Oval Definition:	oval:org.opensuse.security:def:55807
Revision Date: 2020-12-01 Version: 1 Title: Security update for openssl (Important) Description: This update for openssl fixes the following issues: OpenSSL Security Advisory [22 Sep 2016] (bsc#999665) * Severity: High * OCSP Status Request extension unbounded memory growth (CVE-2016-6304) (bsc#999666) * Severity: Low * Pointer arithmetic undefined behaviour (CVE-2016-2177) (bsc#982575) * Constant time flag not preserved in DSA signing (CVE-2016-2178) (bsc#983249) * DTLS buffered message DoS (CVE-2016-2179) (bsc#994844) * OOB read in TS_OBJ_print_bio() (CVE-2016-2180) (bsc#990419) * DTLS replay protection DoS (CVE-2016-2181) (bsc#994749) * OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819) * Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183) (bsc#995359) * Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324) * OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377) * Certificate message OOB reads (CVE-2016-6306) (bsc#999668) More information can be found on: https://www.openssl.org/news/secadv/20160922.txt Also following bugs were fixed: * update expired S/MIME certs (bsc#979475) * improve s390x performance (bsc#982745) * allow >= 64GB AESGCM transfers (bsc#988591) * fix crash in print_notice (bsc#998190) * resume reading from /dev/urandom when interrupted by a signal (bsc#995075) Family: unix Class: patch Status: Reference(s): 1001203 1009085 1012422 1014437 1014441 1014442 1037559 1045205 1049483 1050231 1066569 1066693 1067678 1068032 1068671 1070771 1070781 1071074 1071470 1071693 1071694 1071695 1072561 1072876 1101470 1104789 1106197 1110018 1113534 1113652 1131493 779952 802648 802746 853846 928193 941939 943457 951734 951735 952099 954512 955131 956018 956021 956260 957105 957106 957107 957109 957110 957812 972468 975299 979475 982575 982745 983249 986675 988591 990419 991564 993819 994500 994749 994844 995075 995324 995359 995377 997833 998190 999665 999666 999668 CVE-2008-1420 CVE-2009-3379 CVE-2012-0444 CVE-2013-0166 CVE-2013-0169 CVE-2013-6424 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-1819 CVE-2015-3195 CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-7651 CVE-2015-7652 CVE-2015-7653 CVE-2015-7654 CVE-2015-7655 CVE-2015-7656 CVE-2015-7657 CVE-2015-7658 CVE-2015-7659 CVE-2015-7660 CVE-2015-7661 CVE-2015-7662 CVE-2015-7663 CVE-2015-7941 CVE-2015-7942 CVE-2015-8042 CVE-2015-8043 CVE-2015-8044 CVE-2015-8046 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317 CVE-2016-0636 CVE-2016-2123 CVE-2016-2125 CVE-2016-2126 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-8610 CVE-2017-11600 CVE-2017-13167 CVE-2017-15115 CVE-2017-15868 CVE-2017-16534 CVE-2017-16538 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 CVE-2017-7500 CVE-2017-7501 CVE-2017-7533 CVE-2017-8779 CVE-2017-8824 CVE-2018-0734 CVE-2018-0737 CVE-2018-5407 CVE-2019-5953 SUSE-SU-2015:1960-1 SUSE-SU-2015:2168-2 SUSE-SU-2015:2251-1 SUSE-SU-2016:0030-1 SUSE-SU-2016:0959-1 SUSE-SU-2016:2394-1 SUSE-SU-2016:3272-1 SUSE-SU-2017:1306-1 SUSE-SU-2017:2042-1 SUSE-SU-2018:0031-1 SUSE-SU-2018:3864-1 SUSE-SU-2018:3884-1 SUSE-SU-2019:0956-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information NetworkManager-applet-1.8.10-lp150.3 is installed OR NetworkManager-applet-lang-1.8.10-lp150.3 is installed OR NetworkManager-connection-editor-1.8.10-lp150.3 is installed OR libnm-gtk0-1.8.10-lp150.3 is installed OR libnma0-1.8.10-lp150.3 is installed OR nma-data-1.8.10-lp150.3 is installed OR typelib-1_0-NMGtk-1_0-1.8.10-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libu2f-host-1.1.6-lp151.2.6 is installed OR libu2f-host-devel-1.1.6-lp151.2.6 is installed OR libu2f-host-doc-1.1.6-lp151.2.6 is installed OR libu2f-host0-1.1.6-lp151.2.6 is installed OR pam_u2f-1.0.8-lp151.2.3 is installed OR u2f-host-1.1.6-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libopenssl0_9_8-0.9.8j-0.50 is installed OR libopenssl0_9_8-32bit-0.9.8j-0.50 is installed OR openssl-0.9.8j-0.50 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.548-0.26 is installed OR flash-player-gnome-11.2.202.548-0.26 is installed OR flash-player-kde4-11.2.202.548-0.26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.36 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.36 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libopenssl1_0_0-1.0.1i-52 is installed OR libopenssl1_0_0-32bit-1.0.1i-52 is installed OR openssl-1.0.1i-52 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND wget-1.14-21.