Oval Definition:	oval:org.opensuse.security:def:56212
Revision Date: 2020-12-01 Version: 1 Title: Security update for xorg-x11-server (Moderate) Description: This update for xorg-x11-server fixes several issues. These security issues were fixed: - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm could lead to shared memory segments of other users beeing freed (bnc#1052984) - CVE-2017-13723: A local denial of service via unusual characters in XkbAtomText and XkbStringText was fixed (bnc#1051150) - CVE-2017-12184,CVE-2017-12185,CVE-2017-12186,CVE-2017-12187: Fixed unvalidated lengths in multiple extensions (bsc#1063034) - CVE-2017-12183: Fixed some unvalidated lengths in the XFIXES extension. (bsc#1063035) - CVE-2017-12180,CVE-2017-12181,CVE-2017-12182: Fixed various unvalidated lengths in the XFree86-VidMode/XFree86-DGA/XFree86-DRI extensions (bsc#1063037) - CVE-2017-12179: Fixed an integer overflow and unvalidated length in (S)ProcXIBarrierReleasePointer in Xi (bsc#1063038) - CVE-2017-12178: Fixed a wrong extra length check in ProcXIChangeHierarchy in Xi (bsc#1063039) - CVE-2017-12177: Fixed an unvalidated variable-length request in ProcDbeGetVisualInfo (bsc#1063040) - CVE-2017-12176: Fixed an unvalidated extra length in ProcEstablishConnection (bsc#1063041) These non-security issues were fixed: - Make colormap/gamma glue code work with the RandR extension disabled. This prevents it from crashing and showing wrong colors. (bsc#1061107) - Recognize ssh as a remote client to fix launching applications remotely when using DRI3. (bsc#1022727) Family: unix Class: patch Status: Reference(s): 1005091 1012677 1014172 1015348 1021578 1022555 1022727 1026636 1027519 1027570 1028235 1028655 1029827 1030050 1030144 1030442 1034843 1034844 1034845 1034994 1035483 1045327 1051150 1052984 1057950 1061107 1063034 1063035 1063037 1063038 1063039 1063040 1063041 1111634 1111635 1166844 933588 937752 995964 CVE-2009-1720 CVE-2009-1721 CVE-2011-4349 CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 CVE-2013-1984 CVE-2013-1995 CVE-2013-1998 CVE-2013-2124 CVE-2013-4419 CVE-2014-1545 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9821 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9825 CVE-2014-9826 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9832 CVE-2014-9833 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9837 CVE-2014-9838 CVE-2014-9839 CVE-2014-9840 CVE-2014-9841 CVE-2014-9842 CVE-2014-9843 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9848 CVE-2014-9849 CVE-2014-9850 CVE-2014-9851 CVE-2014-9852 CVE-2014-9853 CVE-2014-9854 CVE-2015-3982 CVE-2015-5122 CVE-2015-5123 CVE-2015-5145 CVE-2015-5522 CVE-2015-5523 CVE-2015-5963 CVE-2015-7183 CVE-2015-8213 CVE-2015-8894 CVE-2015-8895 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2015-8900 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5118 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-6520 CVE-2016-7098 CVE-2016-9042 CVE-2016-9603 CVE-2017-1000251 CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12179 CVE-2017-12180 CVE-2017-12181 CVE-2017-12182 CVE-2017-12183 CVE-2017-12184 CVE-2017-12185 CVE-2017-12186 CVE-2017-12187 CVE-2017-13721 CVE-2017-13723 CVE-2017-15274 CVE-2017-2633 CVE-2017-6414 CVE-2017-6451 CVE-2017-6458 CVE-2017-6460 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2017-6505 CVE-2017-7718 CVE-2017-7980 CVE-2018-1000807 CVE-2018-1000808 CVE-2020-10531 SUSE-SU-2015:1258-1 SUSE-SU-2015:1525-1 SUSE-SU-2016:3268-1 SUSE-SU-2017:1048-1 SUSE-SU-2017:1147-1 SUSE-SU-2017:2793-1 SUSE-SU-2017:3047-1 SUSE-SU-2018:4063-1 SUSE-SU-2020:1180-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND bubblewrap-0.2.0-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libsass-3.6.1-lp151.3.3 is installed OR libsass-3_6_1-1-3.6.1-lp151.3.3 is installed OR libsass-devel-3.6.1-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.491-0.11 is installed OR flash-player-gnome-11.2.202.491-0.11 is installed OR flash-player-kde4-11.2.202.491-0.11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information xorg-x11-server-7.6_1.18.3-76.15 is installed OR xorg-x11-server-extra-7.6_1.18.3-76.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information colord-gtk-lang-0.1.25-3 is installed OR libcolord-gtk1-0.1.25-3 is installed OR libcolord2-1.1.7-5 is installed OR libcolord2-32bit-1.1.7-5 is installed OR libcolorhug2-1.1.7-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_48-default-4-4 is installed OR kgraft-patch-3_12_74-60_64_48-xen-4-4 is installed OR kgraft-patch-SLE12-SP1_Update_17-4-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information guestfs-data-1.32.4-14 is installed OR guestfs-tools-1.32.4-14 is installed OR guestfsd-1.32.4-14 is installed OR libguestfs0-1.32.4-14 is installed OR perl-Sys-Guestfs-1.32.4-14 is installed OR python-libguestfs-1.32.4-14 is installed OR virt-p2v-1.32.4-14 is installed OR virt-v2v-1.32.4-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information python-cryptography-1.3.1-7.13 is installed OR python-pyOpenSSL-16.0.0-4.11 is installed OR python-setuptools-18.0.1-4.8 is installed OR python3-cryptography-1.3.1-7.13 is installed OR python3-pyOpenSSL-16.0.0-4.11 is installed OR python3-setuptools-18.0.1-4.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libsnmp30-5.7.3-6.3 is installed OR libsnmp30-32bit-5.7.3-6.3 is installed OR net-snmp-5.7.3-6.3 is installed OR perl-SNMP-5.7.3-6.3 is installed OR snmp-mibs-5.7.3-6.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libpcre1-8.39-7 is installed OR libpcre1-32bit-8.39-7 is installed OR libpcre16-0-8.39-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information curl-7.37.0-37.31 is installed OR libcurl4-7.37.0-37.31 is installed OR libcurl4-32bit-7.37.0-37.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND libvdpau1-1.1.1-6 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND python-Django-1.8.9-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND python-XStatic-jquery-ui-1.11.0.1-2.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information ghostscript-9.52-23.34 is installed OR ghostscript-x11-9.52-23.34 is installed OR libspectre-0.2.7-12.10 is installed OR libspectre1-0.2.7-12.10 is installed
BACK