Oval Definition:oval:org.opensuse.security:def:56582
Revision Date:2020-12-01Version:1
Title:Security update for clamav (Important)
Description:

This update for clamav fixes the following issues:

- Update to security release 0.99.3 (bsc#1077732) * CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability) * CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability) * CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. * CVE-2017-12374 (ClamAV use-after-free Vulnerabilities) * CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability) * CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability) * CVE-2017-12380 (ClamAV Null Dereference Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. * CVE-2017-6420 (bsc#1052448) - this vulnerability could have allowed remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression. * CVE-2017-6419 (bsc#1052449) - ClamAV could have allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. * CVE-2017-11423 (bsc#1049423) - ClamAV could have allowed remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file. * CVE-2017-6418 (bsc#1052466) - ClamAV could have allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. - update upstream keys in the keyring

- provide and obsolete clamav-nodb to trigger it's removal in Leap bsc#1040662
Family:unixClass:patch
Status:Reference(s):1008845
1012422
1020928
1035082
1035829
1040662
1041830
1043484
1043607
1043960
1045060
1045062
1045065
1045205
1048576
1049423
1050231
1052448
1052449
1052466
1061599
1062937
1066569
1066693
1067678
1068032
1068671
1070771
1070781
1071074
1071470
1071693
1071694
1071695
1072561
1072876
1077732
1092885
1096223
1098735
1104301
1107116
1107121
1122293
1122299
1129346
1130847
1132728
1132729
1132732
1134297
1137001
906574
924960
933288
933878
936227
942865
957566
957567
957598
957600
960837
971741
972127
988488
CVE-2006-0855
CVE-2007-1669
CVE-2014-7300
CVE-2014-8964
CVE-2015-2325
CVE-2015-2327
CVE-2015-2328
CVE-2015-3210
CVE-2015-3217
CVE-2015-5073
CVE-2015-8380
CVE-2015-8381
CVE-2015-8382
CVE-2015-8383
CVE-2015-8384
CVE-2015-8385
CVE-2015-8386
CVE-2015-8387
CVE-2015-8388
CVE-2015-8389
CVE-2015-8390
CVE-2015-8391
CVE-2015-8392
CVE-2015-8393
CVE-2015-8394
CVE-2015-8395
CVE-2016-10196
CVE-2016-1283
CVE-2016-1601
CVE-2016-3191
CVE-2016-5387
CVE-2016-9189
CVE-2017-11423
CVE-2017-11600
CVE-2017-12374
CVE-2017-12375
CVE-2017-12376
CVE-2017-12377
CVE-2017-12378
CVE-2017-12379
CVE-2017-12380
CVE-2017-13167
CVE-2017-15115
CVE-2017-15232
CVE-2017-15868
CVE-2017-16534
CVE-2017-16538
CVE-2017-17448
CVE-2017-17449
CVE-2017-17450
CVE-2017-17558
CVE-2017-3167
CVE-2017-3169
CVE-2017-5429
CVE-2017-5430
CVE-2017-5432
CVE-2017-5433
CVE-2017-5434
CVE-2017-5435
CVE-2017-5436
CVE-2017-5438
CVE-2017-5439
CVE-2017-5440
CVE-2017-5441
CVE-2017-5442
CVE-2017-5443
CVE-2017-5444
CVE-2017-5445
CVE-2017-5446
CVE-2017-5447
CVE-2017-5448
CVE-2017-5449
CVE-2017-5451
CVE-2017-5454
CVE-2017-5455
CVE-2017-5456
CVE-2017-5459
CVE-2017-5460
CVE-2017-5461
CVE-2017-5462
CVE-2017-5464
CVE-2017-5465
CVE-2017-5466
CVE-2017-5467
CVE-2017-5469
CVE-2017-5470
CVE-2017-5472
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CVE-2017-6418
CVE-2017-6419
CVE-2017-6420
CVE-2017-7679
CVE-2017-7749
CVE-2017-7750
CVE-2017-7751
CVE-2017-7752
CVE-2017-7754
CVE-2017-7755
CVE-2017-7756
CVE-2017-7757
CVE-2017-7758
CVE-2017-7761
CVE-2017-7763
CVE-2017-7764
CVE-2017-7765
CVE-2017-7768
CVE-2017-7778
CVE-2017-8824
CVE-2017-9788
CVE-2018-11212
CVE-2018-11806
CVE-2018-12617
CVE-2018-16428
CVE-2018-16429
CVE-2018-3639
CVE-2018-5383
CVE-2019-12450
CVE-2019-2422
CVE-2019-2426
CVE-2019-2602
CVE-2019-2684
CVE-2019-2698
CVE-2019-9636
CVE-2019-9948
SUSE-SU-2016:1818-1
SUSE-SU-2016:2971-1
SUSE-SU-2017:1669-1
SUSE-SU-2017:2449-1
SUSE-SU-2018:0031-1
SUSE-SU-2018:0255-1
SUSE-SU-2018:0373-1
SUSE-SU-2018:2565-1
SUSE-SU-2019:0427-1
SUSE-SU-2019:1392-1
SUSE-SU-2019:1439-1
SUSE-SU-2019:1722-1
SUSE-SU-2019:1772-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • avahi-0.6.32-lp150.3 is installed
  • OR avahi-lang-0.6.32-lp150.3 is installed
