Oval Definition:oval:org.opensuse.security:def:56575
Revision Date:2020-12-01Version:1
Title:Security update for perl-Archive-Zip (Moderate)
Description:

This update for perl-Archive-Zip fixes the following security issue:

- CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could have used this flaw to write or overwrite arbitrary files in the context of the perl interpreter (bsc#1099497)
Family:unixClass:patch
Status:Reference(s):1005070
1005072
1005076
1022500
1038690
1039357
1053431
1069708
1071471
1099497
1111331
1119947
1127080
1133375
1136976
662458
676471
889207
897662
899908
903279
908151
928547
931448
937086
940413
942262
943989
944309
945345
951844
953233
957805
958390
959514
960857
962336
962846
962872
963572
964461
964727
965319
966054
966573
967640
968497
968687
968812
968813
969016
970604
970609
970892
970911
970948
970955
970956
970958
970970
971049
971124
971126
971159
971170
971600
971628
971793
971947
972003
972068
972174
972780
972844
972891
972951
973378
973556
973855
974418
974646
974692
975371
975488
975772
975945
976739
976821
976868
977582
977685
978401
978527
978822
979213
979347
979823
983143
986566
986858
989980
998677
CVE-2011-1709
CVE-2012-0862
CVE-2013-4143
CVE-2013-4342
CVE-2014-9717
CVE-2015-2304
CVE-2016-1583
CVE-2016-2185
CVE-2016-2186
CVE-2016-2188
CVE-2016-2335
CVE-2016-2847
CVE-2016-3134
CVE-2016-3136
CVE-2016-3137
CVE-2016-3138
CVE-2016-3140
CVE-2016-3689
CVE-2016-3951
CVE-2016-4482
CVE-2016-4486
CVE-2016-4569
CVE-2016-5418
CVE-2016-5844
CVE-2016-6250
CVE-2016-8687
CVE-2016-8688
CVE-2016-8689
CVE-2017-0358
CVE-2017-1000366
CVE-2017-10053
CVE-2017-10067
CVE-2017-10074
CVE-2017-10078
CVE-2017-10081
CVE-2017-10087
CVE-2017-10089
CVE-2017-10090
CVE-2017-10096
CVE-2017-10101
CVE-2017-10102
CVE-2017-10105
CVE-2017-10107
CVE-2017-10108
CVE-2017-10109
CVE-2017-10110
CVE-2017-10111
CVE-2017-10115
CVE-2017-10116
CVE-2017-10125
CVE-2017-10243
CVE-2017-15868
CVE-2017-16939
CVE-2018-10860
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-16884
CVE-2019-11091
CVE-2019-1559
CVE-2019-8457
CVE-2019-9928
SUSE-SU-2016:1593-1
SUSE-SU-2016:1696-1
SUSE-SU-2016:2911-1
SUSE-SU-2017:1614-1
SUSE-SU-2017:2263-1
SUSE-SU-2018:0237-1
SUSE-SU-2018:2385-1
SUSE-SU-2018:3587-1
SUSE-SU-2019:1296-1
SUSE-SU-2019:1362-1
SUSE-SU-2019:1600-1
SUSE-SU-2019:1601-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • alsa-1.1.5-lp150.4 is installed
  • OR libasound2-1.1.5-lp150.4 is installed
  • OR libasound2-32bit-1.1.5-lp150.4 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libu2f-host-1.1.6-lp151.2.3 is installed
  • OR libu2f-host-devel-1.1.6-lp151.2.3 is installed
  • OR libu2f-host-doc-1.1.6-lp151.2.3 is installed
  • OR libu2f-host0-1.1.6-lp151.2.3 is installed
  • OR u2f-host-1.1.6-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND perl-Archive-Zip-1.34-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND xinetd-2.3.15-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_54-default-6-2 is installed
  • OR kgraft-patch-3_12_74-60_64_54-xen-6-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_19-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gdm-3.10.0.1-52 is installed
  • OR gdm-lang-3.10.0.1-52 is installed
  • OR gdmflexiserver-3.10.0.1-52 is installed
  • OR libgdm1-3.10.0.1-52 is installed
  • OR typelib-1_0-Gdm-1_0-3.10.0.1-52 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND shadow-4.2.1-27.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.6_02-43.36 is installed
  • OR xen-doc-html-4.7.6_02-43.36 is installed
  • OR xen-libs-4.7.6_02-43.36 is installed
  • OR xen-libs-32bit-4.7.6_02-43.36 is installed
  • OR xen-tools-4.7.6_02-43.36 is installed
  • OR xen-tools-domU-4.7.6_02-43.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libXv1-1.0.10-7 is installed
  • OR libXv1-32bit-1.0.10-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_69-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_21-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • python-cffi-1.11.2-5.11 is installed
  • OR python-cryptography-2.1.4-7.28 is installed
  • OR python-xattr-0.7.5-6.3 is installed
  • OR python3-cffi-1.11.2-5.11 is installed
  • OR python3-cryptography-2.1.4-7.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • bluez-5.13-5.4 is installed
  • OR libbluetooth3-5.13-5.4 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr4.10-30.5 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr4.10-30.5 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr4.10-30.5 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr4.10-30.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ucode-intel-20190514-13.44 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • grafana-4.5.1-4.3 is installed
  • OR kafka-0.9.0.1-5.3 is installed
  • OR logstash-2.4.1-5.4 is installed
  • OR openstack-monasca-installer-20180622_15.06-3.6 is installed
    • BACK