Oval Definition:	oval:org.opensuse.security:def:56343
Revision Date: 2020-12-01 Version: 1 Title: Security update for clamav (Important) Description: This update for clamav fixes the following issues: - Update to security release 0.99.3 (bsc#1077732) * CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability) * CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability) * CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. * CVE-2017-12374 (ClamAV use-after-free Vulnerabilities) * CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability) * CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability) * CVE-2017-12380 (ClamAV Null Dereference Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. * CVE-2017-6420 (bsc#1052448) - this vulnerability could have allowed remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression. * CVE-2017-6419 (bsc#1052449) - ClamAV could have allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. * CVE-2017-11423 (bsc#1049423) - ClamAV could have allowed remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file. * CVE-2017-6418 (bsc#1052466) - ClamAV could have allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. - update upstream keys in the keyring - provide and obsolete clamav-nodb to trigger it's removal in Leap bsc#1040662 Family: unix Class: patch Status: Reference(s): 1013669 1031702 1037396 1040311 1040312 1040313 1040662 1041764 1049423 1050577 1050578 1050579 1050581 1052311 1052368 1052448 1052449 1052466 1055960 1065083 1069222 1069226 1073313 1077732 1145092 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 CVE-2009-3607 CVE-2009-3608 CVE-2010-3430 CVE-2010-3431 CVE-2010-3853 CVE-2011-3148 CVE-2011-3149 CVE-2011-3602 CVE-2012-3466 CVE-2013-1788 CVE-2013-1789 CVE-2013-1790 CVE-2013-4473 CVE-2013-4474 CVE-2014-2583 CVE-2014-4362 CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055 CVE-2014-6272 CVE-2014-7819 CVE-2015-1038 CVE-2016-2335 CVE-2016-9811 CVE-2017-1000112 CVE-2017-11423 CVE-2017-11624 CVE-2017-11625 CVE-2017-11626 CVE-2017-11627 CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 CVE-2017-12595 CVE-2017-17740 CVE-2017-6418 CVE-2017-6419 CVE-2017-6420 CVE-2017-8816 CVE-2017-8817 CVE-2017-9208 CVE-2017-9209 CVE-2017-9210 CVE-2017-9287 CVE-2019-10208 SUSE-SU-2017:0189-1 SUSE-SU-2017:2437-1 SUSE-SU-2018:0122-1 SUSE-SU-2018:0255-1 SUSE-SU-2018:3066-1 SUSE-SU-2019:2159-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information cron-4.2-lp150.2 is installed OR cronie-1.5.1-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information expat-2.2.5-lp151.3.3 is installed OR libexpat-devel-2.2.5-lp151.3.3 is installed OR libexpat-devel-32bit-2.2.5-lp151.3.3 is installed OR libexpat1-2.2.5-lp151.3.3 is installed OR libexpat1-32bit-2.2.5-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND clamav-0.99.3-33.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND davfs2-1.5.2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_29-default-7-2 is installed OR kgraft-patch-3_12_69-60_64_29-xen-7-2 is installed OR kgraft-patch-SLE12-SP1_Update_12-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gnome-keyring-3.20.0-27 is installed OR gnome-keyring-32bit-3.20.0-27 is installed OR gnome-keyring-lang-3.20.0-27 is installed OR gnome-keyring-pam-3.20.0-27 is installed OR gnome-keyring-pam-32bit-3.20.0-27 is installed OR libgck-modules-gnome-keyring-3.20.0-27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-12-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND ucode-intel-20180703-13.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libwireshark9-2.4.16-48.51 is installed OR libwiretap7-2.4.16-48.51 is installed OR libwscodecs1-2.4.16-48.51 is installed OR libwsutil8-2.4.16-48.51 is installed OR wireshark-2.4.16-48.51 is installed OR wireshark-gtk-2.4.16-48.51 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dracut-044.1-9 is installed OR dracut-fips-044.1-9 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-sprockets-2_11-2.11.3-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND clamav-0.100.2-33.18 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-urllib3-1.23-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.17.0-11.27 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information mariadb-10.2.25-3.19 is installed OR mariadb-galera-10.2.25-3.19 is installed
BACK