Oval Definition:	oval:org.opensuse.security:def:53298
Revision Date: 2020-12-01 Version: 1 Title: Security update for squid (Important) Description: This update for squid to version 4.11 fixes the following issues: - CVE-2020-11945: Fixed a potential remote code execution vulnerability when using HTTP Digest Authentication (bsc#1170313). - CVE-2019-12519, CVE-2019-12521: Fixed incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (bsc#1169659). - CVE-2020-8517: Fixed a possible denial of service caused by incorrect buffer management ext_lm_group_acl when processing NTLM Authentication credentials (bsc#1162691). - CVE-2019-12528: Fixed possible information disclosure when translating FTP server listings into HTTP responses (bsc#1162689). - CVE-2019-18860: Fixed handling of invalid domain names in cachemgr.cgi (bsc#1167373). Family: unix Class: patch Status: Reference(s): 1019129 1027519 1051222 1055695 1056278 1056280 1056281 1056282 1057389 1162689 1162691 1167373 1169659 1170313 1174052 1175070 1175071 1175074 907074 935158 941500 962189 CVE-2009-0758 CVE-2009-2625 CVE-2009-3560 CVE-2009-3720 CVE-2009-4029 CVE-2010-2244 CVE-2010-2761 CVE-2010-4410 CVE-2010-4411 CVE-2010-4777 CVE-2011-1002 CVE-2012-0876 CVE-2012-1147 CVE-2012-1148 CVE-2012-6702 CVE-2013-2063 CVE-2013-4143 CVE-2014-9087 CVE-2015-1283 CVE-2015-1782 CVE-2015-3813 CVE-2015-6241 CVE-2015-6242 CVE-2015-6243 CVE-2015-6244 CVE-2015-6245 CVE-2015-6246 CVE-2015-6247 CVE-2015-6248 CVE-2015-6249 CVE-2015-8704 CVE-2015-8853 CVE-2016-0718 CVE-2016-0787 CVE-2016-1238 CVE-2016-2381 CVE-2016-5300 CVE-2016-6185 CVE-2016-7951 CVE-2016-7952 CVE-2017-1000251 CVE-2017-11185 CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 CVE-2017-2925 CVE-2017-2926 CVE-2017-2927 CVE-2017-2928 CVE-2017-2930 CVE-2017-2931 CVE-2017-2932 CVE-2017-2933 CVE-2017-2934 CVE-2017-2935 CVE-2017-2936 CVE-2017-2937 CVE-2017-2938 CVE-2019-12519 CVE-2019-12521 CVE-2019-12528 CVE-2019-18860 CVE-2020-11945 CVE-2020-11984 CVE-2020-11993 CVE-2020-8517 CVE-2020-9490 SUSE-SU-2015:1713-1 SUSE-SU-2016:0174-1 SUSE-SU-2017:0108-1 SUSE-SU-2017:2143-1 SUSE-SU-2017:2519-1 SUSE-SU-2017:2521-1 SUSE-SU-2020:1156-1 SUSE-SU-2020:2311-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gdk-pixbuf-lang-2.36.11-lp150.3 is installed OR gdk-pixbuf-query-loaders-2.36.11-lp150.3 is installed OR gdk-pixbuf-thumbnailer-2.36.11-lp150.3 is installed OR libgdk_pixbuf-2_0-0-2.36.11-lp150.3 is installed OR typelib-1_0-GdkPixbuf-2_0-2.36.11-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-74.0.3729.157-lp151.2.3 is installed OR chromium-74.0.3729.157-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.7esr-0.3 is installed OR MozillaFirefox-branding-SLED-7-0.6.9 is installed OR MozillaFirefox-translations-17.0.7esr-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information java-1_7_0-openjdk-1.7.0.71-0.7 is installed OR java-1_7_0-openjdk-demo-1.7.0.71-0.7 is installed OR java-1_7_0-openjdk-devel-1.7.0.71-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information curl-7.19.7-1.46 is installed OR libcurl4-7.19.7-1.46 is installed OR libcurl4-32bit-7.19.7-1.46 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libksba-1.3.0-9 is installed OR libksba8-1.3.0-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information bind-9.9.6P1-35 is installed OR bind-libs-9.9.6P1-35 is installed OR bind-libs-32bit-9.9.6P1-35 is installed OR bind-utils-9.9.6P1-35 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information perl-5.18.2-11 is installed OR perl-32bit-5.18.2-11 is installed OR perl-base-5.18.2-11 is installed OR perl-doc-5.18.2-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND m4-1.4.16-15 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND squid-4.11-5.17 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information apache2-2.4.43-3.5 is installed OR apache2-devel-2.4.43-3.5 is installed OR apache2-doc-2.4.43-3.5 is installed OR apache2-worker-2.4.43-3.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_48-default-7-2 is installed OR kgraft-patch-3_12_74-60_64_48-xen-7-2 is installed OR kgraft-patch-SLE12-SP1_Update_17-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND libnghttp2-14-1.7.1-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.125 is installed OR kernel-default-base-4.4.121-92.125 is installed OR kernel-default-devel-4.4.121-92.125 is installed OR kernel-devel-4.4.121-92.125 is installed OR kernel-macros-4.4.121-92.125 is installed OR kernel-source-4.4.121-92.125 is installed OR kernel-syms-4.4.121-92.125 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_85-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_23-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information gstreamer-0_10-plugins-base-0.10.36-18.3 is installed OR gstreamer-0_10-plugins-base-32bit-0.10.36-18.3 is installed OR libgstapp-0_10-0-32bit-0.10.36-18.3 is installed OR libgstinterfaces-0_10-0-32bit-0.10.36-18.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND gdb-8.3.1-2.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ceph-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR ceph-common-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR libcephfs2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR librados2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR libradosstriper1-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR librbd1-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR librgw2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-cephfs-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-rados-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-rbd-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-rgw-12.2.7+git.1531910353.c0ef85b854-2.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-horizon-plugin-manila-ui-1.2.1~a0~dev2-3 is installed OR python-horizon-plugin-manila-ui-1.2.1~a0~dev2-3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information MozillaFirefox-60.2.2esr-109.46 is installed OR MozillaFirefox-branding-SLE-60-32.3 is installed OR MozillaFirefox-devel-60.2.2esr-109.46 is installed OR MozillaFirefox-translations-common-60.2.2esr-109.46 is installed OR apache2-mod_nss-1.0.14-19.6 is installed OR libfreebl3-3.36.4-58.15 is installed OR libfreebl3-32bit-3.36.4-58.15 is installed OR libfreebl3-hmac-3.36.4-58.15 is installed OR libfreebl3-hmac-32bit-3.36.4-58.15 is installed OR libsoftokn3-3.36.4-58.15 is installed OR libsoftokn3-32bit-3.36.4-58.15 is installed OR libsoftokn3-hmac-3.36.4-58.15 is installed OR libsoftokn3-hmac-32bit-3.36.4-58.15 is installed OR mozilla-nspr-4.19-19.3 is installed OR mozilla-nspr-32bit-4.19-19.3 is installed OR mozilla-nss-3.36.4-58.15 is installed OR mozilla-nss-32bit-3.36.4-58.15 is installed OR mozilla-nss-certs-3.36.4-58.15 is installed OR mozilla-nss-certs-32bit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-32bit-3.36.4-58.15 is installed OR mozilla-nss-tools-3.36.4-58.15 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.25-3.19 is installed OR mariadb-galera-10.2.25-3.19 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed
BACK