OVAL Reference oval:org.opensuse.security:def:5551

Oval Definition:

oval:org.opensuse.security:def:5551

Revision Date:	2020-12-02	Version:	1
Title:	Security update for libssh2_org (Moderate)
Description:	This update for libssh2_org fixes the following issues: - Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922] Enhancements and bugfixes: * adds ECDSA keys and host key support when using OpenSSL * adds ED25519 key and host key support when using OpenSSL 1.1.1 * adds OpenSSH style key file reading * adds AES CTR mode support when using WinCNG * adds PEM passphrase protected file support for Libgcrypt and WinCNG * adds SHA256 hostkey fingerprint * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() * adds explicit zeroing of sensitive data in memory * adds additional bounds checks to network buffer reads * adds the ability to use the server default permissions when creating sftp directories * adds support for building with OpenSSL no engine flag * adds support for building with LibreSSL * increased sftp packet size to 256k * fixed oversized packet handling in sftp * fixed building with OpenSSL 1.1 * fixed a possible crash if sftp stat gets an unexpected response * fixed incorrect parsing of the KEX preference string value * fixed conditional RSA and AES-CTR support * fixed a small memory leak during the key exchange process * fixed a possible memory leak of the ssh banner string * fixed various small memory leaks in the backends * fixed possible out of bounds read when parsing public keys from the server * fixed possible out of bounds read when parsing invalid PEM files * no longer null terminates the scp remote exec command * now handle errors when diffie hellman key pair generation fails * improved building instructions * improved unit tests - Version update to 1.8.2: [bsc#1130103] Bug fixes: * Fixed the misapplied userauth patch that broke 1.8.1 * moved the MAX size declarations from the public header
Family:	unix	Class:	patch
Status:		Reference(s):	1104036 1130103 1178083 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2009-0946 CVE-2009-2905 CVE-2010-2497 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2010-3855 CVE-2010-4494 CVE-2011-0226 CVE-2011-0904 CVE-2011-0905 CVE-2011-1097 CVE-2011-1145 CVE-2011-1164 CVE-2011-1944 CVE-2011-3177 CVE-2011-3256 CVE-2011-3439 CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 CVE-2012-4510 CVE-2012-5134 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2013-0338 CVE-2013-1969 CVE-2013-3571 CVE-2014-0019 CVE-2014-0107 CVE-2014-0191 CVE-2014-2240 CVE-2014-2241 CVE-2014-2855 CVE-2014-3660 CVE-2014-8242 CVE-2014-9087 CVE-2014-9512 CVE-2014-9622 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317 CVE-2015-8710 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627 CVE-2016-3705 CVE-2016-4483 CVE-2016-4574 CVE-2016-4579 CVE-2019-17498 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 SUSE-SU-2018:2641-1 SUSE-SU-2020:3551-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 11 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise for SAP 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gpg2-2.0.9-25.33.41.2 is installed OR gpg2-lang-2.0.9-25.33.41.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND socat-1.7.2.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cups-pk-helper-0.2.5-3 is installed OR cups-pk-helper-lang-0.2.5-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 11 SP4 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.36.1 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.36.1 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND apache2-mod_nss-1.0.14-10.14.3 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND clamav-0.99.2-32.1 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP2 is installed AND cryptctl-1.2.6-5.3.11 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND fence-agents-4.0.25+git.1485179354.eb43835-2 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND dnsmasq-2.78-18.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.7-22 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.7-22 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.7-22 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.7-22 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-PyYAML-3.10-15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-4 is installed OR php5-5.5.14-4 is installed OR php5-bcmath-5.5.14-4 is installed OR php5-bz2-5.5.14-4 is installed OR php5-calendar-5.5.14-4 is installed OR php5-ctype-5.5.14-4 is installed OR php5-curl-5.5.14-4 is installed OR php5-dba-5.5.14-4 is installed OR php5-dom-5.5.14-4 is installed OR php5-enchant-5.5.14-4 is installed OR php5-exif-5.5.14-4 is installed OR php5-fastcgi-5.5.14-4 is installed OR php5-fileinfo-5.5.14-4 is installed OR php5-fpm-5.5.14-4 is installed OR php5-ftp-5.5.14-4 is installed OR