Oval Definition:oval:org.opensuse.security:def:56154
Revision Date:2020-12-01Version:1
Title:Security update for libplist (Moderate)
Description:

This update for libplist fixes the following issues:

Security issues fixed:

- CVE-2017-6439: Heap-based buffer overflow in the parse_string_node function. (bsc#1029638) - CVE-2017-6438: Heap-based buffer overflow in the parse_unicode_node function. (bsc#1029706) - CVE-2017-6437: The base64encode function in base64.c allows local users to cause denial of service (out-of-bounds read) via a crafted plist file. (bsc#1029707) - CVE-2017-6436: Integer overflow in parse_string_node. (bsc#1029751) - CVE-2017-6435: Crafted plist file could lead to Heap-buffer overflow. (bsc#1029639)

Family:unixClass:patch
Status:Reference(s):1006166
1006984
1006989
1027575
1029638
1029639
1029706
1029707
1029751
1037811
1038564
1042892
1046191
1048367
1050751
1065000
1068310
1069509
1070162
1097560
1097824
1103809
1103810
1104076
1153108
1156334
843174
927451
932339
938248
943214
951844
959724
960961
962779
964206
970708
973213
974270
976864
977043
980328
984799
987862
989972
990200
CVE-2008-1483
CVE-2010-0405
CVE-2012-4024
CVE-2012-4025
CVE-2012-5112
CVE-2012-5133
CVE-2013-5745
CVE-2014-1344
CVE-2014-1384
CVE-2014-1385
CVE-2014-1386
CVE-2014-1387
CVE-2014-1388
CVE-2014-1389
CVE-2014-1390
CVE-2015-2330
CVE-2015-2590
CVE-2015-2596
CVE-2015-2597
CVE-2015-2601
CVE-2015-2613
CVE-2015-2619
CVE-2015-2621
CVE-2015-2625
CVE-2015-2627
CVE-2015-2628
CVE-2015-2632
CVE-2015-2637
CVE-2015-2638
CVE-2015-2664
CVE-2015-2808
CVE-2015-3294
CVE-2015-3294
CVE-2015-4000
CVE-2015-4729
CVE-2015-4731
CVE-2015-4732
CVE-2015-4733
CVE-2015-4736
CVE-2015-4748
CVE-2015-4749
CVE-2015-4760
CVE-2015-7744
CVE-2015-8872
CVE-2016-0502
CVE-2016-0505
CVE-2016-0546
CVE-2016-0596
CVE-2016-0597
CVE-2016-0598
CVE-2016-0600
CVE-2016-0606
CVE-2016-0608
CVE-2016-0609
CVE-2016-0616
CVE-2016-10165
CVE-2016-4804
CVE-2016-5759
CVE-2016-9841
CVE-2017-10281
CVE-2017-10285
CVE-2017-10293
CVE-2017-10295
CVE-2017-10309
CVE-2017-10345
CVE-2017-10346
CVE-2017-10347
CVE-2017-10348
CVE-2017-10349
CVE-2017-10350
CVE-2017-10355
CVE-2017-10356
CVE-2017-10357
CVE-2017-10388
CVE-2017-15906
CVE-2017-2636
CVE-2017-6435
CVE-2017-6436
CVE-2017-6437
CVE-2017-6438
CVE-2017-6439
CVE-2017-7533
CVE-2017-7645
CVE-2017-8890
CVE-2017-9242
CVE-2018-12470
CVE-2018-12471
CVE-2018-12472
CVE-2019-10220
CVE-2019-15917
SUSE-SU-2015:1320-1
SUSE-SU-2016:0348-1
SUSE-SU-2016:2553-1
SUSE-SU-2017:2060-1
SUSE-SU-2017:2201-1
SUSE-SU-2017:3230-1
SUSE-SU-2017:3411-1
SUSE-SU-2018:2898-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • curl-7.59.0-lp150.1 is installed
  • OR libcurl4-7.59.0-lp150.1 is installed
  • OR libcurl4-32bit-7.59.0-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • GraphicsMagick-1.3.29-lp151.4.3 is installed
  • OR GraphicsMagick-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick3-config-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.3 is installed
  • OR perl-GraphicsMagick-1.3.29-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • vino-2.28.1-2.5 is installed
  • OR vino-lang-2.28.1-2.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.85-0.11 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.85-0.11 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.85-0.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libplist-1.12-20.3 is installed
  • OR libplist++3-1.12-20.3 is installed
  • OR libplist3-1.12-20.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND dnsmasq-2.71-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_62-60_62-default-10-2 is installed
  • OR kgraft-patch-3_12_62-60_62-xen-10-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_7-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • bzip2-1.0.6-29 is installed
  • OR bzip2-doc-1.0.6-29 is installed
  • OR libbz2-1-1.0.6-29 is installed
  • OR libbz2-1-32bit-1.0.6-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libvirt-2.0.0-27.42 is installed
  • OR libvirt-client-2.0.0-27.42 is installed
  • OR libvirt-daemon-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.42 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-xen-2.0.0-27.42 is installed
  • OR libvirt-doc-2.0.0-27.42 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.42 is installed
  • OR libvirt-nss-2.0.0-27.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20180425-13.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libasan2-5.3.1+r233831-12 is installed
  • OR libasan2-32bit-5.3.1+r233831-12 is installed
  • OR libffi4-5.3.1+r233831-12 is installed
  • OR libffi4-32bit-5.3.1+r233831-12 is installed
  • OR libmpx0-5.3.1+r233831-12 is installed
  • OR libmpx0-32bit-5.3.1+r233831-12 is installed
  • OR libmpxwrappers0-5.3.1+r233831-12 is installed
  • OR libmpxwrappers0-32bit-5.3.1+r233831-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND libmspack0-0.4-14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • glibc-2.22-62.13 is installed
  • OR glibc-32bit-2.22-62.13 is installed
  • OR glibc-devel-2.22-62.13 is installed
  • OR glibc-devel-32bit-2.22-62.13 is installed
  • OR glibc-html-2.22-62.13 is installed
  • OR glibc-i18ndata-2.22-62.13 is installed
  • OR glibc-info-2.22-62.13 is installed
  • OR glibc-locale-2.22-62.13 is installed
  • OR glibc-locale-32bit-2.22-62.13 is installed
  • OR glibc-profile-2.22-62.13 is installed
  • OR glibc-profile-32bit-2.22-62.13 is installed
  • OR nscd-2.22-62.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ipmitool-1.8.18-5.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-loofah-2.0.2-3.8 is installed
  • OR rubygem-loofah-2.0.2-3.8 is installed
    • BACK