OVAL Reference oval:org.opensuse.security:def:53751

Oval Definition:

oval:org.opensuse.security:def:53751

Revision Date:	2020-12-01	Version:	1
Title:	Security update for enigmail (Moderate)
Description:	This update for enigmail to 2.0.7 fixes the following issues: These security issues were fixed: - CVE-2018-12020: Mitigation against GnuPG signature spoofing: Email signatures could be spoofed via an embedded '--filename' parameter in OpenPGP literal data packets. This update prevents this issue from being exploited if GnuPG was not updated (boo#1096745) - CVE-2018-12019: The signature verification routine interpreted User IDs as status/control messages and did not correctly keep track of the status of multiple signatures. This allowed remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids (boo#1097525) - Disallow plaintext (literal packets) outside of encrpyted packets - Replies to a partially encrypted message may have revealed protected information - no longer display PGP/MIME message part followed by unencrypted data (bsc#1094781) - Fix signature Spoofing via Inline-PGP in HTML Mails These non-security issues were fixed: - Fix filter actions forgetting selected mail folder names - Fix compatibility issue with Thunderbird 60b7
Family:	unix	Class:	patch
Status:		Reference(s):	1003577 1003579 1003580 1013882 1018128 1030263 1032114 1032120 1036453 1049692 1050459 1052829 1054285 1089039 1094781 1096745 1097525 1101246 1101470 1104789 1106197 1108020 1137595 1138872 921978 922448 923241 929736 961596 990189 990190 990191 997043 CVE-2012-1174 CVE-2013-3571 CVE-2013-4288 CVE-2013-7447 CVE-2014-0019 CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 CVE-2015-2059 CVE-2015-2296 CVE-2015-4000 CVE-2015-8948 CVE-2016-10156 CVE-2016-10164 CVE-2016-10220 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 CVE-2016-6855 CVE-2016-7795 CVE-2016-9601 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-13720 CVE-2017-13722 CVE-2017-14062 CVE-2017-15908 CVE-2017-18078 CVE-2017-5951 CVE-2017-7207 CVE-2017-7753 CVE-2017-7779 CVE-2017-7782 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2017-8291 CVE-2017-9217 CVE-2017-9445 CVE-2018-0737 CVE-2018-1049 CVE-2018-10933 CVE-2018-12019 CVE-2018-12020 CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 CVE-2019-11707 CVE-2019-11708 SUSE-SU-2015:0702-1 SUSE-SU-2016:0114-1 SUSE-SU-2016:2079-1 SUSE-SU-2017:0003-1 SUSE-SU-2017:1404-1 SUSE-SU-2017:2589-1 SUSE-SU-2018:0334-1 SUSE-SU-2018:2243-1 SUSE-SU-2018:2928-1 SUSE-SU-2018:3253-1 SUSE-SU-2019:1683-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information colord-1.4.2-lp150.1 is installed OR colord-color-profiles-1.4.2-lp150.1 is installed OR colord-gtk-lang-0.1.26-lp150.1 is installed OR colord-lang-1.4.2-lp150.1 is installed OR libcolord-gtk1-0.1.26-lp150.1 is installed OR libcolord2-1.4.2-lp150.1 is installed OR libcolorhug2-1.4.2-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libu2f-host-1.1.6-lp151.2.3 is installed OR libu2f-host-devel-1.1.6-lp151.2.3 is installed OR libu2f-host-doc-1.1.6-lp151.2.3 is installed OR libu2f-host0-1.1.6-lp151.2.3 is installed OR u2f-host-1.1.6-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information curl-7.19.7-1.40 is installed OR libcurl4-7.19.7-1.40 is installed OR libcurl4-32bit-7.19.7-1.40 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information bind-9.9.6P1-0.25 is installed OR bind-libs-9.9.6P1-0.25 is installed OR bind-libs-32bit-9.9.6P1-0.25 is installed OR bind-utils-9.9.6P1-0.25 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libXfont-1.4.7-4 is installed OR libXfont1-1.4.7-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libidn-1.28-4 is installed OR libidn11-1.28-4 is installed OR libidn11-32bit-1.28-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libz1-1.2.8-11 is installed OR libz1-32bit-1.2.8-11 is installed OR zlib-1.2.8-11 is installed OR zlib-devel-1.2.8-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information MozillaFirefox-52.3.0esr-109.3 is installed OR MozillaFirefox-translations-52.3.0esr-109.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information eog-3.20.4-7 is installed OR eog-lang-3.20.4-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND apache2-mod_jk-1.2.40-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xen-4.5.5_20-22.36 is installed OR xen-doc-html-4.5.5_20-22.36 is installed OR xen-kmp-default-4.5.5_20_k3.12.74_60.64.63-22.36 is installed OR xen-libs-4.5.5_20-22.36 is installed OR xen-libs-32bit-4.5.5_20-22.36 is installed OR xen-tools-4.5.5_20-22.36 is installed OR xen-tools-domU-4.5.5_20-22.36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gnutls-3.2.15-11 is installed OR libgnutls-openssl27-3.2.15-11 is installed OR libgnutls28-3.2.15-11 is installed OR libgnutls28-32bit-3.2.15-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libssh2-1-1.4.3-20.6 is installed OR libssh2-1-32bit-1.4.3-20.6 is installed OR libssh2_org-1.4.3-20.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ghostscript-9.25-23.13 is installed OR ghostscript-x11-9.25-23.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information apache2-2.4.23-29.18 is installed OR apache2-doc-2.4.23-29.18 is installed OR apache2-example-pages-2.4.23-29.18 is installed OR apache2-prefork-2.4.23-29.18 is installed OR apache2-utils-2.4.23-29.18 is installed OR apache2-worker-2.4.23-29.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cups-pk-helper-0.2.5-5 is installed OR cups-pk-helper-lang-0.2.5-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_156-94_57-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_18-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_61-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_19-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cracklib-2.9.0-7 is installed OR libcrack2-2.9.0-7 is installed OR libcrack2-32bit-2.9.0-7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND enigmail-2.0.7-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-60.7.2-3.43 is installed OR MozillaThunderbird-translations-common-60.7.2-3.43 is installed OR MozillaThunderbird-translations-other-60.7.2-3.43 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information java-1_8_0-openjdk-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-demo-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-devel-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-headless-1.8.0.144-27.5 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND ucode-intel-20200602-13.68 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libsolv-0.6.36-2.16 is installed OR libsolv-tools-0.6.36-2.16 is installed OR libzypp-16.20.0-2.39 is installed OR perl-solv-0.6.36-2.16 is installed OR python-solv-0.6.36-2.16 is installed OR zypper-1.13.51-21.26 is installed OR zypper-log-1.13.51-21.26 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Twisted-15.2.1-9.5 is installed

BACK