Oval Definition:oval:org.opensuse.security:def:54763
Revision Date:2021-02-19Version:1
Title:Security update for krb5-appl (Important)
Description:

This update for krb5-appl fixes the following issues:

- CVE-2019-25017: Check the filenames sent by the server match those requested by the client (bsc#1131109). - CVE-2019-25018: Disallow empty incoming filename or ones that refer to the current directory (bsc#1131109).
Family:unixClass:patch
Status:Reference(s):1036244
1038425
1040202
1046554
1046555
1046856
1048457
1049796
1050083
1050116
1050139
1050632
1051441
1051847
1052450
1052553
1052689
1052744
1052758
1052764
1054757
1054979
1055214
1056432
1057157
1057719
1057729
1057730
1058485
1058637
1059666
1059778
1060176
1060577
1061254
1062645
1062750
1066003
1067181
1067184
1067409
1068032
1068613
1070144
1071228
1073489
1076114
1076179
1076775
1076814
1082276
1083291
1085598
1087200
1099498
1109465
1115245
1117473
1117751
1117776
1118460
1118462
1118463
1123482
1124525
1125623
1125666
1131109
1133810
1140868
1145665
1149323
831359
900914
907651
915410
928193
931972
931973
931974
932040
940191
946204
951734
951735
956018
956021
956260
957105
957106
957107
957109
957110
CVE-2012-0035
CVE-2013-4242
CVE-2014-3421
CVE-2014-3422
CVE-2014-3423
CVE-2014-3424
CVE-2014-8242
CVE-2014-9512
CVE-2015-1819
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
CVE-2015-5312
CVE-2015-7236
CVE-2015-7497
CVE-2015-7498
CVE-2015-7499
CVE-2015-7500
CVE-2015-7941
CVE-2015-7942
CVE-2015-8241
CVE-2015-8242
CVE-2015-8317
CVE-2016-10164
CVE-2017-1000083
CVE-2017-11188
CVE-2017-11478
CVE-2017-11523
CVE-2017-11527
CVE-2017-11535
CVE-2017-11640
CVE-2017-11752
CVE-2017-12140
CVE-2017-12435
CVE-2017-12587
CVE-2017-12644
CVE-2017-12662
CVE-2017-12669
CVE-2017-12983
CVE-2017-13134
CVE-2017-13769
CVE-2017-14138
CVE-2017-14172
CVE-2017-14173
CVE-2017-14175
CVE-2017-14341
CVE-2017-14342
CVE-2017-14531
CVE-2017-14607
CVE-2017-14682
CVE-2017-14733
CVE-2017-14989
CVE-2017-15119
CVE-2017-15124
CVE-2017-15191
CVE-2017-15192
CVE-2017-15193
CVE-2017-15217
CVE-2017-15930
CVE-2017-16545
CVE-2017-16546
CVE-2017-16669
CVE-2017-16845
CVE-2017-17381
CVE-2017-18030
CVE-2017-18043
CVE-2017-3142
CVE-2017-3143
CVE-2017-5715
CVE-2017-8422
CVE-2018-19636
CVE-2018-19637
CVE-2018-19638
CVE-2018-19639
CVE-2018-19640
CVE-2018-5683
CVE-2018-7550
CVE-2019-11709
CVE-2019-11710
CVE-2019-11711
CVE-2019-11712
CVE-2019-11713
CVE-2019-11714
CVE-2019-11715
CVE-2019-11716
CVE-2019-11717
CVE-2019-11718
CVE-2019-11719
CVE-2019-11720
CVE-2019-11721
CVE-2019-11723
CVE-2019-11724
CVE-2019-11725
CVE-2019-11727
CVE-2019-11728
CVE-2019-11729
CVE-2019-11730
CVE-2019-11733
CVE-2019-11735
CVE-2019-11736
CVE-2019-11738
CVE-2019-11740
CVE-2019-11742
CVE-2019-11743
CVE-2019-11744
CVE-2019-11746
CVE-2019-11747
CVE-2019-11748
CVE-2019-11749
CVE-2019-11750
CVE-2019-11751
CVE-2019-11752
CVE-2019-11753
CVE-2019-25017
CVE-2019-25018
CVE-2019-9811
CVE-2019-9812
SUSE-SU-2015:1091-1
SUSE-SU-2015:1706-1
SUSE-SU-2016:0030-1
SUSE-SU-2016:0176-1
SUSE-SU-2017:1335-1
SUSE-SU-2017:1736-1
SUSE-SU-2017:2860-1
SUSE-SU-2017:3388-1
SUSE-SU-2017:3428-1
SUSE-SU-2018:0831-1
SUSE-SU-2019:0128-1
SUSE-SU-2019:1122-1
SUSE-SU-2019:2620-1
SUSE-SU-2021:0527-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • freerdp-2.0.0~rc2-lp150.1 is installed
  • OR libfreerdp2-2.0.0~rc2-lp150.1 is installed
  • OR libwinpr2-2.0.0~rc2-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exempi-2.4.5-lp151.3.3 is installed
  • OR exempi-tools-2.4.5-lp151.3.3 is installed
  • OR libexempi-devel-2.4.5-lp151.3.3 is installed
  • OR libexempi3-2.4.5-lp151.3.3 is installed
  • OR libexempi3-32bit-2.4.5-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libgcrypt11-1.5.0-0.15 is installed
