OVAL Reference oval:org.opensuse.security:def:53198

Oval Definition:

oval:org.opensuse.security:def:53198

Revision Date:	2020-12-01	Version:	1
Title:	Security update for freeradius-server (Important)
Description:	This update for freeradius-server fixes the following issues: Security issues fixed: - CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points (bsc#1132549). - CVE-2019-11234: Fixed an authentication bypass caused by reflecting privous values back to the server (bsc#1132664).
Family:	unix	Class:	patch
Status:		Reference(s):	1002991 1034849 1128858 1129271 1129392 1132160 1132549 1132664 1132690 1134190 1134428 1135222 1136020 1136081 1138316 1140492 906574 919938 924960 933288 933878 936227 938913 942865 957566 957567 957598 957600 960837 964844 970072 970073 971741 972127 CVE-2008-0928 CVE-2008-1945 CVE-2008-2382 CVE-2008-4539 CVE-2010-0624 CVE-2011-2895 CVE-2011-4182 CVE-2012-3515 CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4242 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-4544 CVE-2013-6399 CVE-2013-6462 CVE-2014-0004 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0150 CVE-2014-0182 CVE-2014-0209 CVE-2014-0210 CVE-2014-0211 CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3591 CVE-2014-3640 CVE-2014-7202 CVE-2014-7203 CVE-2014-7840 CVE-2014-8106 CVE-2014-8964 CVE-2014-9092 CVE-2014-9112 CVE-2014-9721 CVE-2015-0294 CVE-2015-0837 CVE-2015-1779 CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3209 CVE-2015-3210 CVE-2015-3217 CVE-2015-3456 CVE-2015-4000 CVE-2015-4037 CVE-2015-5073 CVE-2015-5154 CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5745 CVE-2015-6815 CVE-2015-6855 CVE-2015-7295 CVE-2015-7511 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-1283 CVE-2016-1285 CVE-2016-1286 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2037 CVE-2016-2198 CVE-2016-3191 CVE-2016-3710 CVE-2016-3712 CVE-2016-4002 CVE-2016-4020 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4952 CVE-2016-4964 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6313 CVE-2016-6351 CVE-2016-6490 CVE-2016-6833 CVE-2016-6836 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155 CVE-2016-7156 CVE-2016-7157 CVE-2016-7942 CVE-2017-15232 CVE-2017-3289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2019-11068 CVE-2019-11234 CVE-2019-11235 CVE-2019-5419 SUSE-SU-2015:0735-1 SUSE-SU-2016:0344-1 SUSE-SU-2016:0759-1 SUSE-SU-2016:2971-1 SUSE-SU-2016:3001-1 SUSE-SU-2017:1400-1 SUSE-SU-2019:1086-1 SUSE-SU-2019:1973-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information MozillaThunderbird-52.7-lp150.2 is installed OR MozillaThunderbird-translations-common-52.7-lp150.2 is installed OR MozillaThunderbird-translations-other-52.7-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libtomcrypt-1.17-lp151.3.3 is installed OR libtomcrypt-devel-1.17-lp151.3.3 is installed OR libtomcrypt-examples-1.17-lp151.3.3 is installed OR libtomcrypt0-1.17-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xorg-x11-Xvnc-7.4-27.70.76 is installed OR xorg-x11-server-7.4-27.70.76 is installed OR xorg-x11-server-extra-7.4-27.70.76 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-38.2.1esr-19 is installed OR MozillaFirefox-branding-SLED-31.0-0.12 is installed OR MozillaFirefox-translations-38.2.1esr-19 is installed OR libfreebl3-3.19.2.0-0.16 is installed OR libfreebl3-32bit-3.19.2.0-0.16 is installed OR libsoftokn3-3.19.2.0-0.16 is installed OR libsoftokn3-32bit-3.19.2.0-0.16 is installed OR mozilla-nss-3.19.2.0-0.16 is installed OR mozilla-nss-32bit-3.19.2.0-0.16 is installed OR mozilla-nss-tools-3.19.2.0-0.16 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.491-0.11 is installed OR flash-player-gnome-11.2.202.491-0.11 is installed OR