Oval Definition:oval:org.opensuse.security:def:56299
Revision Date:2020-12-01Version:1
Title:Security update for libosip2 (Moderate)
Description:



This update for libosip2 fixes several issues.

These security issues were fixed:

- CVE-2017-7853: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS (bsc#1034570). - CVE-2016-10326: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS (bsc#1034571). - CVE-2016-10325: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS (bsc#1034572). - CVE-2016-10324: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c (bsc#1034574).
Family:unixClass:patch
Status:Reference(s):1017646
1019074
1034570
1034571
1034572
1034574
1040107
1040114
1040662
1045490
1052522
1096564
1097108
1099306
1122293
1122299
1132728
1132729
1132732
1134297
930077
930078
958791
CVE-2004-0801
CVE-2007-4129
CVE-2010-4267
CVE-2011-1098
CVE-2011-1154
CVE-2011-1155
CVE-2011-2697
CVE-2011-2722
CVE-2012-0037
CVE-2012-6706
CVE-2013-0211
CVE-2013-4325
CVE-2013-6402
CVE-2013-6427
CVE-2014-8080
CVE-2014-8090
CVE-2014-9474
CVE-2015-2304
CVE-2015-4141
CVE-2015-4142
CVE-2015-6496
CVE-2015-8540
CVE-2016-10087
CVE-2016-10127
CVE-2016-10149
CVE-2016-10324
CVE-2016-10325
CVE-2016-10326
CVE-2017-11600
CVE-2017-12596
CVE-2017-7853
CVE-2017-9110
CVE-2017-9114
CVE-2018-10853
CVE-2018-11212
CVE-2018-3646
CVE-2019-2422
CVE-2019-2426
CVE-2019-2602
CVE-2019-2684
CVE-2019-2698
SUSE-SU-2015:2221-1
SUSE-SU-2017:0569-1
SUSE-SU-2017:0950-1
SUSE-SU-2017:1187-1
SUSE-SU-2017:1716-1
SUSE-SU-2018:0585-1
SUSE-SU-2018:2355-1
SUSE-SU-2019:1392-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.1 NonFree
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libHX28-3.22-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND bubblewrap-0.3.3-lp151.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 NonFree is installed
  • AND opera-65.0.3467.62-lp151.2.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • wpa_supplicant-0.7.1-6.17 is installed
  • OR wpa_supplicant-gui-0.7.1-6.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND libosip2-3.5.0-20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • hplip-3.14.6-3 is installed
  • OR hplip-hpijs-3.14.6-3 is installed
  • OR hplip-sane-3.14.6-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND clamav-0.99.2-32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND coolkey-1.1.0-147 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ghostscript-9.25-23.13 is installed
  • OR ghostscript-x11-9.25-23.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_92-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_24-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_59-92_20-default-12-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_8-12-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • python-2.7.13-27 is installed
  • OR python-32bit-2.7.13-27 is installed
  • OR python-curses-2.7.13-27 is installed
  • OR python-demo-2.7.13-27 is installed
  • OR python-gdbm-2.7.13-27 is installed
  • OR python-idle-2.7.13-27 is installed
  • OR python-tk-2.7.13-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • gstreamer-plugins-base-1.8.3-13.3 is installed
  • OR gstreamer-plugins-base-lang-1.8.3-13.3 is installed
  • OR libgstallocators-1_0-0-1.8.3-13.3 is installed
  • OR libgstapp-1_0-0-1.8.3-13.3 is installed
  • OR libgstapp-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstaudio-1_0-0-1.8.3-13.3 is installed
  • OR libgstaudio-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstfft-1_0-0-1.8.3-13.3 is installed
  • OR libgstpbutils-1_0-0-1.8.3-13.3 is installed
  • OR libgstpbutils-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstriff-1_0-0-1.8.3-13.3 is installed
  • OR libgstrtp-1_0-0-1.8.3-13.3 is installed
  • OR libgstrtsp-1_0-0-1.8.3-13.3 is installed
  • OR libgstsdp-1_0-0-1.8.3-13.3 is installed
  • OR libgsttag-1_0-0-1.8.3-13.3 is installed
  • OR libgsttag-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstvideo-1_0-0-1.8.3-13.3 is installed
  • OR libgstvideo-1_0-0-32bit-1.8.3-13.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • apache2-mod_apparmor-2.8.2-49 is installed
  • OR apparmor-docs-2.8.2-49 is installed
  • OR apparmor-parser-2.8.2-49 is installed
  • OR apparmor-profiles-2.8.2-49 is installed
  • OR apparmor-utils-2.8.2-49 is installed
