Oval Definition:oval:org.opensuse.security:def:56353
Revision Date:2020-12-01Version:1
Title:security update for spice-vdagent (Moderate)
Description:

This update for spice-vdagent provides the following fixes:

This security issue was fixed:

- CVE-2017-15108: Properly escape save directory that is passed to the shell to prevent local attacker with access to the session the agent runs from injecting arbitrary commands to be executed (bsc#1070724).

This non-security issue was fixed:

- Implement endian swapping, required for big-endian guests to connect to the spice client successfully. (bsc#1012215)
Family:unixClass:patch
Status:Reference(s):1012215
1038564
1040151
1042892
1052311
1052368
1070724
1083125
1085447
1090368
1090646
1107832
1108963
1110233
1150003
1150250
1176262
976777
CVE-2006-4484
CVE-2009-0186
CVE-2011-0707
CVE-2011-2696
CVE-2012-0035
CVE-2012-3386
CVE-2013-3571
CVE-2014-0019
CVE-2014-3230
CVE-2014-3421
CVE-2014-3422
CVE-2014-3423
CVE-2014-3424
CVE-2014-9273
CVE-2014-9496
CVE-2016-3697
CVE-2017-1000112
CVE-2017-13166
CVE-2017-15108
CVE-2017-2295
CVE-2017-8890
CVE-2017-9242
CVE-2018-14633
CVE-2018-14634
CVE-2018-17182
CVE-2018-8781
CVE-2018-8897
CVE-2019-1547
CVE-2019-1563
CVE-2019-20916
SUSE-SU-2016:1159-1
SUSE-SU-2017:2113-1
SUSE-SU-2017:2448-1
SUSE-SU-2018:0372-1
SUSE-SU-2018:1541-1
SUSE-SU-2019:2397-1
SUSE-SU-2020:2698-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND dracut-044.1-lp150.13 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libBasicUsageEnvironment1-2019.06.28-lp151.2.3 is installed
  • OR libUsageEnvironment3-2019.06.28-lp151.2.3 is installed
  • OR libgroupsock8-2019.06.28-lp151.2.3 is installed
  • OR libliveMedia66-2019.06.28-lp151.2.3 is installed
  • OR live555-2019.06.28-lp151.2.3 is installed
  • OR live555-devel-2019.06.28-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND spice-vdagent-0.16.0-8.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND puppet-3.8.5-15.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • emacs-24.3-14 is installed
  • OR emacs-el-24.3-14 is installed
  • OR emacs-info-24.3-14 is installed
  • OR emacs-nox-24.3-14 is installed
  • OR emacs-x11-24.3-14 is installed
  • OR etags-24.3-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_57-default-2-2 is installed
  • OR kgraft-patch-3_12_74-60_64_57-xen-2-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_20-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gv-3.7.4-1 is installed
  • OR wdiff-1.2.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • qemu-2.6.2-41.43 is installed
  • OR qemu-block-curl-2.6.2-41.43 is installed
  • OR qemu-block-rbd-2.6.2-41.43 is installed
  • OR qemu-block-ssh-2.6.2-41.43 is installed
  • OR qemu-guest-agent-2.6.2-41.43 is installed
  • OR qemu-ipxe-1.0.0-41.43 is installed
  • OR qemu-kvm-2.6.2-41.43 is installed
  • OR qemu-lang-2.6.2-41.43 is installed
  • OR qemu-seabios-1.9.1-41.43 is installed
  • OR qemu-sgabios-8-41.43 is installed
  • OR qemu-tools-2.6.2-41.43 is installed
  • OR qemu-vgabios-1.9.1-41.43 is installed
  • OR qemu-x86-2.6.2-41.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • curl-7.37.0-37.23 is installed
  • OR libcurl4-7.37.0-37.23 is installed
  • OR libcurl4-32bit-7.37.0-37.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • perl-5.18.2-12.14 is installed
  • OR perl-32bit-5.18.2-12.14 is installed
  • OR perl-base-5.18.2-12.14 is installed
  • OR perl-doc-5.18.2-12.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • bash-4.3-82 is installed
  • OR bash-doc-4.3-82 is installed
  • OR libreadline6-6.3-82 is installed
  • OR libreadline6-32bit-6.3-82 is installed
  • OR readline-doc-6.3-82 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kernel-default-4.4.180-94.107 is installed
  • OR kernel-default-base-4.4.180-94.107 is installed
  • OR kernel-default-devel-4.4.180-94.107 is installed
  • OR kernel-default-kgraft-4.4.180-94.107 is installed
  • OR kernel-default-man-4.4.180-94.107 is installed
  • OR kernel-devel-4.4.180-94.107 is installed
  • OR kernel-macros-4.4.180-94.107 is installed
  • OR kernel-source-4.4.180-94.107 is installed
  • OR kernel-syms-4.4.180-94.107 is installed
  • OR kgraft-patch-4_4_180-94_107-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_29-1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • qemu-2.9.1-6.41 is installed
  • OR qemu-block-curl-2.9.1-6.41 is installed
  • OR qemu-block-iscsi-2.9.1-6.41 is installed
  • OR qemu-block-rbd-2.9.1-6.41 is installed
  • OR qemu-block-ssh-2.9.1-6.41 is installed
