Oval Definition:	oval:org.opensuse.security:def:53811
Revision Date: 2020-12-01 Version: 1 Title: Security update for LibVNCServer (Important) Description: This update for LibVNCServer fixes the following issues: Security issues fixed: - CVE-2018-15126: Fixed use-after-free in file transfer extension (bsc#1120114) - CVE-2018-6307: Fixed use-after-free in file transfer extension server code (bsc#1120115) - CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC client code (bsc#1120116) - CVE-2018-15127: Fixed heap out-of-bounds write in rfbserver.c (bsc#1120117) - CVE-2018-20019: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1120118) - CVE-2018-20023: Fixed information disclosure through improper initialization in VNC Repeater client code (bsc#1120119) - CVE-2018-20022: Fixed information disclosure through improper initialization in VNC client code (bsc#1120120) - CVE-2018-20024: Fixed NULL pointer dereference in VNC client code (bsc#1120121) - CVE-2018-20021: Fixed infinite loop in VNC client code (bsc#1120122) Family: unix Class: patch Status: Reference(s): 1013721 1013732 1015332 1017646 1018870 1024724 1027053 1027057 1027712 1032309 1076503 1114837 1118595 1118596 1120114 1120115 1120116 1120117 1120118 1120119 1120120 1120121 1120122 1162777 1163368 901242 908994 954980 CVE-2006-4197 CVE-2010-2935 CVE-2010-2936 CVE-2012-1152 CVE-2013-6393 CVE-2014-0247 CVE-2014-2525 CVE-2014-3524 CVE-2014-3575 CVE-2014-3693 CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6517 CVE-2014-6519 CVE-2014-6531 CVE-2014-6558 CVE-2014-8146 CVE-2014-8147 CVE-2014-8500 CVE-2014-9093 CVE-2014-9130 CVE-2015-4551 CVE-2015-5212 CVE-2015-5213 CVE-2015-5214 CVE-2015-8126 CVE-2016-0794 CVE-2016-0795 CVE-2016-10087 CVE-2016-10165 CVE-2016-10327 CVE-2016-4324 CVE-2016-9586 CVE-2016-9800 CVE-2016-9801 CVE-2017-3157 CVE-2017-5953 CVE-2017-6349 CVE-2017-6350 CVE-2017-7407 CVE-2017-7870 CVE-2017-7882 CVE-2017-8358 CVE-2018-10119 CVE-2018-10120 CVE-2018-1055 CVE-2018-10583 CVE-2018-15126 CVE-2018-15127 CVE-2018-15518 CVE-2018-16435 CVE-2018-16850 CVE-2018-19873 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-5764 CVE-2018-6307 CVE-2018-6871 CVE-2020-6792 CVE-2020-6793 CVE-2020-6794 CVE-2020-6795 CVE-2020-6797 CVE-2020-6798 CVE-2020-6800 SUSE-SU-2016:0027-1 SUSE-SU-2017:0853-1 SUSE-SU-2017:1042-1 SUSE-SU-2017:1712-1 SUSE-SU-2018:0174-1 SUSE-SU-2018:3770-1 SUSE-SU-2018:4179-1 SUSE-SU-2018:4188-1 SUSE-SU-2019:0080-1 SUSE-SU-2020:0385-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND cups-filters-1.20.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information bzip2-1.0.6-lp151.5.6 is installed OR bzip2-doc-1.0.6-lp151.5.6 is installed OR libbz2-1-1.0.6-lp151.5.6 is installed OR libbz2-1-32bit-1.0.6-lp151.5.6 is installed OR libbz2-devel-1.0.6-lp151.5.6 is installed OR libbz2-devel-32bit-1.0.6-lp151.5.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.11-0.3 is installed OR MozillaFirefox-translations-10.0.11-0.3 is installed OR libfreebl3-3.14-0.3 is installed OR libfreebl3-32bit-3.14-0.3 is installed OR mozilla-nss-3.14-0.3 is installed OR mozilla-nss-32bit-3.14-0.3 is installed OR mozilla-nss-tools-3.14-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libjasper-1.900.1-134.17 is installed OR libjasper-32bit-1.900.1-134.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.41 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.41 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information java-1_7_0-openjdk-1.7.0.71-6 is installed OR java-1_7_0-openjdk-headless-1.7.0.71-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libpng16-1.6.8-11 is installed OR libpng16-16-1.6.8-11 is installed OR libpng16-16-32bit-1.6.8-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gvim-7.4.326-16 is installed OR vim-7.4.326-16 is installed OR vim-data-7.4.326-16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND rsync-3.1.0-13.10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information lcms2-2.7-9.7 is installed OR liblcms2-2-2.7-9.7 is installed OR liblcms2-2-32bit-2.7-9.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_62-60_64_8-default-9-3 is installed OR kgraft-patch-3_12_62-60_64_8-xen-9-3 is installed OR kgraft-patch-SLE12-SP1_Update_8-9-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND libevent-2_0-5-2.0.21-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ghostscript-9.25-23.13 is installed OR ghostscript-x11-9.25-23.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libldap-2_4-2-2.4.41-18.68 is installed OR libldap-2_4-2-32bit-2.4.41-18.68 is installed OR openldap2-2.4.41-18.68 is installed OR openldap2-back-meta-2.4.41-18.68 is installed OR openldap2-client-2.4.41-18.68 is installed OR openldap2-doc-2.4.41-18.68 is installed OR openldap2-ppolicy-check-password-1.2-18.68 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openssh-7.2p2-74.23 is installed OR openssh-askpass-gnome-7.2p2-74.23 is installed OR openssh-fips-7.2p2-74.23 is installed OR openssh-helpers-7.2p2-74.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information bluez-5.13-5.4 is installed OR libbluetooth3-5.13-5.4 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information LibVNCServer-0.9.10-4.3 is installed OR libvncclient0-0.9.10-4.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.5.0-3.71 is installed OR MozillaThunderbird-translations-common-68.5.0-3.71 is installed OR MozillaThunderbird-translations-other-68.5.0-3.71 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND python-Beaker-1.6.4-0.7 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND nodejs6-6.12.2-11.8 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information xen-4.9.4_06-3.59 is installed OR xen-doc-html-4.9.4_06-3.59 is installed OR xen-libs-4.9.4_06-3.59 is installed OR xen-libs-32bit-4.9.4_06-3.59 is installed OR xen-tools-4.9.4_06-3.59 is installed OR xen-tools-domU-4.9.4_06-3.59 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed
BACK