Oval Definition:	oval:org.opensuse.security:def:56218
Revision Date: 2020-12-01 Version: 1 Title: Security update for libxml2 (Moderate) Description: This update for libxml2 fixes the following issues: CVE-2016-4658: use-after-free error could lead to crash [bsc#1005544] * Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873] * CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected by the recursion limits, allowing for DoS (bsc#1017497). For CVE-2016-9318 we decided not to ship a fix since it can break existing setups. Please take appropriate actions if you parse untrusted XML files and use the new -noxxe flag if possible (bnc#1010675, bnc#1013930). Family: unix Class: patch Status: Reference(s): 1005544 1007280 1010161 1010163 1010675 1011103 1011107 1013930 1014873 1017497 1018128 1030263 1032114 1032120 1036453 1037559 1059777 1061076 1061077 1061080 1061081 1061082 1061084 1061086 1061087 1118319 1118320 1171252 1171254 914890 930077 930078 958324 974449 974840 984813 984815 987351 CVE-2009-0163 CVE-2009-2820 CVE-2009-3553 CVE-2010-0393 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2941 CVE-2012-2417 CVE-2012-2669 CVE-2012-5519 CVE-2012-5532 CVE-2012-6094 CVE-2013-1445 CVE-2013-1982 CVE-2013-2003 CVE-2013-2063 CVE-2014-2653 CVE-2014-2856 CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 CVE-2014-8127 CVE-2014-9679 CVE-2015-1158 CVE-2015-1159 CVE-2015-4141 CVE-2015-4142 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2015-8045 CVE-2015-8047 CVE-2015-8048 CVE-2015-8049 CVE-2015-8050 CVE-2015-8055 CVE-2015-8056 CVE-2015-8057 CVE-2015-8058 CVE-2015-8059 CVE-2015-8060 CVE-2015-8061 CVE-2015-8062 CVE-2015-8063 CVE-2015-8064 CVE-2015-8065 CVE-2015-8066 CVE-2015-8067 CVE-2015-8068 CVE-2015-8069 CVE-2015-8070 CVE-2015-8071 CVE-2015-8401 CVE-2015-8402 CVE-2015-8403 CVE-2015-8404 CVE-2015-8405 CVE-2015-8406 CVE-2015-8407 CVE-2015-8408 CVE-2015-8409 CVE-2015-8410 CVE-2015-8411 CVE-2015-8412 CVE-2015-8413 CVE-2015-8414 CVE-2015-8415 CVE-2015-8416 CVE-2015-8417 CVE-2015-8418 CVE-2015-8419 CVE-2015-8420 CVE-2015-8421 CVE-2015-8422 CVE-2015-8423 CVE-2015-8424 CVE-2015-8425 CVE-2015-8426 CVE-2015-8427 CVE-2015-8428 CVE-2015-8429 CVE-2015-8430 CVE-2015-8431 CVE-2015-8432 CVE-2015-8433 CVE-2015-8434 CVE-2015-8435 CVE-2015-8436 CVE-2015-8437 CVE-2015-8438 CVE-2015-8439 CVE-2015-8440 CVE-2015-8441 CVE-2015-8442 CVE-2015-8443 CVE-2015-8444 CVE-2015-8445 CVE-2015-8446 CVE-2015-8447 CVE-2015-8448 CVE-2015-8449 CVE-2015-8450 CVE-2015-8451 CVE-2015-8452 CVE-2015-8453 CVE-2015-8454 CVE-2015-8455 CVE-2016-10220 CVE-2016-3622 CVE-2016-3658 CVE-2016-4658 CVE-2016-5321 CVE-2016-5323 CVE-2016-5652 CVE-2016-5875 CVE-2016-9273 CVE-2016-9297 CVE-2016-9318 CVE-2016-9448 CVE-2016-9453 CVE-2016-9597 CVE-2016-9601 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15591 CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-5526 CVE-2017-5951 CVE-2017-7207 CVE-2017-8291 CVE-2017-8779 CVE-2018-9568 CVE-2020-12653 CVE-2020-12654 SUSE-SU-2015:2221-1 SUSE-SU-2015:2236-1 SUSE-SU-2016:3301-1 SUSE-SU-2017:0380-1 SUSE-SU-2017:1138-1 SUSE-SU-2017:1306-1 SUSE-SU-2017:2873-1 SUSE-SU-2020:1475-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information coreutils-8.29-lp150.2 is installed OR