OVAL Reference oval:org.opensuse.security:def:53390

Oval Definition:

oval:org.opensuse.security:def:53390

Revision Date:	2020-12-01	Version:	1
Title:	Security update for php7 (Moderate)
Description:	This update for php7 fixes the following issues: - CVE-2018-12882: exif_read_from_impl allowed attackers to trigger a use-after-free (in exif_read_from_file) because it closed a stream that it is not responsible for closing (bsc#1099098).
Family:	unix	Class:	patch
Status:		Reference(s):	1000677 1001912 1002998 1009528 1013669 1019637 1021616 1021627 1021641 1022085 1022086 1022271 1024232 1024244 1024992 1024993 1025505 1025507 1026723 1026725 1026922 1027108 1027376 1028301 1099098 1165528 1169658 929414 929690 941794 970072 970073 CVE-2011-1145 CVE-2013-0221 CVE-2013-0222 CVE-2013-0223 CVE-2013-2492 CVE-2013-4143 CVE-2014-0139 CVE-2015-0797 CVE-2015-1782 CVE-2015-3622 CVE-2015-4041 CVE-2015-4042 CVE-2015-6251 CVE-2016-0787 CVE-2016-10163 CVE-2016-10214 CVE-2016-1285 CVE-2016-1286 CVE-2016-7055 CVE-2016-7945 CVE-2016-7946 CVE-2016-9445 CVE-2016-9446 CVE-2016-9447 CVE-2016-9809 CVE-2016-9811 CVE-2017-3731 CVE-2017-3732 CVE-2017-5580 CVE-2017-5937 CVE-2017-5956 CVE-2017-5957 CVE-2017-5993 CVE-2017-5994 CVE-2017-6209 CVE-2017-6210 CVE-2017-6317 CVE-2017-6355 CVE-2017-6369 CVE-2017-6386 CVE-2017-6508 CVE-2018-12882 CVE-2020-10018 CVE-2020-11793 SUSE-SU-2015:1518-1 SUSE-SU-2016:0780-1 SUSE-SU-2016:3047-1 SUSE-SU-2017:0211-1 SUSE-SU-2017:0441-1 SUSE-SU-2017:0798-1 SUSE-SU-2017:0800-1 SUSE-SU-2018:1936-2 SUSE-SU-2020:1109-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.42.3-lp150.1 is installed OR librsvg-2-2-2.42.3-lp150.1 is installed OR rsvg-thumbnailer-2.42.3-lp150.1 is installed OR typelib-1_0-Rsvg-2_0-2.42.3-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libsass-3.6.1-lp151.3.3 is installed OR libsass-3_6_1-1-3.6.1-lp151.3.3 is installed OR libsass-devel-3.6.1-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libgcrypt11-1.5.0-0.15 is installed OR libgcrypt11-32bit-1.5.0-0.15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND cabextract-1.2-2.10 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-31.8.0esr-0.13 is installed OR MozillaFirefox-translations-31.8.0esr-0.13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information gnutls-3.2.15-11 is installed OR libgnutls28-3.2.15-11 is installed OR libgnutls28-32bit-3.2.15-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libXi-1.7.4-17 is installed OR libXi6-1.7.4-17 is installed OR libXi6-32bit-1.7.4-17 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gstreamer-plugins-base-1.8.3-9 is installed OR gstreamer-plugins-base-lang-1.8.3-9 is installed OR libgstallocators-1_0-0-1.8.3-9 is installed OR libgstapp-1_0-0-1.8.3-9 is installed OR libgstapp-1_0-0-32bit-1.8.3-9 is installed OR libgstaudio-1_0-0-1.8.3-9 is installed OR libgstaudio-1_0-0-32bit-1.8.3-9 is installed OR libgstfft-1_0-0-1.8.3-9 is installed OR libgstfft-1_0-0-32bit-1.8.3-9 is installed OR libgstpbutils-1_0-0-1.8.3-9 is installed OR libgstpbutils-1_0-0-32bit-1.8.3-9 is installed OR libgstriff-1_0-0-1.8.3-9 is installed OR libgstrtp-1_0-0-1.8.3-9 is installed OR libgstrtsp-1_0-0-1.8.3-9 is installed OR