OVAL Reference oval:org.opensuse.security:def:5434

Oval Definition:

oval:org.opensuse.security:def:5434

Revision Date:	2020-12-02	Version:	1
Title:	Security update for squid (Important)
Description:	This update for squid to version 4.11 fixes the following issues: - CVE-2020-11945: Fixed a potential remote code execution vulnerability when using HTTP Digest Authentication (bsc#1170313). - CVE-2019-12519, CVE-2019-12521: Fixed incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (bsc#1169659). - CVE-2020-8517: Fixed a possible denial of service caused by incorrect buffer management ext_lm_group_acl when processing NTLM Authentication credentials (bsc#1162691). - CVE-2019-12528: Fixed possible information disclosure when translating FTP server listings into HTTP responses (bsc#1162689). - CVE-2019-18860: Fixed handling of invalid domain names in cachemgr.cgi (bsc#1167373).
Family:	unix	Class:	patch
Status:		Reference(s):	1162689 1162691 1167373 1169659 1170313 1171863 1171864 1171866 1172348 CVE-2008-2109 CVE-2009-0696 CVE-2009-0946 CVE-2009-1885 CVE-2009-3627 CVE-2009-4022 CVE-2010-1205 CVE-2010-1205 CVE-2010-2497 CVE-2010-2640 CVE-2010-2641 CVE-2010-2642 CVE-2010-2643 CVE-2010-2800 CVE-2010-2801 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3613 CVE-2010-3614 CVE-2010-3615 CVE-2010-3814 CVE-2010-3855 CVE-2011-0226 CVE-2011-0414 CVE-2011-1907 CVE-2011-1910 CVE-2011-2464 CVE-2011-2501 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3026 CVE-2011-3026 CVE-2011-3045 CVE-2011-3048 CVE-2011-3048 CVE-2011-3256 CVE-2011-3328 CVE-2011-3439 CVE-2011-3464 CVE-2011-4313 CVE-2012-0804 CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 CVE-2012-1667 CVE-2012-3386 CVE-2012-3386 CVE-2012-3817 CVE-2012-3868 CVE-2012-4244 CVE-2012-5166 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2012-5688 CVE-2012-5689 CVE-2013-2266 CVE-2013-4854 CVE-2013-6370 CVE-2013-6371 CVE-2013-7353 CVE-2013-7354 CVE-2014-0591 CVE-2014-2240 CVE-2014-2241 CVE-2014-8500 CVE-2014-9556 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2015-0252 CVE-2015-1349 CVE-2015-4620 CVE-2015-5477 CVE-2015-5722 CVE-2015-7981 CVE-2015-8000 CVE-2015-8126 CVE-2015-8704 CVE-2016-1285 CVE-2016-1286 CVE-2016-2347 CVE-2016-2776 CVE-2016-3698 CVE-2019-12519 CVE-2019-12521 CVE-2019-12528 CVE-2019-18860 CVE-2020-10543 CVE-2020-10878 CVE-2020-11945 CVE-2020-12723 CVE-2020-8517 SUSE-SU-2020:1156-1 SUSE-SU-2020:1682-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 12 SP2 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE OpenStack Cloud 5 SUSE OpenStack Cloud 6	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND openssl-certs-1.97-0.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information librsvg-2.26.0-2.5.1 is installed OR librsvg-32bit-2.26.0-2.5.1 is installed OR rsvg-view-2.26.0-2.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libfreetype6-2.5.5-7.5 is installed OR libfreetype6-32bit-2.5.5-7.5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bind-libs-9.9.9P1-46 is installed OR bind-libs-32bit-9.9.9P1-46 is installed OR bind-utils-9.9.9P1-46 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information qemu-2.0.2-48.22.1 is installed OR qemu-block-curl-2.0.2-48.22.1 is installed OR qemu-block-rbd-2.0.2-48.22.1 is installed OR qemu-guest-agent-2.0.2-48.22.1 is installed OR qemu-ipxe-1.0.0-48.22.1 is installed OR qemu-kvm-2.0.2-48.22.1 is installed OR qemu-lang-2.0.2-48.22.1 is installed OR qemu-seabios-1.7.4-48.22.1 is installed OR qemu-sgabios-8-48.22.1 is installed OR qemu-tools-2.0.2-48.22.1 is installed OR qemu-vgabios-1.7.4-48.22.1 is installed OR qemu-x86-2.0.2-48.22.1 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND sudo-1.8.10p3-2.16.