  • OR libgcrypt11-32bit-1.5.0-0.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • postgresql91-9.1.18-0.3 is installed
  • OR postgresql91-docs-9.1.18-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • libxml2-2.7.6-0.34 is installed
  • OR libxml2-32bit-2.7.6-0.34 is installed
  • OR libxml2-python-2.7.6-0.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • bind-9.9.9P1-62 is installed
  • OR bind-libs-9.9.9P1-62 is installed
  • OR bind-libs-32bit-9.9.9P1-62 is installed
  • OR bind-utils-9.9.9P1-62 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • emacs-24.3-19 is installed
  • OR emacs-info-24.3-19 is installed
  • OR emacs-x11-24.3-19 is installed
  • OR etags-24.3-19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • PackageKit-1.1.3-24.9 is installed
  • OR PackageKit-backend-zypp-1.1.3-24.9 is installed
  • OR PackageKit-gstreamer-plugin-1.1.3-24.9 is installed
  • OR PackageKit-gtk3-module-1.1.3-24.9 is installed
  • OR PackageKit-lang-1.1.3-24.9 is installed
  • OR libpackagekit-glib2-18-1.1.3-24.9 is installed
  • OR typelib-1_0-PackageKitGlib-1_0-1.1.3-24.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libjavascriptcoregtk-3_0-0-2.4.8-16 is installed
  • OR libwebkitgtk-3_0-0-2.4.8-16 is installed
  • OR libwebkitgtk3-lang-2.4.8-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND clamav-0.99.2-32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • cups-pk-helper-0.2.5-3 is installed
  • OR cups-pk-helper-lang-0.2.5-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • xen-4.7.6_05-43.42 is installed
  • OR xen-doc-html-4.7.6_05-43.42 is installed
  • OR xen-libs-4.7.6_05-43.42 is installed
  • OR xen-libs-32bit-4.7.6_05-43.42 is installed
  • OR xen-tools-4.7.6_05-43.42 is installed
  • OR xen-tools-domU-4.7.6_05-43.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.4.0esr-109.55 is installed
  • OR MozillaFirefox-devel-60.4.0esr-109.55 is installed
  • OR MozillaFirefox-translations-common-60.4.0esr-109.55 is installed
  • OR libfreebl3-3.40.1-58.18 is installed
  • OR libfreebl3-32bit-3.40.1-58.18 is installed
  • OR libsoftokn3-3.40.1-58.18 is installed
  • OR libsoftokn3-32bit-3.40.1-58.18 is installed
  • OR mozilla-nspr-4.20-19.6 is installed
  • OR mozilla-nspr-32bit-4.20-19.6 is installed
  • OR mozilla-nss-3.40.1-58.18 is installed
  • OR mozilla-nss-32bit-3.40.1-58.18 is installed
  • OR mozilla-nss-certs-3.40.1-58.18 is installed
  • OR mozilla-nss-certs-32bit-3.40.1-58.18 is installed
  • OR mozilla-nss-sysinit-3.40.1-58.18 is installed
  • OR mozilla-nss-sysinit-32bit-3.40.1-58.18 is installed
  • OR mozilla-nss-tools-3.40.1-58.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • krb5-appl-clients-1.0.3-3.6.1 is installed
  • OR krb5-appl-servers-1.0.3-3.6.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • openssh-7.2p2-74.30 is installed
  • OR openssh-askpass-gnome-7.2p2-74.30 is installed
  • OR openssh-fips-7.2p2-74.30 is installed
  • OR openssh-helpers-7.2p2-74.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpolkit0-0.113-5.18 is installed
  • OR polkit-0.113-5.18 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_72-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_22-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND ucode-intel-20180807-13.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-ironic-4.2.3~a0~dev14-1 is installed
  • OR openstack-ironic-api-4.2.3~a0~dev14-1 is installed
  • OR openstack-ironic-conductor-4.2.3~a0~dev14-1 is installed
  • OR python-ironic-4.2.3~a0~dev14-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.9 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.9 is installed
  • OR sqlite3-3.8.10.2-9.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-sprockets-2_12-2.12.5-1.4 is installed
  • OR rubygem-sprockets-2_12-2.12.5-1.4 is installed
    • BACK