libgstsdp-1_0-0-1.8.3-9 is installed OR libgsttag-1_0-0-1.8.3-9 is installed OR libgsttag-1_0-0-32bit-1.8.3-9 is installed OR libgstvideo-1_0-0-1.8.3-9 is installed OR libgstvideo-1_0-0-32bit-1.8.3-9 is installed OR typelib-1_0-GstAudio-1_0-1.8.3-9 is installed OR typelib-1_0-GstPbutils-1_0-1.8.3-9 is installed OR typelib-1_0-GstTag-1_0-1.8.3-9 is installed OR typelib-1_0-GstVideo-1_0-1.8.3-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information coreutils-8.25-12 is installed OR coreutils-lang-8.25-12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gstreamer-0_10-plugins-bad-0.10.23-25 is installed OR gstreamer-0_10-plugins-bad-lang-0.10.23-25 is installed OR libgstbasecamerabinsrc-0_10-23-0.10.23-25 is installed OR libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25 is installed OR libgstbasevideo-0_10-23-0.10.23-25 is installed OR libgstbasevideo-0_10-23-32bit-0.10.23-25 is installed OR libgstcodecparsers-0_10-23-0.10.23-25 is installed OR libgstphotography-0_10-23-0.10.23-25 is installed OR libgstphotography-0_10-23-32bit-0.10.23-25 is installed OR libgstsignalprocessor-0_10-23-0.10.23-25 is installed OR libgstsignalprocessor-0_10-23-32bit-0.10.23-25 is installed OR libgstvdp-0_10-23-0.10.23-25 is installed OR libgstvdp-0_10-23-32bit-0.10.23-25 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-4.3 is installed OR php7-7.2.5-4.3 is installed OR php7-bcmath-7.2.5-4.3 is installed OR php7-bz2-7.2.5-4.3 is installed OR php7-calendar-7.2.5-4.3 is installed OR php7-ctype-7.2.5-4.3 is installed OR php7-curl-7.2.5-4.3 is installed OR php7-dba-7.2.5-4.3 is installed OR php7-devel-7.2.5-4.3 is installed OR php7-dom-7.2.5-4.3 is installed OR php7-enchant-7.2.5-4.3 is installed OR php7-exif-7.2.5-4.3 is installed OR php7-fastcgi-7.2.5-4.3 is installed OR php7-fileinfo-7.2.5-4.3 is installed OR php7-fpm-7.2.5-4.3 is installed OR php7-ftp-7.2.5-4.3 is installed OR php7-gd-7.2.5-4.3 is installed OR php7-gettext-7.2.5-4.3 is installed OR php7-gmp-7.2.5-4.3 is installed OR php7-iconv-7.2.5-4.3 is installed OR php7-intl-7.2.5-4.3 is installed OR php7-json-7.2.5-4.3 is installed OR php7-ldap-7.2.5-4.3 is installed OR php7-mbstring-7.2.5-4.3 is installed OR php7-mysql-7.2.5-4.3 is installed OR php7-odbc-7.2.5-4.3 is installed OR php7-opcache-7.2.5-4.3 is installed OR php7-openssl-7.2.5-4.3 is installed OR php7-pcntl-7.2.5-4.3 is installed OR php7-pdo-7.2.5-4.3 is installed OR php7-pear-7.2.5-4.3 is installed OR php7-pear-Archive_Tar-7.2.5-4.3 is installed OR php7-pgsql-7.2.5-4.3 is installed OR php7-phar-7.2.5-4.3 is installed OR php7-posix-7.2.5-4.3 is installed OR php7-shmop-7.2.5-4.3 is installed OR php7-snmp-7.2.5-4.3 is installed OR php7-soap-7.2.5-4.3 is installed OR php7-sockets-7.2.5-4.3 is installed OR php7-sqlite-7.2.5-4.3 is installed OR php7-sysvmsg-7.2.5-4.3 is installed OR php7-sysvsem-7.2.5-4.3 is installed OR php7-sysvshm-7.2.5-4.3 is installed OR php7-tokenizer-7.2.5-4.3 is installed OR php7-wddx-7.2.5-4.3 is installed OR php7-xmlreader-7.2.5-4.3 is installed OR php7-xmlrpc-7.2.5-4.3 is installed OR php7-xmlwriter-7.2.5-4.3 is installed OR php7-xsl-7.2.5-4.3 is installed OR php7-zip-7.2.5-4.3 is installed OR php7-zlib-7.2.5-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ecryptfs-utils-103-5 is installed OR ecryptfs-utils-32bit-103-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_62-60_64_8-default-10-2 is installed OR kgraft-patch-3_12_62-60_64_8-xen-10-2 is installed OR kgraft-patch-SLE12-SP1_Update_8-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information rpm-4.11.2-15 is installed OR rpm-32bit-4.11.2-15 is installed OR rpm-build-4.11.