  • OR qemu-guest-agent-2.9.1-6.41 is installed
  • OR qemu-ipxe-1.0.0+-6.41 is installed
  • OR qemu-kvm-2.9.1-6.41 is installed
  • OR qemu-lang-2.9.1-6.41 is installed
  • OR qemu-seabios-1.10.2-6.41 is installed
  • OR qemu-sgabios-8-6.41 is installed
  • OR qemu-tools-2.9.1-6.41 is installed
  • OR qemu-vgabios-1.10.2-6.41 is installed
  • OR qemu-x86-2.9.1-6.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • file-5.22-10.6 is installed
  • OR file-magic-5.22-10.6 is installed
  • OR libmagic1-5.22-10.6 is installed
  • OR libmagic1-32bit-5.22-10.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND docker-1.10.3-66 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND python-pip-10.0.1-11.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • postgresql94-9.4.19-21.22 is installed
  • OR postgresql94-contrib-9.4.19-21.22 is installed
  • OR postgresql94-docs-9.4.19-21.22 is installed
  • OR postgresql94-server-9.4.19-21.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • mariadb-10.2.25-3.19 is installed
  • OR mariadb-galera-10.2.25-3.19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ansible-2.4.6.0-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • crowbar-core-6.0+git.1573825081.b1caf60f1-3.16 is installed
  • OR crowbar-core-branding-upstream-6.0+git.1573825081.b1caf60f1-3.16 is installed
  • OR crowbar-openstack-6.0+git.1573754820.dd036ef77-3.16 is installed
  • OR crowbar-ui-1.3.0+git.1572871359.50fc6087-14 is installed
  • OR openstack-barbican-7.0.1~dev21-3.3 is installed
  • OR openstack-barbican-api-7.0.1~dev21-3.3 is installed
  • OR openstack-barbican-keystone-listener-7.0.1~dev21-3.3 is installed
  • OR openstack-barbican-retry-7.0.1~dev21-3.3 is installed
  • OR openstack-barbican-worker-7.0.1~dev21-3.3 is installed
  • OR openstack-heat-templates-0.0.0+git.1553459627.948e8cc-3.3 is installed
  • OR openstack-keystone-14.1.1~dev28-3.16 is installed
  • OR openstack-neutron-13.0.6~dev8-3.16 is installed
  • OR openstack-neutron-dhcp-agent-13.0.6~dev8-3.16 is installed
  • OR openstack-neutron-gbp-5.0.1~dev476-3.13 is installed
  • OR openstack-neutron-ha-tool-13.0.6~dev8-3.16 is installed
  • OR openstack-neutron-l3-agent-13.0.6~dev8-3.16 is installed
  • OR openstack-neutron-lbaas-13.0.1~dev16-3.13 is installed
  • OR openstack-neutron-lbaas-agent-13.0.1~dev16-3.13 is installed
  • OR openstack-neutron-linuxbridge-agent-13.0.6~dev8-3.16 is installed
  • OR openstack-neutron-macvtap-agent-13.0.6~dev8-3.16 is installed
  • OR openstack-neutron-metadata-agent-13.0.6~dev8-3.16 is installed
  • OR openstack-neutron-metering-agent-13.0.6~dev8-3.16 is installed
  • OR openstack-neutron-openvswitch-agent-13.0.6~dev8-3.16 is installed
  • OR openstack-neutron-server-13.0.6~dev8-3.16 is installed
  • OR openstack-nova-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-api-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-cells-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-compute-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-conductor-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-console-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-novncproxy-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-placement-api-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-scheduler-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-serialproxy-18.2.4~dev22-3.16 is installed
  • OR openstack-nova-vncproxy-18.2.4~dev22-3.16 is installed
  • OR openstack-octavia-3.2.1~dev3-3.16 is installed
  • OR openstack-octavia-amphora-agent-3.2.1~dev3-3.16 is installed
  • OR openstack-octavia-api-3.2.1~dev3-3.16 is installed
  • OR openstack-octavia-health-manager-3.2.1~dev3-3.16 is installed
  • OR openstack-octavia-housekeeping-3.2.1~dev3-3.16 is installed
  • OR openstack-octavia-worker-3.2.1~dev3-3.16 is installed
  • OR openstack-sahara-9.0.2~dev14-3.6 is installed
  • OR openstack-sahara-api-9.0.2~dev14-3.6 is installed
  • OR openstack-sahara-engine-9.0.2~dev14-3.6 is installed
  • OR python-barbican-7.0.1~dev21-3.3 is installed
  • OR python-keystone-14.1.1~dev28-3.16 is installed
  • OR python-neutron-13.0.6~dev8-3.16 is installed
  • OR python-neutron-gbp-5.0.1~dev476-3.13 is installed
  • OR python-neutron-lbaas-13.0.1~dev16-3.13 is installed
  • OR python-nova-18.2.4~dev22-3.16 is installed
  • OR python-octavia-3.2.1~dev3-3.16 is installed
  • OR python-psutil-5.4.6-3.3 is installed
  • OR python-sahara-9.0.2~dev14-3.6 is installed
  • OR release-notes-suse-openstack-cloud-9.20191025-3.15 is installed
    • BACK