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information dhcp-4.3.3-10.16 is installed OR dhcp-client-4.3.3-10.16 is installed OR dhcp-relay-4.3.3-10.16 is installed OR dhcp-server-4.3.3-10.16 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-4_4_49-92_11-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_5-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_73-5-default-2-2.3.2 is installed OR kgraft-patch-SLE12-SP3_Update_0-2-2.3.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information salt-2016.11.4-46.7.1 is installed OR salt-api-2016.11.4-46.7.1 is installed OR salt-bash-completion-2016.11.4-46.7.1 is installed OR salt-cloud-2016.11.4-46.7.1 is installed OR salt-doc-2016.11.4-46.7.1 is installed OR salt-master-2016.11.4-46.7.1 is installed OR salt-minion-2016.11.4-46.7.1 is installed OR salt-proxy-2016.11.4-46.7.1 is installed OR salt-ssh-2016.11.4-46.7.1 is installed OR salt-syndic-2016.11.4-46.7.1 is installed OR salt-zsh-completion-2016.11.4-46.7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND Package Information sles12-docker-image-1.1.2-20160727 is installed OR sles12sp1-docker-image-1.0.5-20160727 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information cups154-1.5.4-2 is installed OR cups154-client-1.5.4-2 is installed OR cups154-filters-1.5.4-2 is installed OR cups154-libs-1.5.4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-requests-2.3.0-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-11.3 is installed OR php5-5.5.14-11.3 is installed OR php5-bcmath-5.5.14-11.3 is installed OR php5-bz2-5.5.14-11.3 is installed OR php5-calendar-5.5.14-11.3 is installed OR php5-ctype-5.5.14-11.3 is installed OR php5-curl-5.5.14-11.3 is installed OR php5-dba-5.5.14-11.3 is installed OR php5-dom-5.5.14-11.3 is installed OR php5-enchant-5.5.14-11.3 is installed OR php5-exif-5.5.14-11.3 is installed OR php5-fastcgi-5.5.14-11.3 is installed OR php5-fileinfo-5.5.14-11.3 is installed OR php5-fpm-5.5.14-11.3 is installed OR php5-ftp-5.5.14-11.3 is installed OR php5-gd-5.5.14-11.3 is installed OR php5-gettext-5.5.14-11.3 is installed OR php5-gmp-5.5.14-11.3 is installed OR php5-iconv-5.5.14-11.3 is installed OR php5-intl-5.5.14-11.3 is installed OR php5-json-5.5.14-11.3 is installed OR php5-ldap-5.5.14-11.3 is installed OR php5-mbstring-5.5.14-11.3 is installed OR php5-mcrypt-5.5.14-11.3 is installed OR php5-mysql-5.5.14-11.3 is installed OR php5-odbc-5.5.14-11.3 is installed OR php5-openssl-5.5.14-11.3 is installed OR php5-pcntl-5.5.14-11.3 is installed OR php5-pdo-5.5.14-11.3 is installed OR php5-pear-5.5.14-11.3 is installed OR php5-pgsql-5.5.14-11.3 is installed OR php5-pspell-5.5.14-11.3 is installed OR php5-shmop-5.5.14-11.3 is installed OR php5-snmp-5.5.14-11.3 is installed OR php5-soap-5.5.14-11.3 is installed OR php5-sockets-5.5.14-11.3 is installed OR php5-sqlite-5.5.14-11.3 is installed OR php5-suhosin-5.5.14-11.3 is installed OR php5-sysvmsg-5.5.14-11.3 is installed OR php5-sysvsem-5.5.14-11.3 is installed OR php5-sysvshm-5.5.14-11.3 is installed OR php5-tokenizer-5.5.14-11.3 is installed OR php5-wddx-5.5.14-11.3 is installed OR php5-xmlreader-5.5.14-11.3 is installed OR php5-xmlrpc-5.5.14-11.3 is installed OR php5-xmlwriter-5.5.14-11.3 is installed OR php5-xsl-5.5.14-11.3 is installed OR php5-zip-5.5.14-11.3 is installed OR php5-zlib-5.5.14-11.3 is installed
Definition Synopsis
