OVAL Reference oval:org.opensuse.security:def:53203

Oval Definition:

oval:org.opensuse.security:def:53203

Revision Date:	2020-12-01	Version:	1
Title:	Security update for openssh (Important)
Description:	This update for openssh fixes the following issues: Security issues fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions (bsc#1121571) - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate terminal output via the object name, e.g. by inserting ANSI escape sequences (bsc#1121816) - CVE-2019-6110: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate stderr output, e.g. by inserting ANSI escape sequences (bsc#1121818) - CVE-2019-6111: Fixed an issue where the scp client would allow malicious remote SSH servers to execute directory traversal attacks and overwrite files (bsc#1121821)
Family:	unix	Class:	patch
Status:		Reference(s):	1008831 1011283 1011284 1011285 1011286 1011287 1011288 1011289 1011290 1011291 1011292 1011293 1011685 1012021 1012022 1012023 1012024 1012025 1012026 1012027 1012028 1012029 1012030 1012031 1012032 1012754 1013669 1083689 1092187 1099465 1105606 1108674 1109609 1120189 1121571 1121816 1121818 1121821 1132385 1144797 907268 939342 963017 966435 966436 991201 CVE-2007-4772 CVE-2009-0163 CVE-2009-2820 CVE-2009-3553 CVE-2010-0393 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2941 CVE-2011-0523 CVE-2011-0524 CVE-2011-1000 CVE-2011-1097 CVE-2012-5519 CVE-2012-6094 CVE-2013-1431 CVE-2013-1986 CVE-2014-1545 CVE-2014-2855 CVE-2014-2856 CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 CVE-2014-8103 CVE-2014-8242 CVE-2014-9512 CVE-2014-9679 CVE-2015-1158 CVE-2015-1159 CVE-2015-1545 CVE-2015-1546 CVE-2015-3228 CVE-2015-5191 CVE-2015-6908 CVE-2015-7183 CVE-2016-0766 CVE-2016-0773 CVE-2016-5416 CVE-2016-7947 CVE-2016-7948 CVE-2016-8632 CVE-2016-8655 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436 CVE-2016-9437 CVE-2016-9438 CVE-2016-9439 CVE-2016-9440 CVE-2016-9441 CVE-2016-9442 CVE-2016-9443 CVE-2016-9555 CVE-2016-9621 CVE-2016-9622 CVE-2016-9623 CVE-2016-9624 CVE-2016-9625 CVE-2016-9626 CVE-2016-9627 CVE-2016-9628 CVE-2016-9629 CVE-2016-9630 CVE-2016-9631 CVE-2016-9632 CVE-2016-9633 CVE-2016-9811 CVE-2017-9287 CVE-2018-1054 CVE-2018-10871 CVE-2018-1089 CVE-2018-10935 CVE-2018-14638 CVE-2018-14648 CVE-2018-20685 CVE-2019-3883 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 SUSE-SU-2016:0539-1 SUSE-SU-2016:0884-1 SUSE-SU-2016:3049-1 SUSE-SU-2016:3053-1 SUSE-SU-2017:0189-1 SUSE-SU-2019:0126-1 SUSE-SU-2019:2155-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information accountsservice-0.6.45-lp150.2 is installed OR accountsservice-lang-0.6.45-lp150.2 is installed OR libaccountsservice0-0.6.45-lp150.2 is installed OR typelib-1_0-AccountsService-1_0-0.6.45-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information ghostscript-9.27-lp151.3.9 is installed OR ghostscript-devel-9.27-lp151.3.9 is installed OR ghostscript-mini-9.27-lp151.3.9 is installed OR ghostscript-mini-devel-9.27-lp151.3.9 is installed OR ghostscript-x11-9.27-lp151.3.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xorg-x11-libXp-7.4-1.18 is installed OR xorg-x11-libXp-32bit-7.4-1.18 is installed OR xorg-x11-libXp-devel-7.4-1.18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.508-0.14 is installed OR flash-player-gnome-11.2.202.508-0.14 is installed OR flash-player-kde4-11.2.202.508-0.14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.548-0.26 is installed OR flash-player-gnome-11.2.202.548-0.26 is installed OR flash-player-kde4-11.2.202.548-0.26 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information xorg-x11-server-7.6_1.15.2-17 is installed OR xorg-x11-server-extra-7.6_1.15.2-17 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information ghostscript-9.15-6 is installed OR ghostscript-x11-9.15-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND libgypsy0-0.9-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cups-1.7.5-19 is installed OR cups-client-1.7.5-19 is installed OR cups-libs-1.7.5-19 is installed OR cups-libs-32bit-1.7.5-19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libldap-2_4-2-2.4.41-18.40 is installed OR libldap-2_4-2-32bit-2.4.41-18.40 is installed OR openldap2-client-2.4.41-18.40 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information openssh-7.6p1-9.13 is installed OR openssh-fips-7.6p1-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information 389-ds-1.4.0.26~git0.8a2d3de6f-4.14 is installed OR 389-ds-devel-1.4.0.26~git0.8a2d3de6f-4.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information automake-1.13.4-4 is installed OR m4-1.4.16-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_54-default-8-2 is installed OR kgraft-patch-3_12_74-60_64_54-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_19-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information groff-1.22.2-5 is installed OR groff-full-1.22.2-5 is installed OR gxditview-1.22.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information bash-4.3-83.10 is installed OR bash-doc-4.3-83.10 is installed OR libreadline6-6.3-83.10 is installed OR libreadline6-32bit-6.3-83.10 is installed OR readline-doc-6.3-83.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information icu-52.1-8.7 is installed OR libicu-doc-52.1-8.7 is installed OR libicu52_1-52.1-8.7 is installed OR libicu52_1-32bit-52.1-8.7 is installed OR libicu52_1-data-52.1-8.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_92-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_24-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND shadow-4.2.1-27.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND python-suds-jurko-0.6-4 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information xen-4.7.5_02-43.30 is installed OR xen-doc-html-4.7.5_02-43.30 is installed OR xen-libs-4.7.5_02-43.30 is installed OR xen-libs-32bit-4.7.5_02-43.30 is installed OR xen-tools-4.7.5_02-43.30 is installed OR xen-tools-domU-4.7.5_02-43.30 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information dnsmasq-2.78-18.6 is installed OR dnsmasq-utils-2.78-18.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-rack-1.6.11-3.3 is installed OR rubygem-rack-1.6.11-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-requests-2.20.1-4.3 is installed

BACK