  • OR libapparmor1-2.8.2-49 is installed
  • OR libapparmor1-32bit-2.8.2-49 is installed
  • OR pam_apparmor-2.8.2-49 is installed
  • OR pam_apparmor-32bit-2.8.2-49 is installed
  • OR perl-apparmor-2.8.2-49 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND conntrack-tools-1.4.2-5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed
  • OR openssl-1.0.2j-60.30 is installed
  • OR openssl-doc-1.0.2j-60.30 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libecpg6-10.12-1.18 is installed
  • OR libpq5-10.12-1.18 is installed
  • OR libpq5-32bit-10.12-1.18 is installed
  • OR postgresql10-10.12-1.18 is installed
  • OR postgresql10-contrib-10.12-1.18 is installed
  • OR postgresql10-docs-10.12-1.18 is installed
  • OR postgresql10-libs-10.12-1.18 is installed
  • OR postgresql10-plperl-10.12-1.18 is installed
  • OR postgresql10-plpython-10.12-1.18 is installed
  • OR postgresql10-pltcl-10.12-1.18 is installed
  • OR postgresql10-server-10.12-1.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • crowbar-core-6.0+git.1582892022.cbd70e833-3.19 is installed
  • OR crowbar-core-branding-upstream-6.0+git.1582892022.cbd70e833-3.19 is installed
  • OR crowbar-ha-6.0+git.1574286261.6fd1a34-3.13 is installed
  • OR crowbar-openstack-6.0+git.1580922461.67fb3c087-3.19 is installed
  • OR crowbar-ui-1.3.0+git.1575896697.a01a3a08-17 is installed
  • OR keepalived-2.0.19-3.3 is installed
  • OR openstack-barbican-7.0.1~dev24-3.6 is installed
  • OR openstack-barbican-api-7.0.1~dev24-3.6 is installed
  • OR openstack-barbican-keystone-listener-7.0.1~dev24-3.6 is installed
  • OR openstack-barbican-retry-7.0.1~dev24-3.6 is installed
  • OR openstack-barbican-worker-7.0.1~dev24-3.6 is installed
  • OR openstack-ceilometer-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-agent-central-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-agent-compute-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-agent-ipmi-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-agent-notification-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-polling-11.0.2~dev21-3.10 is installed
  • OR openstack-cinder-13.0.9~dev11-3.16 is installed
  • OR openstack-cinder-api-13.0.9~dev11-3.16 is installed
  • OR openstack-cinder-backup-13.0.9~dev11-3.16 is installed
  • OR openstack-cinder-scheduler-13.0.9~dev11-3.16 is installed
  • OR openstack-cinder-volume-13.0.9~dev11-3.16 is installed
  • OR openstack-dashboard-14.1.1~dev1-3.12 is installed
  • OR openstack-dashboard-theme-SUSE-2018.2+git.1555335229.5c8dec9-3.3 is installed
  • OR openstack-designate-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-agent-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-api-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-central-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-producer-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-sink-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-worker-7.0.1~dev23-3.13 is installed
  • OR openstack-heat-11.0.3~dev31-3.13 is installed
  • OR openstack-heat-api-11.0.3~dev31-3.13 is installed
  • OR openstack-heat-api-cfn-11.0.3~dev31-3.13 is installed
  • OR openstack-heat-engine-11.0.3~dev31-3.13 is installed
  • OR openstack-heat-plugin-heat_docker-11.0.3~dev31-3.13 is installed
  • OR openstack-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed
  • OR openstack-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed
  • OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed
  • OR openstack-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed
  • OR openstack-ironic-11.1.4~dev22-3.13 is installed
  • OR openstack-ironic-api-11.1.4~dev22-3.13 is installed
  • OR openstack-ironic-conductor-11.1.4~dev22-3.13 is installed
  • OR openstack-ironic-python-agent-3.3.3~dev6-3.13 is installed
  • OR openstack-keystone-14.1.1~dev36-3.19 is installed
  • OR openstack-magnum-7.2.1~dev1-3.10 is installed
  • OR openstack-magnum-api-7.2.1~dev1-3.10 is installed
  • OR openstack-magnum-conductor-7.2.1~dev1-3.10 is installed
  • OR openstack-monasca-agent-2.8.1~dev13-3.6 is installed
  • OR openstack-neutron-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-dhcp-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-fwaas-13.0.3~dev4-3.9 is installed