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libvorbis-doc-1.3.3-8 is installed OR libvorbis0-1.3.3-8 is installed OR libvorbis0-32bit-1.3.3-8 is installed OR libvorbisenc2-1.3.3-8 is installed OR libvorbisenc2-32bit-1.3.3-8 is installed OR libvorbisfile3-1.3.3-8 is installed OR libvorbisfile3-32bit-1.3.3-8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.69 is installed OR kernel-default-base-3.12.74-60.64.69 is installed OR kernel-default-devel-3.12.74-60.64.69 is installed OR kernel-default-man-3.12.74-60.64.69 is installed OR kernel-devel-3.12.74-60.64.69 is installed OR kernel-macros-3.12.74-60.64.69 is installed OR kernel-source-3.12.74-60.64.69 is installed OR kernel-syms-3.12.74-60.64.69 is installed OR kernel-xen-3.12.74-60.64.69 is installed OR kernel-xen-base-3.12.74-60.64.69 is installed OR kernel-xen-devel-3.12.74-60.64.69 is installed OR kgraft-patch-3_12_74-60_64_69-default-1-2.3 is installed OR kgraft-patch-3_12_74-60_64_69-xen-1-2.3 is installed OR kgraft-patch-SLE12-SP1_Update_24-1-2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache2-2.4.23-14 is installed OR apache2-doc-2.4.23-14 is installed OR apache2-example-pages-2.4.23-14 is installed OR apache2-prefork-2.4.23-14 is installed OR apache2-utils-2.4.23-14 is installed OR apache2-worker-2.4.23-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libpython2_7-1_0-2.7.13-28.26 is installed OR libpython2_7-1_0-32bit-2.7.13-28.26 is installed OR python-2.7.13-28.26 is installed OR python-32bit-2.7.13-28.26 is installed OR python-base-2.7.13-28.26 is installed OR python-base-32bit-2.7.13-28.26 is installed OR python-curses-2.7.13-28.26 is installed OR python-demo-2.7.13-28.26 is installed OR python-doc-2.7.13-28.26 is installed OR python-doc-pdf-2.7.13-28.26 is installed OR python-gdbm-2.7.13-28.26 is installed OR python-idle-2.7.13-28.26 is installed OR python-tk-2.7.13-28.26 is installed OR python-xml-2.7.13-28.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_104-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_28-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-devel-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND dnsmasq-2.76-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libtirpc-1.0.1-17.6 is installed OR libtirpc-netconfig-1.0.1-17.6 is installed OR libtirpc3-1.0.1-17.6 is installed OR libtirpc3-32bit-1.0.1-17.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND git-core-2.12.3-27.14 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information kernel-default-3.12.74-60.64.51 is installed OR kernel-default-base-3.12.74-60.64.51 is installed OR kernel-default-devel-3.12.74-60.64.51 is installed OR kernel-devel-3.12.74-60.64.51 is installed OR kernel-macros-3.12.74-60.64.51 is installed OR kernel-source-3.12.74-60.64.51 is installed OR kernel-syms-3.12.74-60.64.51 is installed OR kernel-xen-3.12.74-60.64.51 is installed OR kernel-xen-base-3.12.74-60.64.51 is installed OR kernel-xen-devel-3.12.74-60.64.51 is installed OR kgraft-patch-3_12_74-60_64_51-default-1-2 is installed OR kgraft-patch-3_12_74-60_64_51-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_18-1-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libjpeg-turbo-1.5.3-31.19 is installed OR libjpeg62-62.2.0-31.19 is installed OR libjpeg62-32bit-62.2.0-31.19 is installed OR libjpeg62-turbo-1.5.3-31.19 is installed OR libjpeg8-8.1.2-31.19 is installed OR libjpeg8-32bit-8.1.2-31.19 is installed OR libturbojpeg0-8.1.2-31.19 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information openstack-manila-7.3.1~dev15-4.18 is installed OR openstack-manila-api-7.3.1~dev15-4.18 is installed OR openstack-manila-data-7.3.1~dev15-4.18 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.18 is installed OR openstack-manila-share-7.3.1~dev15-4.18 is installed OR python-manila-7.3.1~dev15-4.18 is installed
BACK