flash-player-kde4-11.2.202.491-0.11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information gnutls-3.2.15-7 is installed OR libgnutls28-3.2.15-7 is installed OR libgnutls28-32bit-3.2.15-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information bind-9.9.6P1-38 is installed OR bind-libs-9.9.6P1-38 is installed OR bind-libs-32bit-9.9.6P1-38 is installed OR bind-utils-9.9.6P1-38 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libgcrypt20-1.6.1-16.33 is installed OR libgcrypt20-32bit-1.6.1-16.33 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cpio-2.11-35 is installed OR cpio-lang-2.11-35 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libjpeg-turbo-1.5.3-31.7 is installed OR libjpeg62-62.2.0-31.7 is installed OR libjpeg62-32bit-62.2.0-31.7 is installed OR libjpeg62-turbo-1.5.3-31.7 is installed OR libjpeg8-8.1.2-31.7 is installed OR libjpeg8-32bit-8.1.2-31.7 is installed OR libturbojpeg0-8.1.2-31.7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information freeradius-server-3.0.16-3.3 is installed OR freeradius-server-devel-3.0.16-3.3 is installed OR freeradius-server-krb5-3.0.16-3.3 is installed OR freeradius-server-ldap-3.0.16-3.3 is installed OR freeradius-server-libs-3.0.16-3.3 is installed OR freeradius-server-mysql-3.0.16-3.3 is installed OR freeradius-server-perl-3.0.16-3.3 is installed OR freeradius-server-postgresql-3.0.16-3.3 is installed OR freeradius-server-python-3.0.16-3.3 is installed OR freeradius-server-sqlite-3.0.16-3.3 is installed OR freeradius-server-utils-3.0.16-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information rmt-server-2.3.1-3.3 is installed OR rmt-server-config-2.3.1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND apache2-mod_jk-1.2.40-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_57-default-8-2 is installed OR kgraft-patch-3_12_74-60_64_57-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_20-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gnome-settings-daemon-3.20.1-40 is installed OR gnome-settings-daemon-lang-3.20.1-40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.5_02-43.30 is installed OR xen-doc-html-4.7.5_02-43.30 is installed OR xen-libs-4.7.5_02-43.30 is installed OR xen-libs-32bit-4.7.5_02-43.30 is installed OR xen-tools-4.7.5_02-43.30 is installed OR xen-tools-domU-4.7.5_02-43.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information curl-7.37.0-37.23 is installed OR libcurl4-7.37.0-37.23 is installed OR libcurl4-32bit-7.37.0-37.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND busybox-1.21.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpython2_7-1_0-2.7.13-28.8 is installed OR libpython2_7-1_0-32bit-2.7.13-28.8 is installed OR python-2.7.13-28.8 is installed OR python-32bit-2.7.13-28.8 is installed OR python-base-2.7.13-28.8 is installed OR python-base-32bit-2.7.13-28.8 is installed OR python-curses-2.7.13-28.8 is installed OR python-demo-2.7.13-28.8 is installed OR python-doc-2.7.13-28.8 is installed OR python-doc-pdf-2.7.13-28.8 is installed OR python-gdbm-2.7.13-28.8 is installed OR python-idle-2.7.13-28.8 is installed OR python-tk-2.7.13-28.8 is installed OR python-xml-2.7.13-28.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cpio-2.11-36.3 is installed OR cpio-lang-2.11-36.