Oval Definition:	oval:org.opensuse.security:def:52995
Revision Date: 2020-12-01 Version: 1 Title: Security update for python-SQLAlchemy (Important) Description: This update for python-SQLAlchemy fixes the following issues: Security issues fixed: - CVE-2019-7164: Fixed SQL Injection via the order_by parameter (bsc#1124593). - CVE-2019-7548: Fixed SQL Injection via the group_by parameter (bsc#1124593). Family: unix Class: patch Status: Reference(s): 1000396 1001299 1001759 1002982 1015379 1094420 1124593 898812 898884 916847 916856 916857 916858 916859 916860 916861 916862 916863 916864 916865 916867 916868 916870 916871 916872 916873 916874 916879 916881 957531 CVE-2007-6746 CVE-2009-0758 CVE-2009-1886 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 CVE-2010-0547 CVE-2010-0728 CVE-2010-0787 CVE-2010-0926 CVE-2010-1635 CVE-2010-1642 CVE-2010-2063 CVE-2010-2244 CVE-2010-3069 CVE-2010-3430 CVE-2010-3431 CVE-2010-3853 CVE-2011-0719 CVE-2011-1002 CVE-2011-1098 CVE-2011-1154 CVE-2011-1155 CVE-2011-2522 CVE-2011-2694 CVE-2011-3148 CVE-2011-3149 CVE-2011-4349 CVE-2012-0817 CVE-2012-0870 CVE-2012-1182 CVE-2012-2111 CVE-2012-2396 CVE-2012-6150 CVE-2013-0172 CVE-2013-0213 CVE-2013-0214 CVE-2013-0454 CVE-2013-1863 CVE-2013-4124 CVE-2013-4408 CVE-2013-4475 CVE-2013-4476 CVE-2013-4496 CVE-2013-6442 CVE-2014-0011 CVE-2014-0178 CVE-2014-0239 CVE-2014-0244 CVE-2014-2240 CVE-2014-2583 CVE-2014-3248 CVE-2014-3493 CVE-2014-3560 CVE-2014-6277 CVE-2014-6278 CVE-2014-8143 CVE-2014-8240 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2015-0240 CVE-2015-0255 CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-5370 CVE-2015-7560 CVE-2015-8327 CVE-2015-8467 CVE-2015-8543 CVE-2016-0634 CVE-2016-0771 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 CVE-2016-2119 CVE-2016-7543 CVE-2016-7867 CVE-2016-7868 CVE-2016-7869 CVE-2016-7870 CVE-2016-7871 CVE-2016-7872 CVE-2016-7873 CVE-2016-7874 CVE-2016-7875 CVE-2016-7876 CVE-2016-7877 CVE-2016-7878 CVE-2016-7879 CVE-2016-7880 CVE-2016-7881 CVE-2016-7890 CVE-2016-7892 CVE-2016-7969 CVE-2016-7970 CVE-2016-7971 CVE-2016-7972 CVE-2019-7164 CVE-2019-7548 SUSE-SU-2015:0455-1 SUSE-SU-2016:0092-1 SUSE-SU-2016:2872-1 SUSE-SU-2016:3107-1 SUSE-SU-2016:3148-1 SUSE-SU-2018:1952-1 SUSE-SU-2019:2253-2 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libKF5Auth5-5.45.0-lp150.2 is installed OR libKF5Auth5-lang-5.45.0-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information MozillaThunderbird-60.7.0-lp151.2.4 is installed OR MozillaThunderbird-buildsymbols-60.7.0-lp151.2.4 is installed OR MozillaThunderbird-translations-common-60.7.0-lp151.2.4 is installed OR MozillaThunderbird-translations-other-60.7.0-lp151.2.4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libxml2-2.7.6-0.25 is installed OR libxml2-32bit-2.7.6-0.25 is installed OR libxml2-python-2.7.6-0.25 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND cabextract-1.2-2.10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information freetype2-2.5.3-5 is installed OR ft2demos-2.5.3-5 is installed OR libfreetype6-2.5.3-5 is installed OR libfreetype6-32bit-2.5.3-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information pam-1.1.8-14 is installed OR pam-32bit-1.1.8-14 is installed OR pam-doc-1.1.8-14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information colord-1.3.3-12 is installed OR colord-gtk-lang-0.1.26-6 is installed OR colord-lang-1.3.3-12 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libXvnc1-1.6.0-18.23 is installed OR tigervnc-1.6.0-18.23 is installed OR xorg-x11-Xvnc-1.6.0-18.23 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information python-SQLAlchemy-1.2.14-6.3 is installed OR python2-SQLAlchemy-1.2.14-6.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.5 is installed OR kernel-azure-base-4.12.14-5.5 is installed OR kernel-azure-devel-4.12.14-5.5 is installed OR kernel-devel-azure-4.12.14-5.5 is installed OR kernel-source-azure-4.12.14-5.5 is installed OR kernel-syms-azure-4.12.14-5.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND cifs-utils-6.4-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.124 is installed OR kernel-default-base-3.12.74-60.64.124 is installed OR kernel-default-devel-3.12.74-60.64.124 is installed OR kernel-default-man-3.12.74-60.64.124 is installed OR kernel-devel-3.12.74-60.64.124 is installed OR kernel-macros-3.12.74-60.64.124 is installed OR kernel-source-3.12.74-60.64.124 is installed OR kernel-syms-3.12.74-60.64.124 is installed OR kernel-xen-3.12.74-60.64.124 is installed OR kernel-xen-base-3.12.74-60.64.124 is installed OR kernel-xen-devel-3.12.74-60.64.124 is installed OR kgraft-patch-3_12_74-60_64_124-default-1-2.3 is installed OR kgraft-patch-3_12_74-60_64_124-xen-1-2.3 is installed OR kgraft-patch-SLE12-SP1_Update_37-1-2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND ipsec-tools-0.8.0-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information giflib-progs-5.0.5-12 is installed OR libgif6-5.0.5-12 is installed OR libgif6-32bit-5.0.5-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_64-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_20-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND libcares2-1.9.1-9.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information python-keystoneclient-1.7.2-3 is installed OR python-keystoneclient-doc-1.7.2-3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND permissions-2015.09.28.1626-17.20 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-loofah-2.0.2-3.8 is installed OR rubygem-loofah-2.0.2-3.8 is installed
BACK