coreutils-lang-8.29-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information tomcat-9.0.21-lp151.3.3 is installed OR tomcat-admin-webapps-9.0.21-lp151.3.3 is installed OR tomcat-docs-webapp-9.0.21-lp151.3.3 is installed OR tomcat-el-3_0-api-9.0.21-lp151.3.3 is installed OR tomcat-embed-9.0.21-lp151.3.3 is installed OR tomcat-javadoc-9.0.21-lp151.3.3 is installed OR tomcat-jsp-2_3-api-9.0.21-lp151.3.3 is installed OR tomcat-jsvc-9.0.21-lp151.3.3 is installed OR tomcat-lib-9.0.21-lp151.3.3 is installed OR tomcat-servlet-4_0-api-9.0.21-lp151.3.3 is installed OR tomcat-webapps-9.0.21-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.554-0.29 is installed OR flash-player-gnome-11.2.202.554-0.29 is installed OR flash-player-kde4-11.2.202.554-0.29 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libxml2-2.9.4-33 is installed OR libxml2-2-2.9.4-33 is installed OR libxml2-2-32bit-2.9.4-33 is installed OR libxml2-tools-2.9.4-33 is installed OR python-libxml2-2.9.4-33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cups-1.7.5-9 is installed OR cups-client-1.7.5-9 is installed OR cups-libs-1.7.5-9 is installed OR cups-libs-32bit-1.7.5-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xen-4.5.5_18-22.31 is installed OR xen-doc-html-4.5.5_18-22.31 is installed OR xen-kmp-default-4.5.5_18_k3.12.74_60.64.60-22.31 is installed OR xen-libs-4.5.5_18-22.31 is installed OR xen-libs-32bit-4.5.5_18-22.31 is installed OR xen-tools-4.5.5_18-22.31 is installed OR xen-tools-domU-4.5.5_18-22.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND hyper-v-7-13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information qemu-2.6.2-41.46 is installed OR qemu-block-curl-2.6.2-41.46 is installed OR qemu-block-rbd-2.6.2-41.46 is installed OR qemu-block-ssh-2.6.2-41.46 is installed OR qemu-guest-agent-2.6.2-41.46 is installed OR qemu-ipxe-1.0.0-41.46 is installed OR qemu-kvm-2.6.2-41.46 is installed OR qemu-lang-2.6.2-41.46 is installed OR qemu-seabios-1.9.1-41.46 is installed OR qemu-sgabios-8-41.46 is installed OR qemu-tools-2.6.2-41.46 is installed OR qemu-vgabios-1.9.1-41.46 is installed OR qemu-x86-2.6.2-41.46 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-60.3.0-109.50 is installed OR MozillaFirefox-devel-60.3.0-109.50 is installed OR MozillaFirefox-translations-common-60.3.0-109.50 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libpolkit0-0.113-5.6 is installed OR polkit-0.113-5.6 is installed OR typelib-1_0-Polkit-1_0-0.113-5.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libecpg6-10.6-1.6 is installed OR libpq5-10.6-1.6 is installed OR libpq5-32bit-10.6-1.6 is installed OR postgresql10-10.6-1.6 is installed OR postgresql10-contrib-10.6-1.6 is installed OR postgresql10-docs-10.6-1.6 is installed OR postgresql10-libs-10.6-1.6 is installed OR postgresql10-server-10.6-1.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND libvpx1-1.3.0-3.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND python-pycrypto-2.6.1-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information storm-1.0.5-5 is installed OR storm-nimbus-1.0.5-5 is installed OR storm-supervisor-1.0.5-5 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information git-2.26.2-27.36 is installed OR git-core-2.26.2-27.36 is installed
BACK