php5-gd-5.5.14-4 is installed OR php5-gettext-5.5.14-4 is installed OR php5-gmp-5.5.14-4 is installed OR php5-iconv-5.5.14-4 is installed OR php5-intl-5.5.14-4 is installed OR php5-json-5.5.14-4 is installed OR php5-ldap-5.5.14-4 is installed OR php5-mbstring-5.5.14-4 is installed OR php5-mcrypt-5.5.14-4 is installed OR php5-mysql-5.5.14-4 is installed OR php5-odbc-5.5.14-4 is installed OR php5-openssl-5.5.14-4 is installed OR php5-pcntl-5.5.14-4 is installed OR php5-pdo-5.5.14-4 is installed OR php5-pear-5.5.14-4 is installed OR php5-pgsql-5.5.14-4 is installed OR php5-pspell-5.5.14-4 is installed OR php5-shmop-5.5.14-4 is installed OR php5-snmp-5.5.14-4 is installed OR php5-soap-5.5.14-4 is installed OR php5-sockets-5.5.14-4 is installed OR php5-sqlite-5.5.14-4 is installed OR php5-suhosin-5.5.14-4 is installed OR php5-sysvmsg-5.5.14-4 is installed OR php5-sysvsem-5.5.14-4 is installed OR php5-sysvshm-5.5.14-4 is installed OR php5-tokenizer-5.5.14-4 is installed OR php5-wddx-5.5.14-4 is installed OR php5-xmlreader-5.5.14-4 is installed OR php5-xmlrpc-5.5.14-4 is installed OR php5-xmlwriter-5.5.14-4 is installed OR php5-xsl-5.5.14-4 is installed OR php5-zip-5.5.14-4 is installed OR php5-zlib-5.5.14-4 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.61-60.18.1 is installed OR kernel-compute-base-3.12.61-60.18.1 is installed OR kernel-compute-devel-3.12.61-60.18.1 is installed OR kernel-compute_debug-3.12.61-60.18.1 is installed OR kernel-compute_debug-devel-3.12.61-60.18.1 is installed OR kernel-devel-rt-3.12.61-60.18.1 is installed OR kernel-rt-3.12.61-60.18.1 is installed OR kernel-rt-base-3.12.61-60.18.1 is installed OR kernel-rt-devel-3.12.61-60.18.1 is installed OR kernel-rt_debug-3.12.61-60.18.1 is installed OR kernel-rt_debug-devel-3.12.61-60.18.1 is installed OR kernel-source-rt-3.12.61-60.18.1 is installed OR kernel-syms-rt-3.12.61-60.18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information xorg-x11-libX11-7.4-5.11.15.1 is installed OR xorg-x11-libX11-32bit-7.4-5.11.15.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.20.5 is installed OR NetworkManager-glib-0.7.1_git20090811-3.20.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2-LTSS is installed AND Package Information MozillaFirefox-31.5.3esr-0.3.1 is installed OR MozillaFirefox-translations-31.5.3esr-0.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND acpid-1.0.6-91.25.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information ant-1.7.1-20.11.1 is installed OR ant-trax-1.7.1-16.11.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information apache-commons-daemon-1.0.15-4 is installed OR apache-commons-daemon-javadoc-1.0.15-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information openvpn-2.3.8-16.17.1 is installed OR openvpn-auth-pam-plugin-2.3.8-16.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND tcpdump-4.9.0-13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information accountsservice-0.6.42-16.3 is installed OR accountsservice-lang-0.6.42-16.3 is installed OR libaccountsservice0-0.6.42-16.3 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_55-52_42-default-2-2.2 is installed OR kgraft-patch-3_12_55-52_42-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_12-2-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-28 is installed OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND Package Information kgraft-patch-3_12_69-60_64_35-default-6-4 is installed OR kgraft-patch-3_12_69-60_64_35-xen-6-4 is installed OR kgraft-patch-SLE12-SP1_Update_14-6-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libssh2-1-1.9.0-4.13 is installed OR libssh2-1-32bit-1.9.0-4.13 is installed OR libssh2-devel-1.9.0-4.13 is installed OR libssh2_org-1.9.0-4.13 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information GraphicsMagick-1.2.5-4.33.1 is installed OR libGraphicsMagick2-1.2.5-4.33.1 is installed OR perl-GraphicsMagick-1.2.5-4.33.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libmspack-devel-0.0.20060920alpha-74.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND alsa-devel-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information avahi-compat-howl-devel-0.6.31-20 is installed OR avahi-compat-mDNSResponder-devel-0.6.31-20 is installed OR libavahi-devel-0.6.31-20 is installed OR libhowl0-0.6.31-20 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND python3-devel-3.4.6-24 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information NetworkManager-1.0.12-13.6 is installed OR NetworkManager-devel-1.0.12-13.6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND libgadu3-1.11.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-33 is installed OR libMagick++-6_Q16-3-6.8.8.1-33 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-33 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND enigmail-2.0.8-3.10 is installed

BACK