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information rsyslog-8.4.0-18.13 is installed OR rsyslog-diag-tools-8.4.0-18.13 is installed OR rsyslog-doc-8.4.0-18.13 is installed OR rsyslog-module-gssapi-8.4.0-18.13 is installed OR rsyslog-module-gtls-8.4.0-18.13 is installed OR rsyslog-module-mysql-8.4.0-18.13 is installed OR rsyslog-module-pgsql-8.4.0-18.13 is installed OR rsyslog-module-relp-8.4.0-18.13 is installed OR rsyslog-module-snmp-8.4.0-18.13 is installed OR rsyslog-module-udpspoof-8.4.0-18.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kernel-default-4.4.121-92.109 is installed OR kernel-default-base-4.4.121-92.109 is installed OR kernel-default-devel-4.4.121-92.109 is installed OR kernel-default-man-4.4.121-92.109 is installed OR kernel-devel-4.4.121-92.109 is installed OR kernel-macros-4.4.121-92.109 is installed OR kernel-source-4.4.121-92.109 is installed OR kernel-syms-4.4.121-92.109 is installed OR kgraft-patch-4_4_121-92_109-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_29-1-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_perl-2.0.8-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libgcrypt-1.6.1-16.68 is installed OR libgcrypt20-1.6.1-16.68 is installed OR libgcrypt20-32bit-1.6.1-16.68 is installed OR libgcrypt20-hmac-1.6.1-16.68 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND libcares2-1.9.1-9.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.1-3.49 is installed OR libwebkit2gtk-4_0-37-2.28.1-3.49 is installed OR libwebkit2gtk3-lang-2.28.1-3.49 is installed OR webkit2gtk-4_0-injected-bundles-2.28.1-3.49 is installed OR webkit2gtk3-2.28.1-3.49 is installed OR webkit2gtk3-devel-2.28.1-3.49 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND python-Django-1.8.19-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libopenssl-devel-1.0.2j-60.39 is installed OR libopenssl1_0_0-1.0.2j-60.39 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed OR openssl-1.0.2j-60.39 is installed OR openssl-doc-1.0.2j-60.39 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information java-1_8_0-openjdk-1.8.0.242-27.41 is installed OR java-1_8_0-openjdk-demo-1.8.0.242-27.41 is installed OR java-1_8_0-openjdk-devel-1.8.0.242-27.41 is installed OR java-1_8_0-openjdk-headless-1.8.0.242-27.41 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmariadb3-3.0.3-3.3 is installed OR mariadb-10.2.15-4.3 is installed OR mariadb-client-10.2.15-4.3 is installed OR mariadb-connector-c-3.0.3-3.3 is installed OR mariadb-errormessages-10.2.15-4.3 is installed OR mariadb-galera-10.2.15-4.3 is installed OR mariadb-tools-10.2.15-4.3 is installed OR xtrabackup-2.4.10-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information dnsmasq-2.78-18.12 is installed OR dnsmasq-utils-2.78-18.12 is installed

BACK