OVAL Reference oval:org.opensuse.security:def:53726

Oval Definition:

oval:org.opensuse.security:def:53726

Revision Date:	2020-12-01	Version:	1
Title:	Security update for libssh2_org (Moderate)
Description:	This update for libssh2_org fixes the following issues: - Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922] Enhancements and bugfixes: * adds ECDSA keys and host key support when using OpenSSL * adds ED25519 key and host key support when using OpenSSL 1.1.1 * adds OpenSSH style key file reading * adds AES CTR mode support when using WinCNG * adds PEM passphrase protected file support for Libgcrypt and WinCNG * adds SHA256 hostkey fingerprint * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() * adds explicit zeroing of sensitive data in memory * adds additional bounds checks to network buffer reads * adds the ability to use the server default permissions when creating sftp directories * adds support for building with OpenSSL no engine flag * adds support for building with LibreSSL * increased sftp packet size to 256k * fixed oversized packet handling in sftp * fixed building with OpenSSL 1.1 * fixed a possible crash if sftp stat gets an unexpected response * fixed incorrect parsing of the KEX preference string value * fixed conditional RSA and AES-CTR support * fixed a small memory leak during the key exchange process * fixed a possible memory leak of the ssh banner string * fixed various small memory leaks in the backends * fixed possible out of bounds read when parsing public keys from the server * fixed possible out of bounds read when parsing invalid PEM files * no longer null terminates the scp remote exec command * now handle errors when diffie hellman key pair generation fails * improved building instructions * improved unit tests - Version update to 1.8.2: [bsc#1130103] Bug fixes: * Fixed the misapplied userauth patch that broke 1.8.1 * moved the MAX size declarations from the public header
Family:	unix	Class:	patch
Status:		Reference(s):	1008539 1020950 1024749 1031875 1031877 1031879 1031886 1032880 1034584 1034827 1035442 1036494 1045460 1047262 1050469 1052825 1062571 1062760 1064947 1065766 1070130 1072887 1073973 1076500 1092100 1106914 1130103 1153163 1153164 1178083 916343 916785 958324 974209 CVE-2007-4129 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 CVE-2009-3607 CVE-2009-3608 CVE-2011-4405 CVE-2013-0157 CVE-2013-1788 CVE-2013-1789 CVE-2013-1790 CVE-2013-4473 CVE-2013-4474 CVE-2014-9114 CVE-2015-0245 CVE-2015-5218 CVE-2015-8045 CVE-2015-8047 CVE-2015-8048 CVE-2015-8049 CVE-2015-8050 CVE-2015-8055 CVE-2015-8056 CVE-2015-8057 CVE-2015-8058 CVE-2015-8059 CVE-2015-8060 CVE-2015-8061 CVE-2015-8062 CVE-2015-8063 CVE-2015-8064 CVE-2015-8065 CVE-2015-8066 CVE-2015-8067 CVE-2015-8068 CVE-2015-8069 CVE-2015-8070 CVE-2015-8071 CVE-2015-8401 CVE-2015-8402 CVE-2015-8403 CVE-2015-8404 CVE-2015-8405 CVE-2015-8406 CVE-2015-8407 CVE-2015-8408 CVE-2015-8409 CVE-2015-8410 CVE-2015-8411 CVE-2015-8412 CVE-2015-8413 CVE-2015-8414 CVE-2015-8415 CVE-2015-8416 CVE-2015-8417 CVE-2015-8418 CVE-2015-8419 CVE-2015-8420 CVE-2015-8421 CVE-2015-8422 CVE-2015-8423 CVE-2015-8424 CVE-2015-8425 CVE-2015-8426 CVE-2015-8427 CVE-2015-8428 CVE-2015-8429 CVE-2015-8430 CVE-2015-8431 CVE-2015-8432 CVE-2015-8433 CVE-2015-8434 CVE-2015-8435 CVE-2015-8436 CVE-2015-8437 CVE-2015-8438 CVE-2015-8439 CVE-2015-8440 CVE-2015-8441 CVE-2015-8442 CVE-2015-8443 CVE-2015-8444 CVE-2015-8445 CVE-2015-8446 CVE-2015-8447 CVE-2015-8448 CVE-2015-8449 CVE-2015-8450 CVE-2015-8451 CVE-2015-8452 CVE-2015-8453 CVE-2015-8454 CVE-2015-8455 CVE-2016-1019 CVE-2016-2779 CVE-2016-5011 CVE-2016-7586 CVE-2016-7589 CVE-2016-7592 CVE-2016-7599 CVE-2016-7623 CVE-2016-7632 CVE-2016-7635 CVE-2016-7639 CVE-2016-7641 CVE-2016-7645 CVE-2016-7652 CVE-2016-7654 CVE-2016-7656 CVE-2017-1000456 CVE-2017-13080 CVE-2017-13081 CVE-2017-14517 CVE-2017-14518 CVE-2017-14520 CVE-2017-14617 CVE-2017-14928 CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 CVE-2017-15565 CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2362 CVE-2017-2363 CVE-2017-2364 CVE-2017-2365 CVE-2017-2366 CVE-2017-2369 CVE-2017-2371 CVE-2017-2373 CVE-2017-2496 CVE-2017-2510 CVE-2017-2538 CVE-2017-2539 CVE-2017-2616 CVE-2017-5715 CVE-2017-7018 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7046 CVE-2017-7048 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 CVE-2017-7064 CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396 CVE-2017-7511 CVE-2017-7515 CVE-2017-8288 CVE-2017-9406 CVE-2017-9408 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865 CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2018-5748 CVE-2018-7738 CVE-2019-17177 CVE-2019-17178 CVE-2019-17498 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 SUSE-SU-2015:0457-1 SUSE-SU-2015:2247-1 SUSE-SU-2016:0990-1 SUSE-SU-2017:1093-1 SUSE-SU-2017:2217-1 SUSE-SU-2017:2933-1 SUSE-SU-2018:0279-1 SUSE-SU-2018:2451-2 SUSE-SU-2018:2835-1 SUSE-SU-2019:3078-1 SUSE-SU-2020:3551-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information ImageMagick-7.0.7.29-lp150.1 is installed OR libMagick++-7_Q16HDRI4-7.0.7.29-lp150.1 is installed OR libMagickCore-7_Q16HDRI6-7.0.7.29-lp150.1 is installed OR libMagickWand-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libheimdal-7.7.0-lp151.3.3 is installed OR libheimdal-devel-7.7.0-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.8.0esr-0.13 is installed OR MozillaFirefox-translations-31.8.0esr-0.13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND foomatic-filters-3.0.2-269.39 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information dbus-1-1.8.16-14 is installed OR dbus-1-x11-1.8.16-14 is installed OR libdbus-1-3-1.8.16-14 is installed OR libdbus-1-3-32bit-1.8.16-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information flash-player-11.2.202.554-114 is installed OR flash-player-gnome-11.2.202.554-114 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.18.0-2.9 is installed OR libwebkit2gtk-4_0-37-2.18.0-2.9 is installed OR libwebkit2gtk3-lang-2.18.0-2.9 is installed OR typelib-1_0-JavaScriptCore-4_0-2.18.0-2.9 is installed OR typelib-1_0-WebKit2-4_0-2.18.0-2.9 is installed OR webkit2gtk-4_0-injected-bundles-2.18.0-2.9 is installed OR webkit2gtk3-2.18.0-2.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gnome-shell-3.20.4-77.7 is installed OR gnome-shell-browser-plugin-3.20.4-77.7 is installed OR gnome-shell-calendar-3.20.4-77.7 is installed OR gnome-shell-lang-3.20.4-77.7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND coolkey-1.1.0-148.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xen-4.5.5_18-22.31 is installed OR xen-doc-html-4.5.5_18-22.31 is installed OR xen-kmp-default-4.5.5_18_k3.12.74_60.64.60-22.31 is installed OR xen-libs-4.5.5_18-22.31 is installed OR xen-libs-32bit-4.5.5_18-22.31 is installed OR xen-tools-4.5.5_18-22.31 is installed OR xen-tools-domU-4.5.5_18-22.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information e2fsprogs-1.42.11-7 is installed OR libcom_err2-1.42.11-7 is installed OR libcom_err2-32bit-1.42.11-7 is installed OR libext2fs2-1.42.11-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.3.0-109.50 is installed OR MozillaFirefox-devel-60.3.0-109.50 is installed OR MozillaFirefox-translations-common-60.3.0-109.50 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180703-13.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information at-3.1.14-7 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-default-man-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openslp-2.0.0-18.17 is installed OR openslp-32bit-2.0.0-18.17 is installed OR openslp-server-2.0.0-18.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND apache2-mod_jk-1.2.40-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libssh2-1-1.9.0-4.13 is installed OR libssh2-1-32bit-1.9.0-4.13 is installed OR libssh2-devel-1.9.0-4.13 is installed OR libssh2_org-1.9.0-4.13 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information freerdp-2.0.0~rc4-3.10 is installed OR freerdp-devel-2.0.0~rc4-3.10 is installed OR libfreerdp2-2.0.0~rc4-3.10 is installed OR libwinpr2-2.0.0~rc4-3.10 is installed OR winpr2-devel-2.0.0~rc4-3.10 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information containerd-0.2.5+gitr569_2a5e70c-15 is installed OR docker-1.12.6-87 is installed OR runc-0.1.1+gitr2819_50a19c6-15 is installed
Definition Synopsis
SUSE OpenStack Cloud 6-LTSS is installed AND docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information pam_radius-1.3.16-239.4 is installed OR pam_radius-32bit-1.3.16-239.4 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND git-2.12.3-27.14 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Django1-1.11.20-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND python-Django-1.11.11-3.3 is installed

BACK