Oval Definition:	oval:org.opensuse.security:def:55517
Revision Date: 2020-12-01 Version: 1 Title: Security update for perl-YAML-LibYAML (Moderate) Description: perl-YAML-LibYAML was updated to fix three security issues. These security issues were fixed: - CVE-2013-6393: The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performed an incorrect cast, which allowed remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggered a heap-based buffer overflow (bnc#860617, bnc#911782). - CVE-2014-9130: scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allowed context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping (bnc#907809, bnc#911782). - CVE-2014-2525: Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allowed context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file (bnc#868944, bnc#911782). Family: unix Class: patch Status: Reference(s): 1009280 1010783 1026236 1027519 1042419 1044947 1052311 1052368 1056334 1056386 1058565 1058622 1058624 1061041 1069468 1084604 1085790 1113231 1114957 1116717 1117275 1117505 1117507 1117508 1117511 1119161 1119493 1120067 1121600 1123156 1123157 1126140 1126141 1126192 1126195 1126196 1126197 1126198 1126201 1126325 1127400 1127620 1129623 1132045 1133375 834601 860617 868944 907809 911782 924525 936916 944001 944066 CVE-2009-0945 CVE-2011-3193 CVE-2011-3922 CVE-2012-4929 CVE-2012-6093 CVE-2013-0254 CVE-2013-4238 CVE-2013-4549 CVE-2013-6393 CVE-2014-0190 CVE-2014-2497 CVE-2014-2525 CVE-2014-9130 CVE-2014-9709 CVE-2015-0295 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2015-5722 CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5597 CVE-2016-9396 CVE-2017-1000112 CVE-2017-10989 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-13672 CVE-2017-13673 CVE-2017-14867 CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 CVE-2018-16872 CVE-2018-18954 CVE-2018-19364 CVE-2018-19489 CVE-2018-19539 CVE-2018-19540 CVE-2018-19541 CVE-2018-19542 CVE-2018-7858 CVE-2018-8740 CVE-2019-6778 CVE-2019-9824 CVE-2019-9928 SUSE-SU-2015:0953-2 SUSE-SU-2015:1480-1 SUSE-SU-2015:1612-1 SUSE-SU-2016:3078-1 SUSE-SU-2017:1635-1 SUSE-SU-2017:2424-1 SUSE-SU-2017:2726-1 SUSE-SU-2017:2747-1 SUSE-SU-2019:0582-1 SUSE-SU-2019:0891-1 SUSE-SU-2019:1208-1 SUSE-SU-2019:1602-1 SUSE-SU-2019:2513-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND dracut-044.1-lp150.13 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libpng16-1.6.34-lp151.3.3 is installed OR libpng16-16-1.6.34-lp151.3.3 is installed OR libpng16-16-32bit-1.6.34-lp151.3.3 is installed OR libpng16-compat-devel-1.6.34-lp151.3.3 is installed OR libpng16-compat-devel-32bit-1.6.34-lp151.3.3 is installed OR libpng16-devel-1.6.34-lp151.3.3 is installed OR libpng16-devel-32bit-1.6.34-lp151.3.3 is installed OR libpng16-tools-1.6.34-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libpython2_6-1_0-2.6.8-0.23 is installed OR libpython2_6-1_0-32bit-2.6.8-0.23 is installed OR python-2.6.8-0.23 is installed OR python-base-2.6.8-0.23 is installed OR python-base-32bit-2.6.8-0.23 is installed OR python-curses-2.6.8-0.23 is installed OR python-devel-2.6.8-0.23 is installed OR python-tk-2.6.8-0.23 is installed OR python-xml-2.6.8-0.23 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information bind-9.9.6P1-0.15 is installed OR bind-libs-9.9.6P1-0.15 is installed OR bind-libs-32bit-9.9.6P1-0.15 is installed OR bind-utils-9.9.6P1-0.15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND perl-YAML-LibYAML-0.38-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information qemu-2.9.1-6.28 is installed OR qemu-block-curl-2.9.1-6.28 is installed OR qemu-ipxe-1.0.0+-6.28 is installed OR qemu-kvm-2.9.1-6.28 is installed OR qemu-seabios-1.10.2-6.28 is installed OR qemu-sgabios-8-6.28 is installed OR qemu-tools-2.9.1-6.28 is installed OR qemu-vgabios-1.10.2-6.28 is installed OR qemu-x86-2.9.1-6.28 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libsqlite3-0-3.8.10.2-9.6 is installed OR libsqlite3-0-32bit-3.8.10.2-9.6 is installed OR sqlite3-3.8.10.2-9.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND gd-2.1.0-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_21-default-9-2 is installed OR kgraft-patch-3_12_67-60_64_21-xen-9-2 is installed OR kgraft-patch-SLE12-SP1_Update_10-9-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information krb5-1.12.5-39 is installed OR krb5-32bit-1.12.5-39 is installed OR krb5-client-1.12.5-39 is installed OR krb5-doc-1.12.5-39 is installed OR krb5-plugin-kdb-ldap-1.12.5-39 is installed OR krb5-plugin-preauth-otp-1.12.5-39 is installed OR krb5-plugin-preauth-pkinit-1.12.5-39 is installed OR krb5-server-1.12.5-39 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information git-2.26.2-27.36 is installed OR git-core-2.26.2-27.36 is installed OR git-doc-2.26.2-27.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information hplip-3.16.11-1 is installed OR hplip-hpijs-3.16.11-1 is installed OR hplip-sane-3.16.11-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND libcares2-1.9.1-9.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cpio-2.11-36.3 is installed OR cpio-lang-2.11-36.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openvpn-2.3.8-16.17 is installed OR openvpn-auth-pam-plugin-2.3.8-16.17 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND ucode-intel-20180425-13.20 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libshibsp-lite6-2.5.5-6.6 is installed OR libshibsp6-2.5.5-6.6 is installed OR shibboleth-sp-2.5.5-6.6 is installed
BACK