Oval Definition:oval:org.opensuse.security:def:52989
Revision Date:2020-12-01Version:1
Title:Security update for LibVNCServer (Important)
Description:

This update for LibVNCServer fixes the following issues:

Security issues fixed:

- CVE-2018-15126: Fixed use-after-free in file transfer extension (bsc#1120114) - CVE-2018-6307: Fixed use-after-free in file transfer extension server code (bsc#1120115) - CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC client code (bsc#1120116) - CVE-2018-15127: Fixed heap out-of-bounds write in rfbserver.c (bsc#1120117) - CVE-2018-20019: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1120118) - CVE-2018-20023: Fixed information disclosure through improper initialization in VNC Repeater client code (bsc#1120119) - CVE-2018-20022: Fixed information disclosure through improper initialization in VNC client code (bsc#1120120) - CVE-2018-20024: Fixed NULL pointer dereference in VNC client code (bsc#1120121) - CVE-2018-20021: Fixed infinite loop in VNC client code (bsc#1120122)
Family:unixClass:patch
Status:Reference(s):1002998
1008831
1011685
1012754
1120114
1120115
1120116
1120117
1120118
1120119
1120120
1120121
1120122
1172524
915810
930361
930362
960996
962743
974657
CVE-2009-0159
CVE-2009-1252
CVE-2011-4182
CVE-2012-2737
CVE-2013-1986
CVE-2013-2001
CVE-2013-2064
CVE-2013-5211
CVE-2014-0172
CVE-2014-8484
CVE-2014-8485
CVE-2014-8501
CVE-2014-8502
CVE-2014-8503
CVE-2014-8504
CVE-2014-8737
CVE-2014-8738
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
CVE-2014-9296
CVE-2014-9297
CVE-2014-9298
CVE-2014-9447
CVE-2014-9720
CVE-2015-0255
CVE-2015-1798
CVE-2015-1799
CVE-2015-3405
CVE-2015-7575
CVE-2015-7691
CVE-2015-7692
CVE-2015-7701
CVE-2015-7702
CVE-2015-7703
CVE-2015-7704
CVE-2015-7705
CVE-2015-7848
CVE-2015-7849
CVE-2015-7850
CVE-2015-7851
CVE-2015-7852
CVE-2015-7853
CVE-2015-7854
CVE-2015-7855
CVE-2015-7871
CVE-2015-8126
CVE-2016-0402
CVE-2016-0448
CVE-2016-0466
CVE-2016-0475
CVE-2016-0483
CVE-2016-0494
CVE-2016-6153
CVE-2016-7945
CVE-2016-7946
CVE-2016-7947
CVE-2016-7948
CVE-2016-8632
CVE-2016-8655
CVE-2016-9555
CVE-2018-15126
CVE-2018-15127
CVE-2018-20019
CVE-2018-20020
CVE-2018-20021
CVE-2018-20022
CVE-2018-20023
CVE-2018-20024
CVE-2018-6307
CVE-2020-12861
CVE-2020-12862
CVE-2020-12863
CVE-2020-12864
CVE-2020-12865
CVE-2020-12866
CVE-2020-12867
SUSE-SU-2015:0401-1
SUSE-SU-2016:0256-1
SUSE-SU-2016:1195-1
SUSE-SU-2016:3039-1
SUSE-SU-2016:3047-1
SUSE-SU-2019:0080-1
SUSE-SU-2020:3065-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND lftp-4.8.3-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • neovim-0.3.5-lp151.2.3 is installed
  • OR neovim-lang-0.3.5-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libproxy0-0.3.1-2.6 is installed
  • OR libproxy0-32bit-0.3.1-2.6 is installed
  • OR libproxy0-config-gnome-0.3.1-2.6 is installed
  • OR libproxy0-config-gnome-32bit-0.3.1-2.6 is installed
  • OR libproxy0-config-kde4-0.3.1-2.6 is installed
  • OR libproxy0-networkmanager-0.3.1-2.6 is installed
  • OR libproxy0-networkmanager-32bit-0.3.1-2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • bind-libs-9.9.4P2-0.6 is installed
  • OR bind-libs-32bit-9.9.4P2-0.6 is installed
  • OR bind-utils-9.9.4P2-0.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • xorg-x11-server-7.6_1.15.2-21 is installed
  • OR xorg-x11-server-extra-7.6_1.15.2-21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • ntp-4.2.8p4-1 is installed
  • OR ntp-doc-4.2.8p4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • accountsservice-0.6.42-14 is installed
  • OR accountsservice-lang-0.6.42-14 is installed
  • OR libaccountsservice0-0.6.42-14 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND binutils-2.26.1-9.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libXrandr2-1.5.0-6 is installed
  • OR libXrandr2-32bit-1.5.0-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.3 is installed
  • OR libvncserver0-0.9.10-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed
  • AND Package Information
  • sane-backends-1.0.31-6.3 is installed
  • OR sane-backends-32bit-1.0.31-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • avahi-0.6.31-20 is installed
  • OR avahi-lang-0.6.31-20 is installed
  • OR avahi-utils-0.6.31-20 is installed
  • OR libavahi-client3-0.6.31-20 is installed
  • OR libavahi-client3-32bit-0.6.31-20 is installed
  • OR libavahi-common3-0.6.31-20 is installed
  • OR libavahi-common3-32bit-0.6.31-20 is installed
  • OR libavahi-core7-0.6.31-20 is installed
  • OR libdns_sd-0.6.31-20 is installed
  • OR libdns_sd-32bit-0.6.31-20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_118-default-3-2 is installed
  • OR kgraft-patch-3_12_74-60_64_118-xen-3-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_35-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gvim-7.4.326-2 is installed
  • OR vim-7.4.326-2 is installed
  • OR vim-data-7.4.326-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND clamav-0.100.2-33.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kernel-firmware-20170530-21.22 is installed
  • OR ucode-amd-20170530-21.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • fuse-2.9.3-5 is installed
  • OR libfuse2-2.9.3-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_57-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_18-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND shadow-4.2.1-27.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • accountsservice-0.6.42-16.3 is installed
  • OR accountsservice-lang-0.6.42-16.3 is installed
  • OR libaccountsservice0-0.6.42-16.3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-trove-4.0.1~a0~dev2-2 is installed
  • OR openstack-trove-api-4.0.1~a0~dev2-2 is installed
  • OR openstack-trove-conductor-4.0.1~a0~dev2-2 is installed
  • OR openstack-trove-guestagent-4.0.1~a0~dev2-2 is installed
  • OR openstack-trove-taskmanager-4.0.1~a0~dev2-2 is installed
  • OR python-trove-4.0.1~a0~dev2-2 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • bzip2-1.0.6-30.8 is installed
  • OR bzip2-doc-1.0.6-30.8 is installed
  • OR libbz2-1-1.0.6-30.8 is installed
  • OR libbz2-1-32bit-1.0.6-30.8 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-cryptography-2.0.3-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.15 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed
  • OR sqlite3-3.8.10.2-9.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Django1-1.11.20-3.6 is installed
    • BACK