  • OR libavahi-client3-0.6.32-lp150.3 is installed
  • OR libavahi-common3-0.6.32-lp150.3 is installed
  • OR libavahi-core7-0.6.32-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • curl-7.60.0-lp151.5.3 is installed
  • OR curl-mini-7.60.0-lp151.5.3 is installed
  • OR libcurl-devel-7.60.0-lp151.5.3 is installed
  • OR libcurl-devel-32bit-7.60.0-lp151.5.3 is installed
  • OR libcurl-mini-devel-7.60.0-lp151.5.3 is installed
  • OR libcurl4-7.60.0-lp151.5.3 is installed
  • OR libcurl4-32bit-7.60.0-lp151.5.3 is installed
  • OR libcurl4-mini-7.60.0-lp151.5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND clamav-0.99.3-33.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND zoo-2.10-1020 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • MozillaFirefox-52.2.0esr-108 is installed
  • OR MozillaFirefox-branding-SLE-52-31 is installed
  • OR MozillaFirefox-devel-52.2.0esr-108 is installed
  • OR MozillaFirefox-translations-52.2.0esr-108 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gnome-settings-daemon-3.20.1-40 is installed
  • OR gnome-settings-daemon-lang-3.20.1-40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.92 is installed
  • OR kernel-default-base-4.4.121-92.92 is installed
  • OR kernel-default-devel-4.4.121-92.92 is installed
  • OR kernel-devel-4.4.121-92.92 is installed
  • OR kernel-macros-4.4.121-92.92 is installed
  • OR kernel-source-4.4.121-92.92 is installed
  • OR kernel-syms-4.4.121-92.92 is installed
  • OR kgraft-patch-4_4_121-92_92-default-1-3.7 is installed
  • OR kgraft-patch-SLE12-SP2_Update_24-1-3.7 is installed
  • OR lttng-modules-2.7.1-9.4 is installed
  • OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.6_04-43.39 is installed
  • OR xen-doc-html-4.7.6_04-43.39 is installed
  • OR xen-libs-4.7.6_04-43.39 is installed
  • OR xen-libs-32bit-4.7.6_04-43.39 is installed
  • OR xen-tools-4.7.6_04-43.39 is installed
  • OR xen-tools-domU-4.7.6_04-43.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libjpeg-turbo-1.5.3-31.19 is installed
  • OR libjpeg62-62.2.0-31.19 is installed
  • OR libjpeg62-32bit-62.2.0-31.19 is installed
  • OR libjpeg62-turbo-1.5.3-31.19 is installed
  • OR libjpeg8-8.1.2-31.19 is installed
  • OR libjpeg8-32bit-8.1.2-31.19 is installed
  • OR libturbojpeg0-8.1.2-31.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_103-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libfreebl3-3.47.1-58.34 is installed
  • OR libfreebl3-32bit-3.47.1-58.34 is installed
  • OR libfreebl3-hmac-3.47.1-58.34 is installed
  • OR libfreebl3-hmac-32bit-3.47.1-58.34 is installed
  • OR libsoftokn3-3.47.1-58.34 is installed
  • OR libsoftokn3-32bit-3.47.1-58.34 is installed
  • OR libsoftokn3-hmac-3.47.1-58.34 is installed
  • OR libsoftokn3-hmac-32bit-3.47.1-58.34 is installed
  • OR mozilla-nspr-4.23-19.12 is installed
  • OR mozilla-nspr-32bit-4.23-19.12 is installed
  • OR mozilla-nss-3.47.1-58.34 is installed
  • OR mozilla-nss-32bit-3.47.1-58.34 is installed
  • OR mozilla-nss-certs-3.47.1-58.34 is installed
  • OR mozilla-nss-certs-32bit-3.47.1-58.34 is installed
  • OR mozilla-nss-sysinit-3.47.1-58.34 is installed
  • OR mozilla-nss-sysinit-32bit-3.47.1-58.34 is installed
  • OR mozilla-nss-tools-3.47.1-58.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • colord-gtk-lang-0.1.26-6 is installed
  • OR libcolord-gtk1-0.1.26-6 is installed
  • OR libcolord2-1.3.3-12 is installed
  • OR libcolord2-32bit-1.3.3-12 is installed
  • OR libcolorhug2-1.3.3-12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • apache2-2.4.16-20.10 is installed
  • OR apache2-doc-2.4.16-20.10 is installed
  • OR apache2-example-pages-2.4.16-20.10 is installed
  • OR apache2-prefork-2.4.16-20.10 is installed
  • OR apache2-utils-2.4.16-20.10 is installed
  • OR apache2-worker-2.4.16-20.10 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.221-43.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • kafka-0.10.2.2-5.6 is installed
  • OR openstack-monasca-api-2.2.1~dev24-3.6 is installed
  • OR python-monasca-api-2.2.1~dev24-3.6 is installed
    • BACK