Oval Definition:oval:org.opensuse.security:def:55299
Revision Date:2021-03-01Version:1
Title:Security update for perl-XML-Twig (Moderate)
Description:

This update for perl-XML-Twig fixes the following issues:

- Security fix [bsc#1008644, CVE-2016-9180] * Added: the no_xxe option to XML::Twig::new, which causes the parse to fail if external entities are used (to prevent malicious XML to access the filesystem). * Setting expand_external_ents to 0 or -1 currently doesn't work as expected; To completely turn off expanding external entities use no_xxe. * Update documentation for XML::Twig to mention problems with expand_external_ents and add information about new no_xxe argument
Family:unixClass:patch
Status:Reference(s):1008644
1017420
1022500
1043290
1047666
1050087
1056434
1058630
1059735
1060382
1066168
1066170
1066713
1072124
1072125
1082283
1082291
1082348
1082362
1082792
1082837
1083628
1083634
1086011
1106989
1106996
1107609
1120381
1122033
1124365
1124366
1124368
1128649
1130330
1131317
1132053
1132054
1132060
1133204
1133205
1133498
1133501
1134075
1135232
1135236
1136183
1136732
1138425
1138464
1144621
295284
847708
912457
920057
934299
936909
948244
949022
953382
954102
958582
958583
958584
958586
991344
992534
999701
CVE-2013-1739
CVE-2013-1992
CVE-2013-7459
CVE-2014-3591
CVE-2015-0837
CVE-2015-1239
CVE-2015-5252
CVE-2015-5296
CVE-2015-5299
CVE-2015-5330
CVE-2015-7236
CVE-2016-5250
CVE-2016-5257
CVE-2016-5261
CVE-2016-5270
CVE-2016-5272
CVE-2016-5274
CVE-2016-5276
CVE-2016-5277
CVE-2016-5278
CVE-2016-5280
CVE-2016-5281
CVE-2016-5284
CVE-2016-5384
CVE-2016-9180
CVE-2017-0358
CVE-2017-11524
CVE-2017-12692
CVE-2017-12693
CVE-2017-12805
CVE-2017-12806
CVE-2017-13768
CVE-2017-14314
CVE-2017-14505
CVE-2017-14739
CVE-2017-15016
CVE-2017-15017
CVE-2017-16352
CVE-2017-16353
CVE-2017-17479
CVE-2017-17480
CVE-2017-18209
CVE-2017-18211
CVE-2017-8779
CVE-2017-9500
CVE-2018-16412
CVE-2018-16413
CVE-2018-16644
CVE-2018-20467
CVE-2018-7443
CVE-2018-7470
CVE-2018-8804
CVE-2019-10131
CVE-2019-10216
CVE-2019-10650
CVE-2019-11007
CVE-2019-11008
CVE-2019-11009
CVE-2019-11470
CVE-2019-11472
CVE-2019-11505
CVE-2019-11506
CVE-2019-11597
CVE-2019-11598
CVE-2019-7175
CVE-2019-7395
CVE-2019-7397
CVE-2019-7398
CVE-2019-9956
SUSE-SU-2015:1626-1
SUSE-SU-2016:0164-1
SUSE-SU-2016:0228-1
SUSE-SU-2016:2190-1
SUSE-SU-2016:2434-1
SUSE-SU-2017:2350-1
SUSE-SU-2018:0857-1
SUSE-SU-2018:1364-1
SUSE-SU-2018:3587-1
SUSE-SU-2019:1033-1
SUSE-SU-2019:1712-1
SUSE-SU-2019:2347-1
SUSE-SU-2020:2173-2
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gnome-shell-3.26.2+20180130.0d9c74212-lp150.2 is installed
  • OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-lp150.2 is installed
  • OR gnome-shell-lang-3.26.2+20180130.0d9c74212-lp150.2 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libzstd-devel-1.4.2-lp151.3.3 is installed
  • OR libzstd-devel-static-1.4.2-lp151.3.3 is installed
  • OR libzstd1-1.4.2-lp151.3.3 is installed
  • OR libzstd1-32bit-1.4.2-lp151.3.3 is installed
  • OR zstd-1.4.2-lp151.3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-17.0.10esr-0.7 is installed
  • OR MozillaFirefox-branding-SLED-7-0.12 is installed
  • OR MozillaFirefox-translations-17.0.10esr-0.7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • libgcrypt-1.5.0-0.19 is installed
  • OR libgcrypt11-1.5.0-0.19 is installed
  • OR libgcrypt11-32bit-1.5.0-0.19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libntfs-3g84-2013.1.13-5.3 is installed
  • OR ntfs-3g-2013.1.13-5.3 is installed
  • OR ntfs-3g_ntfsprogs-2013.1.13-5.3 is installed
  • OR ntfsprogs-2013.1.13-5.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libtirpc-netconfig-1.0.1-17.6 is installed
  • OR libtirpc3-1.0.1-17.6 is installed
  • OR libtirpc3-32bit-1.0.1-17.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND libdmx1-1.1.3-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • MozillaFirefox-52.2.0esr-108 is installed
  • OR MozillaFirefox-branding-SLE-52-31 is installed
  • OR MozillaFirefox-devel-52.2.0esr-108 is installed
  • OR MozillaFirefox-translations-52.2.0esr-108 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • bash-4.3-78 is installed
  • OR bash-doc-4.3-78 is installed
  • OR libreadline6-6.3-78 is installed
  • OR libreadline6-32bit-6.3-78 is installed
  • OR readline-doc-6.3-78 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND perl-XML-Twig-3.44-5.3.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • ghostscript-9.26a-23.22 is installed
  • OR ghostscript-x11-9.26a-23.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_92-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_24-2-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • kernel-default-4.4.73-5 is installed
  • OR kernel-default-base-4.4.73-5 is installed
  • OR kernel-default-devel-4.4.73-5 is installed
  • OR kernel-default-man-4.4.73-5 is installed
  • OR kernel-devel-4.4.73-5 is installed
  • OR kernel-macros-4.4.73-5 is installed
  • OR kernel-source-4.4.73-5 is installed
  • OR kernel-syms-4.4.73-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libexif-0.6.21-8.6 is installed
  • OR libexif12-0.6.21-8.6 is installed
  • OR libexif12-32bit-0.6.21-8.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libpolkit0-0.113-5.18 is installed
  • OR polkit-0.113-5.18 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • xen-4.9.2_10-3.41 is installed
  • OR xen-doc-html-4.9.2_10-3.41 is installed
  • OR xen-libs-4.9.2_10-3.41 is installed
  • OR xen-libs-32bit-4.9.2_10-3.41 is installed
  • OR xen-tools-4.9.2_10-3.41 is installed
  • OR xen-tools-domU-4.9.2_10-3.41 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • python-paramiko-1.15.2-2.3 is installed
  • OR python-pycrypto-2.6.1-10.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed
  • OR openssl-1.0.2j-60.46 is installed
  • OR openssl-doc-1.0.2j-60.46 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Django1-1.11.23-3.9 is installed
  • BACK