2019:2395-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information bzip2-1.0.6-lp150.3 is installed OR libbz2-1-1.0.6-lp150.3 is installed OR libbz2-1-32bit-1.0.6-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.36 is installed OR kernel-debug-base-4.12.14-lp151.28.36 is installed OR kernel-debug-devel-4.12.14-lp151.28.36 is installed OR kernel-default-4.12.14-lp151.28.36 is installed OR kernel-default-base-4.12.14-lp151.28.36 is installed OR kernel-default-devel-4.12.14-lp151.28.36 is installed OR kernel-devel-4.12.14-lp151.28.36 is installed OR kernel-docs-4.12.14-lp151.28.36 is installed OR kernel-docs-html-4.12.14-lp151.28.36 is installed OR kernel-kvmsmall-4.12.14-lp151.28.36 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.36 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.36 is installed OR kernel-macros-4.12.14-lp151.28.36 is installed OR kernel-obs-build-4.12.14-lp151.28.36 is installed OR kernel-obs-qa-4.12.14-lp151.28.36 is installed OR kernel-source-4.12.14-lp151.28.36 is installed OR kernel-source-vanilla-4.12.14-lp151.28.36 is installed OR kernel-syms-4.12.14-lp151.28.36 is installed OR kernel-vanilla-4.12.14-lp151.28.36 is installed OR kernel-vanilla-base-4.12.14-lp151.28.36 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.36 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xorg-x11-libXv-7.4-1.16 is installed OR xorg-x11-libXv-32bit-7.4-1.16 is installed OR xorg-x11-libXv-devel-7.4-1.16 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information kde4-kgreeter-plugins-4.3.5-0.12.18 is installed OR kdebase4-wallpapers-4.3.5-0.11.18 is installed OR kdebase4-workspace-4.3.5-0.12.18 is installed OR kdebase4-workspace-ksysguardd-4.3.5-0.12.18 is installed OR kdm-4.3.5-0.12.18 is installed OR kwin-4.3.5-0.12.18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.521-0.17 is installed OR flash-player-gnome-11.2.202.521-0.17 is installed OR flash-player-kde4-11.2.202.521-0.17 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information dia-0.97.2-13 is installed OR dia-lang-0.97.2-13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libQt5Core5-5.3.2-1 is installed OR libQt5DBus5-5.3.2-1 is installed OR libQt5Gui5-5.3.2-1 is installed OR libQt5Widgets5-5.3.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND libzip2-0.11.1-12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gstreamer-1.8.3-9 is installed OR gstreamer-lang-1.8.3-9 is installed OR gstreamer-utils-1.8.3-9 is installed OR libgstreamer-1_0-0-1.8.3-9 is installed OR libgstreamer-1_0-0-32bit-1.8.3-9 is installed OR typelib-1_0-Gst-1_0-1.8.3-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND cifs-utils-6.5-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information openldap2-2.4.46-9.19 is installed OR openldap2-back-meta-2.4.46-9.19 is installed OR openldap2-back-perl-2.4.46-9.19 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_16-default-2-2 is installed OR kernel-livepatch-SLE15_Update_4-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND syslog-service-2.0-778 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed OR MozillaFirefox-translations-52.8.1esr-109.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND kbd-1.15.5-8.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information qemu-2.6.2-41.43 is installed OR qemu-block-curl-2.6.2-41.43 is installed OR qemu-block-rbd-2.6.2-41.43 is installed OR qemu-block-ssh-2.6.2-41.43 is installed OR qemu-guest-agent-2.6.2-41.43 is installed OR qemu-ipxe-1.0.0-41.43 is installed OR qemu-kvm-2.6.2-41.43 is installed OR qemu-lang-2.6.2-41.43 is installed OR qemu-seabios-1.9.1-41.43 is installed OR qemu-sgabios-8-41.43 is installed OR qemu-tools-2.6.2-41.43 is installed OR qemu-vgabios-1.9.1-41.43 is installed OR qemu-x86-2.6.2-41.43 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information perl-5.18.2-12.14 is installed OR perl-32bit-5.18.2-12.14 is installed OR perl-base-5.18.2-12.14 is installed OR perl-doc-5.18.2-12.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND clamav-0.99.2-32 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND permissions-2015.09.28.1626-17.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND mailman-2.1.17-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libblkid1-2.29.2-3.12 is installed OR libblkid1-32bit-2.29.2-3.12 is installed OR libfdisk1-2.29.2-3.12 is installed OR libmount1-2.29.2-3.12 is installed OR libmount1-32bit-2.29.2-3.12 is installed OR libsmartcols1-2.29.2-3.12 is installed OR libuuid1-2.29.2-3.12 is installed OR libuuid1-32bit-2.29.2-3.12 is installed OR python-libmount-2.29.2-3.12 is installed OR util-linux-2.29.2-3.12 is installed OR util-linux-lang-2.29.2-3.12 is installed OR util-linux-systemd-2.29.2-3.12 is installed OR uuidd-2.29.2-3.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND busybox-1.21.1-3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information qemu-2.6.2-41.55 is installed OR qemu-block-curl-2.6.2-41.55 is installed OR qemu-block-rbd-2.6.2-41.55 is installed OR qemu-block-ssh-2.6.2-41.55 is installed OR qemu-guest-agent-2.6.2-41.55 is installed OR qemu-ipxe-1.0.0-41.55 is installed OR qemu-kvm-2.6.2-41.55 is installed OR qemu-lang-2.6.2-41.55 is installed OR qemu-s390-2.6.2-41.55 is installed OR qemu-seabios-1.9.1-41.55 is installed OR qemu-sgabios-8-41.55 is installed OR qemu-tools-2.6.2-41.55 is installed OR qemu-vgabios-1.9.1-41.55 is installed OR qemu-x86-2.6.2-41.55 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND squid-3.5.21-26.17 is installed

BACK