  • OR openstack-neutron-gbp-5.0.1~dev491-3.16 is installed
  • OR openstack-neutron-ha-tool-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-l3-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-linuxbridge-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-macvtap-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-metadata-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-metering-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-openvswitch-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-server-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-vpnaas-13.0.2~dev6-3.6 is installed
  • OR openstack-neutron-vyatta-agent-13.0.2~dev6-3.6 is installed
  • OR openstack-nova-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-api-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-cells-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-compute-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-conductor-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-console-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-novncproxy-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-placement-api-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-scheduler-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-serialproxy-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-vncproxy-18.2.4~dev63-3.19 is installed
  • OR openstack-octavia-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-amphora-agent-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-amphora-image-0.1.2-7.6 is installed
  • OR openstack-octavia-amphora-image-x86_64-0.1.2-7.6 is installed
  • OR openstack-octavia-api-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-health-manager-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-housekeeping-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-worker-3.2.2~dev8-3.19 is installed
  • OR openstack-sahara-9.0.2~dev15-3.9 is installed
  • OR openstack-sahara-api-9.0.2~dev15-3.9 is installed
  • OR openstack-sahara-engine-9.0.2~dev15-3.9 is installed
  • OR openstack-swift-2.19.2~dev48-3.3 is installed
  • OR openstack-swift-account-2.19.2~dev48-3.3 is installed
  • OR openstack-swift-container-2.19.2~dev48-3.3 is installed
  • OR openstack-swift-object-2.19.2~dev48-3.3 is installed
  • OR openstack-swift-proxy-2.19.2~dev48-3.3 is installed
  • OR python-amqp-2.4.2-4.3 is installed
  • OR python-barbican-7.0.1~dev24-3.6 is installed
  • OR python-ceilometer-11.0.2~dev21-3.10 is installed
  • OR python-cinder-13.0.9~dev11-3.16 is installed
  • OR python-designate-7.0.1~dev23-3.13 is installed
  • OR python-heat-11.0.3~dev31-3.13 is installed
  • OR python-horizon-14.1.1~dev1-3.12 is installed
  • OR python-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed
  • OR python-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed
  • OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed
  • OR python-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed
  • OR python-ironic-11.1.4~dev22-3.13 is installed
  • OR python-ironic-lib-2.14.2-3.3 is installed
  • OR python-keystone-14.1.1~dev36-3.19 is installed
  • OR python-keystoneauth1-3.10.1~dev10-3.3 is installed
  • OR python-keystoneclient-3.17.1~dev5-3.3 is installed
  • OR python-keystoneclient-doc-3.17.1~dev5-3.3 is installed
  • OR python-keystonemiddleware-5.2.2~dev3-14 is installed
  • OR python-magnum-7.2.1~dev1-3.10 is installed
  • OR python-monasca-agent-2.8.1~dev13-3.6 is installed
  • OR python-neutron-13.0.7~dev48-3.19 is installed
  • OR python-neutron-fwaas-13.0.3~dev4-3.9 is installed
  • OR python-neutron-gbp-5.0.1~dev491-3.16 is installed
  • OR python-neutron-vpnaas-13.0.2~dev6-3.6 is installed
  • OR python-nova-18.2.4~dev63-3.19 is installed
  • OR python-octavia-3.2.2~dev8-3.19 is installed
  • OR python-openstack_auth-14.1.1~dev1-3.12 is installed
  • OR python-ovs-2.9.0-3.3 is installed
  • OR python-sahara-9.0.2~dev15-3.9 is installed
  • OR python-swift-2.19.2~dev48-3.3 is installed
  • OR ruby2.1-rubygem-crowbar-client-3.9.1-3.3 is installed
  • OR ruby2.1-rubygem-puma-2.16.0-4.3 is installed
  • OR rubygem-crowbar-client-3.9.1-3.3 is installed
  • OR rubygem-puma-2.16.0-4.3 is installed
  • OR supportutils-plugin-suse-openstack-cloud-9.0.1574431436.987b47d-3.6 is installed
    • BACK