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-sprockets-2_11-2.11.3-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information apache2-2.4.23-29.18 is installed OR apache2-doc-2.4.23-29.18 is installed OR apache2-example-pages-2.4.23-29.18 is installed OR apache2-prefork-2.4.23-29.18 is installed OR apache2-utils-2.4.23-29.18 is installed OR apache2-worker-2.4.23-29.18 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND git-2.12.3-27.17 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information dnsmasq-2.78-18.12 is installed OR dnsmasq-utils-2.78-18.12 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND python-cryptography-2.0.3-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-core-branding-upstream-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-openstack-6.0+git.1572264221.3826a58b8-3.13 is installed OR grafana-6.2.5-3.9 is installed OR openstack-cinder-13.0.8~dev8-3.13 is installed OR openstack-cinder-api-13.0.8~dev8-3.13 is installed OR openstack-cinder-backup-13.0.8~dev8-3.13 is installed OR openstack-cinder-scheduler-13.0.8~dev8-3.13 is installed OR openstack-cinder-volume-13.0.8~dev8-3.13 is installed OR openstack-dashboard-14.0.5~dev1-3.9 is installed OR openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR openstack-keystone-14.1.1~dev26-3.13 is installed OR openstack-manila-7.3.1~dev15-4.13 is installed OR openstack-manila-api-7.3.1~dev15-4.13 is installed OR openstack-manila-data-7.3.1~dev15-4.13 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.13 is installed OR openstack-manila-share-7.3.1~dev15-4.13 is installed OR openstack-neutron-13.0.6~dev3-3.13 is installed OR openstack-neutron-dhcp-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-fwaas-13.0.3~dev2-3.6 is installed OR openstack-neutron-ha-tool-13.0.6~dev3-3.13 is installed OR openstack-neutron-l3-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-lbaas-13.0.1~dev15-3.10 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev15-3.10 is installed OR openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-macvtap-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metadata-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metering-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-server-13.0.6~dev3-3.13 is installed OR openstack-nova-18.2.4~dev18-3.13 is installed OR openstack-nova-api-18.2.4~dev18-3.13 is installed OR openstack-nova-cells-18.2.4~dev18-3.13 is installed OR openstack-nova-compute-18.2.4~dev18-3.13 is installed OR openstack-nova-conductor-18.2.4~dev18-3.13 is installed OR openstack-nova-console-18.2.4~dev18-3.13 is installed OR openstack-nova-novncproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-placement-api-18.2.4~dev18-3.13 is installed OR openstack-nova-scheduler-18.2.4~dev18-3.13 is installed OR openstack-nova-serialproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-vncproxy-18.2.4~dev18-3.13 is installed OR openstack-octavia-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-agent-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-image-0.1.1-7.3 is installed OR openstack-octavia-amphora-image-x86_64-0.1.1-7.3 is installed OR openstack-octavia-api-3.2.1~dev1-3.13 is installed OR openstack-octavia-health-manager-3.2.1~dev1-3.13 is installed OR openstack-octavia-housekeeping-3.2.1~dev1-3.13 is installed OR openstack-octavia-worker-3.2.1~dev1-3.13 is installed OR python-Django1-1.11.24-3.12 is installed OR python-cinder-13.0.8~dev8-3.13 is installed OR python-horizon-14.0.5~dev1-3.9 is installed OR python-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR python-keystone-14.1.1~dev26-3.13 is installed OR python-keystonemiddleware-5.2.1-11 is installed OR python-manila-7.3.1~dev15-4.13 is installed OR python-neutron-13.0.6~dev3-3.13 is installed OR python-neutron-fwaas-13.0.3~dev2-3.6 is installed OR python-neutron-lbaas-13.0.1~dev15-3.10 is installed OR python-nova-18.2.4~dev18-3.13 is installed OR python-octavia-3.2.1~dev1-3.13 is installed OR python-octaviaclient-1.6.1-3.3 is installed OR python-openstack_auth-14.0.5~dev1-3.9 is installed OR python-os-brick-2.5.8-3.6 is installed OR python-os-brick-common-2.5.8-3.6 is installed OR python-oslo.cache-1.30.4-3.3 is installed OR python-oslo.messaging-8.1.4-3.3 is installed

BACK