Oval Definition:	oval:org.opensuse.security:def:56231
Revision Date: 2020-12-01 Version: 1 Title: Security update for expat (Moderate) Description: This update for expat fixes the following security issues: - CVE-2012-6702: Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, made it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. (bsc#983215) - CVE-2016-5300: The XML parser in Expat did not use sufficient entropy for hash initialization, which allowed context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876. (bsc#983216) Family: unix Class: patch Status: Reference(s): 1037559 1038231 1063671 1064392 1066471 1066472 1068032 1160467 1160468 922741 942801 948791 967087 983215 983216 CVE-2009-3235 CVE-2011-1526 CVE-2011-3372 CVE-2011-4862 CVE-2012-6702 CVE-2013-0175 CVE-2013-1571 CVE-2013-1991 CVE-2013-2000 CVE-2014-0011 CVE-2014-6272 CVE-2014-8240 CVE-2015-0247 CVE-2015-0255 CVE-2015-1572 CVE-2015-4491 CVE-2015-7674 CVE-2016-1523 CVE-2016-5300 CVE-2017-13080 CVE-2017-15649 CVE-2017-5715 CVE-2017-7494 CVE-2017-8779 CVE-2019-14896 CVE-2019-14897 SUSE-SU-2015:1787-1 SUSE-SU-2016:0554-1 SUSE-SU-2017:0424-1 SUSE-SU-2017:1328-1 SUSE-SU-2017:1392-1 SUSE-SU-2017:3158-1 SUSE-SU-2018:0056-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND dracut-044.1-lp150.13 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-76.0.3809.87-lp151.2.15 is installed OR chromium-76.0.3809.87-lp151.2.15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gtk2-2.18.9-0.35 is installed OR gtk2-32bit-2.18.9-0.35 is installed OR gtk2-lang-2.18.9-0.35 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information expat-2.1.0-20 is installed OR libexpat1-2.1.0-20 is installed OR libexpat1-32bit-2.1.0-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_60-default-3-2 is installed OR kgraft-patch-3_12_74-60_64_60-xen-3-2 is installed OR kgraft-patch-SLE12-SP1_Update_21-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information krb5-appl-clients-1.0.3-1 is installed OR krb5-appl-servers-1.0.3-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information glibc-2.22-62.13 is installed OR glibc-32bit-2.22-62.13 is installed OR glibc-devel-2.22-62.13 is installed OR glibc-devel-32bit-2.22-62.13 is installed OR glibc-html-2.22-62.13 is installed OR glibc-i18ndata-2.22-62.13 is installed OR glibc-info-2.22-62.13 is installed OR glibc-locale-2.22-62.13 is installed OR glibc-locale-32bit-2.22-62.13 is installed OR glibc-profile-2.22-62.13 is installed OR glibc-profile-32bit-2.22-62.13 is installed OR nscd-2.22-62.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information python3-rpm-4.11.2-16.21 is installed OR rpm-4.11.2-16.21 is installed OR rpm-32bit-4.11.2-16.21 is installed OR rpm-build-4.11.2-16.21 is installed OR rpm-python-4.11.2-16.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libsoup-2_4-1-2.54.1-4 is installed OR libsoup-2_4-1-32bit-2.54.1-4 is installed OR libsoup-lang-2.54.1-4 is installed OR typelib-1_0-Soup-2_4-2.54.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information xen-4.9.3_03-3.47 is installed OR xen-doc-html-4.9.3_03-3.47 is installed OR xen-libs-4.9.3_03-3.47 is installed OR xen-libs-32bit-4.9.3_03-3.47 is installed OR xen-tools-4.9.3_03-3.47 is installed OR xen-tools-domU-4.9.3_03-3.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND libzypp-16.19.0-2.36 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-multi_xml-0.5.5-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.121 is installed OR kernel-default-base-4.4.180-94.121 is installed OR kernel-default-devel-4.4.180-94.121 is installed OR kernel-default-kgraft-4.4.180-94.121 is installed OR kernel-devel-4.4.180-94.121 is installed OR kernel-macros-4.4.180-94.121 is installed OR kernel-source-4.4.180-94.121 is installed OR kernel-syms-4.4.180-94.121 is installed OR kgraft-patch-4_4_180-94_121-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_32-1-4.5 is installed
BACK