SUSE Linux Enterprise Point of Sale 12 SP2 is installed AND Package Information salt-2016.11.4-46.10.1 is installed OR salt-minion-2016.11.4-46.10.1 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.58-14.1 is installed OR kernel-compute-base-3.12.58-14.1 is installed OR kernel-compute-devel-3.12.58-14.1 is installed OR kernel-compute_debug-3.12.58-14.1 is installed OR kernel-compute_debug-devel-3.12.58-14.1 is installed OR kernel-devel-rt-3.12.58-14.1 is installed OR kernel-rt-3.12.58-14.1 is installed OR kernel-rt-base-3.12.58-14.1 is installed OR kernel-rt-devel-3.12.58-14.1 is installed OR kernel-rt_debug-3.12.58-14.1 is installed OR kernel-rt_debug-devel-3.12.58-14.1 is installed OR kernel-source-rt-3.12.58-14.1 is installed OR kernel-syms-rt-3.12.58-14.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 is installed AND Package Information libpng12-0-1.2.31-5.18.1 is installed OR libpng12-0-32bit-1.2.31-5.18.1 is installed OR libpng12-0-x86-1.2.31-5.18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information cups-1.3.9-8.46.52.2 is installed OR cups-client-1.3.9-8.46.52.2 is installed OR cups-libs-1.3.9-8.46.52.2 is installed OR cups-libs-32bit-1.3.9-8.46.52.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information e2fsprogs-1.41.9-2.7.1 is installed OR libcom_err2-1.41.9-2.7.1 is installed OR libcom_err2-32bit-1.41.9-2.7.1 is installed OR libcom_err2-x86-1.41.9-2.7.1 is installed OR libext2fs2-1.41.9-2.7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information PackageKit-0.3.14-2.28.46 is installed OR PackageKit-lang-0.3.14-2.28.46 is installed OR hal-0.5.12-23.68.1 is installed OR hal-32bit-0.5.12-23.68.1 is installed OR hal-doc-0.5.12-23.68.1 is installed OR hal-x86-0.5.12-23.68.1 is installed OR libpackagekit-glib10-0.3.14-2.28.46 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information xorg-x11-libXfixes-7.4-1.16.8 is installed OR xorg-x11-libXfixes-32bit-7.4-1.16.8 is installed OR xorg-x11-libXfixes-x86-7.4-1.16.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information MozillaFirefox-38.4.0esr-51 is installed OR MozillaFirefox-translations-38.4.0esr-51 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libpython3_4m1_0-3.4.5-19.1 is installed OR python3-3.4.5-19.1 is installed OR python3-base-3.4.5-19.1 is installed OR python3-curses-3.4.5-19.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libpoppler-glib8-0.43.0-15 is installed OR libpoppler-qt4-4-0.43.0-15 is installed OR libpoppler60-0.43.0-15 is installed OR poppler-tools-0.43.0-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND coolkey-1.1.0-148.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information expat-2.1.0-17 is installed OR libexpat1-2.1.0-17 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 is installed AND Package Information kgraft-patch-3_12_60-52_63-default-3-2 is installed OR kgraft-patch-3_12_60-52_63-xen-3-2 is installed OR kgraft-patch-SLE12_Update_18-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND Package Information evince-3.10.3-2.3 is installed OR evince-lang-3.10.3-2.3 is installed OR libevdocument3-4-3.10.3-2.3 is installed OR libevview3-3-3.10.3-2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND squid-4.11-5.17 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information boinc-client-6.2.18-4.31.2 is installed OR boinc-client-devel-6.2.18-4.31.2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR ImageMagick-devel-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagick++-devel-6.8.8.1-5 is installed OR perl-PerlMagick-6.8.8.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND libcares-devel-1.9.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.85 is installed OR ImageMagick-devel-6.8.8.1-71.85 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed OR libMagick++-devel-6.8.8.1-71.85 is installed OR perl-PerlMagick-6.8.8.1-71.85 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND argyllcms-1.6.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-30.2 is installed OR libMagick++-6_Q16-3-6.8.8.1-30.2 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-30.2 is installed

BACK