Oval Definition:oval:org.opensuse.security:def:53186
Revision Date:2020-12-01Version:1
Title:Security update for spice-gtk (Important)
Description:

This update for spice-gtk fixes the following issues:

Security issues fixed:

- CVE-2018-10873: Fix potential heap corruption when demarshalling (bsc#1104448) - CVE-2018-10893: Avoid buffer overflow on image lz checks (bsc#1101295)

Other bugs fixed:

- Add setuid bit to spice-client-glib-usb-acl-helper (bsc#1101420)
Family:unixClass:patch
Status:Reference(s):1000345
1000346
1001151
1002116
1002549
1002550
1002557
1003612
1003613
1003878
1003893
1003894
1004702
1004706
1004707
1005353
1005374
1006536
1006538
1007263
1007391
1007493
1007494
1007495
1007769
1008148
1013285
1014109
1014111
1014702
1015048
1015169
1016779
1020491
1020589
1020928
1021129
1022541
1023004
1023053
1023907
1024972
1081516
1101295
1101420
1102604
1104448
1104662
1106420
1108086
1108395
1112182
1117058
1118952
1120813
1123642
1124667
1125665
1126325
1127458
1130129
898675
903997
904242
909309
909477
909684
910517
913080
914818
915200
915660
917830
918584
918615
918620
918644
919463
919719
919939
920615
920805
920839
921313
921527
921990
922272
922275
922278
922284
924460
937125
951166
962189
967087
983582
984751
985177
985348
989523
991069
998516
CVE-2009-0758
CVE-2010-2244
CVE-2011-1002
CVE-2011-1006
CVE-2011-1022
CVE-2012-2369
CVE-2012-4425
CVE-2014-0139
CVE-2015-0777
CVE-2015-2150
CVE-2015-8704
CVE-2015-8833
CVE-2016-0772
CVE-2016-1000110
CVE-2016-10155
CVE-2016-1521
CVE-2016-1523
CVE-2016-1523
CVE-2016-1526
CVE-2016-5104
CVE-2016-5636
CVE-2016-5699
CVE-2016-7161
CVE-2016-7170
CVE-2016-7422
CVE-2016-7466
CVE-2016-7907
CVE-2016-7908
CVE-2016-7909
CVE-2016-7994
CVE-2016-7995
CVE-2016-8576
CVE-2016-8577
CVE-2016-8578
CVE-2016-8667
CVE-2016-8668
CVE-2016-8669
CVE-2016-8909
CVE-2016-8910
CVE-2016-9101
CVE-2016-9104
CVE-2016-9105
CVE-2016-9106
CVE-2016-9776
CVE-2016-9907
CVE-2016-9911
CVE-2016-9921
CVE-2016-9922
CVE-2017-2615
CVE-2017-2620
CVE-2017-5436
CVE-2017-5525
CVE-2017-5526
CVE-2017-5667
CVE-2017-5856
CVE-2017-5898
CVE-2018-10195
CVE-2018-10873
CVE-2018-10893
CVE-2018-7999
CVE-2019-3840
SUSE-SU-2015:0658-1
SUSE-SU-2016:0180-1
SUSE-SU-2016:0554-1
SUSE-SU-2016:2859-1
SUSE-SU-2016:2879-1
SUSE-SU-2017:1241-1
SUSE-SU-2018:2709-1
SUSE-SU-2019:0936-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libSDL2-2_0-0-2.0.8-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaThunderbird-68.2.1-lp151.2.16 is installed
  • OR MozillaThunderbird-translations-common-68.2.1-lp151.2.16 is installed
  • OR MozillaThunderbird-translations-other-68.2.1-lp151.2.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND telepathy-gabble-0.7.10-2.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-24.4.0esr-0.8 is installed
  • OR MozillaFirefox-branding-SLED-24-0.7 is installed
  • OR MozillaFirefox-translations-24.4.0esr-0.8 is installed
  • OR mozilla-nspr-4.10.4-0.3 is installed
  • OR mozilla-nspr-32bit-4.10.4-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • compat-openssl097g-0.9.7g-146.22.36 is installed
  • OR compat-openssl097g-32bit-0.9.7g-146.22.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • kernel-default-3.12.39-47 is installed
  • OR kernel-default-devel-3.12.39-47 is installed
  • OR kernel-default-extra-3.12.39-47 is installed
  • OR kernel-devel-3.12.39-47 is installed
  • OR kernel-macros-3.12.39-47 is installed
  • OR kernel-source-3.12.39-47 is installed
  • OR kernel-syms-3.12.39-47 is installed
  • OR kernel-xen-3.12.39-47 is installed
  • OR kernel-xen-devel-3.12.39-47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • MozillaFirefox-38.6.1esr-60 is installed
  • OR MozillaFirefox-translations-38.6.1esr-60 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND libcgroup1-0.41.rc1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libgraphite2-3-1.3.1-10.3 is installed
  • OR libgraphite2-3-32bit-1.3.1-10.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • spice-gtk-0.34-3.3 is installed
  • OR spice-gtk-devel-0.34-3.3 is installed
  • OR typelib-1_0-SpiceClientGlib-2_0-0.34-3.3 is installed
  • OR typelib-1_0-SpiceClientGtk-3_0-0.34-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cups-1.7.5-9 is installed
  • OR cups-client-1.7.5-9 is installed
  • OR cups-libs-1.7.5-9 is installed
  • OR cups-libs-32bit-1.7.5-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_69-default-2-2 is installed
  • OR kgraft-patch-3_12_74-60_64_69-xen-2-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_24-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND ft2demos-2.6.3-7.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • openssh-7.2p2-74.30 is installed
  • OR openssh-askpass-gnome-7.2p2-74.30 is installed
  • OR openssh-fips-7.2p2-74.30 is installed
  • OR openssh-helpers-7.2p2-74.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_38-default-12-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_13-12-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND apache2-mod_jk-1.2.40-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND clamav-0.100.3-33.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ceph-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR ceph-common-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR libcephfs2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR librados2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR libradosstriper1-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR librbd1-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR librgw2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR python-cephfs-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR python-rados-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR python-rbd-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
  • OR python-rgw-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • bind-9.11.2-1 is installed
  • OR bind-chrootenv-9.11.2-1 is installed
  • OR bind-doc-9.11.2-1 is installed
  • OR bind-utils-9.11.2-1 is installed
  • OR libbind9-160-9.11.2-1 is installed
  • OR libdns169-9.11.2-1 is installed
  • OR libirs160-9.11.2-1 is installed
  • OR libisc166-9.11.2-1 is installed
  • OR libisc166-32bit-9.11.2-1 is installed
  • OR libisccc160-9.11.2-1 is installed
  • OR libisccfg160-9.11.2-1 is installed
  • OR liblwres160-9.11.2-1 is installed
  • OR python-bind-9.11.2-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-actionview-4_2-4.2.2-5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND Package Information
  • containerd-1.2.6-16.23 is installed
  • OR docker-19.03.1_ce-98.46 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25 is installed
  • OR docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29 is installed
  • OR golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.25-30.39 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.25-30.39 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.25-30.39 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.25-30.39 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND sudo-1.8.20p2-3.17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • mariadb-10.2.25-3.19 is installed
  • OR mariadb-galera-10.2.25-3.19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • dnsmasq-2.78-18.6 is installed
  • OR dnsmasq-utils-2.78-18.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Twisted-15.2.1-9.5 is installed
    • BACK