OVAL Reference oval:org.opensuse.security:def:56594

Oval Definition:

oval:org.opensuse.security:def:56594

Revision Date:	2020-12-01	Version:	1
Title:	Security update for libzypp, zypper (Important)
Description:	This update for libzypp, zypper fixes the following issues: Update libzypp to version 16.17.20: Security issues fixed: - PackageProvider: Validate deta rpms before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) - PackageProvider: Validate downloaded rpm package signatures before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) Other bugs fixed: - lsof: use '-K i' if lsof supports it (bsc#1099847, bsc#1036304) - Handle http error 502 Bad Gateway in curl backend (bsc#1070851) - RepoManager: Explicitly request repo2solv to generate application pseudo packages. - libzypp-devel should not require cmake (bsc#1101349) - HardLocksFile: Prevent against empty commit without Target having been been loaded (bsc#1096803) - Avoid zombie tar processes (bsc#1076192) Update to zypper to version 1.13.45: Security issues fixed: - Improve signature check callback messages (bsc#1045735, CVE-2017-9269) - add/modify repo: Add options to tune the GPG check settings (bsc#1045735, CVE-2017-9269) Other bugs fixed: - XML attribute `packages-to-change` added (bsc#1102429) - man: Strengthen that `--config FILE' affects zypper.conf, not zypp.conf (bsc#1100028) - Prevent nested calls to exit() if aborted by a signal (bsc#1092413) - ansi.h: Prevent ESC sequence strings from going out of scope (bsc#1092413) - Fix: zypper bash completion expands non-existing options (bsc#1049825) - Improve signature check callback messages (bsc#1045735) - add/modify repo: Add options to tune the GPG check settings (bsc#1045735)
Family:	unix	Class:	patch
Status:		Reference(s):	1000106 1003030 1003032 1003870 1004016 1005004 1005005 1007157 1007160 1009100 1009103 1009104 1009107 1009108 1009109 1009111 1011652 1012183 1012759 1012852 1013543 1014271 1021417 1025013 1025254 1030575 1031481 1036304 1039496 1045735 1049825 1056061 1066198 1069708 1070851 1071471 1076192 1078431 1088705 1091624 1092413 1096803 1099658 1099847 1100028 1101349 1102429 1106284 1110785 1111622 1113769 1120843 1120885 1122292 1122293 1122299 1128158 1131543 1131565 1132374 1132472 1133191 1134537 1134596 1134848 1135281 1135603 1136424 1136446 1136586 1136935 1137586 1137597 1139083 900418 943457 949889 953339 953362 953518 954872 957986 958848 961600 963161 964427 973188 973631 974038 975130 975138 975907 976058 976111 978164 978295 978413 979620 979670 980716 980724 981264 981276 982024 982025 982026 982224 982225 982286 982695 982960 983973 983984 984981 985503 986586 988675 988676 990843 990923 CVE-2011-3630 CVE-2011-3631 CVE-2011-3632 CVE-2014-3473 CVE-2014-3474 CVE-2014-3475 CVE-2014-3672 CVE-2014-8124 CVE-2015-3988 CVE-2016-3158 CVE-2016-3159 CVE-2016-3710 CVE-2016-3960 CVE-2016-4001 CVE-2016-4002 CVE-2016-4020 CVE-2016-4037 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4952 CVE-2016-4962 CVE-2016-4963 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6258 CVE-2016-6259 CVE-2016-6351 CVE-2016-7777 CVE-2016-7908 CVE-2016-7909 CVE-2016-7995 CVE-2016-8576 CVE-2016-8667 CVE-2016-8669 CVE-2016-8909 CVE-2016-8910 CVE-2016-9377 CVE-2016-9378 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9385 CVE-2016-9386 CVE-2016-9637 CVE-2017-1000364 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13087 CVE-2017-13088 CVE-2017-15868 CVE-2017-16239 CVE-2017-16939 CVE-2017-7500 CVE-2017-7501 CVE-2017-9269 CVE-2018-11212 CVE-2018-17972 CVE-2018-18074 CVE-2018-1890 CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-7191 CVE-2018-7685 CVE-2019-11190 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11487 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-12900 CVE-2019-2422 CVE-2019-2449 CVE-2019-3846 CVE-2019-5489 SUSE-SU-2016:2093-1 SUSE-SU-2016:3083-1 SUSE-SU-2017:1909-1 SUSE-SU-2017:2745-1 SUSE-SU-2017:3080-1 SUSE-SU-2018:0268-1 SUSE-SU-2018:0697-1 SUSE-SU-2018:2814-1 SUSE-SU-2018:3884-1 SUSE-SU-2019:0617-1 SUSE-SU-2019:1534-1 SUSE-SU-2019:1668-1 SUSE-SU-2019:2013-1 SUSE-SU-2019:2027-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information cpio-2.12-lp150.1 is installed OR cpio-lang-2.12-lp150.1 is installed OR cpio-mt-2.12-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information bzip2-1.0.6-lp151.5.3 is installed OR bzip2-doc-1.0.6-lp151.5.3 is installed OR libbz2-1-1.0.6-lp151.5.3 is installed OR libbz2-1-32bit-1.0.6-lp151.5.3 is installed OR libbz2-devel-1.0.6-lp151.5.3 is installed OR libbz2-devel-32bit-1.0.6-lp151.5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libzypp-16.17.20-2.33 is installed OR zypper-1.13.45-21.21 is installed OR zypper-log-1.13.45-21.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information xen-4.5.3_08-17 is installed OR xen-doc-html-4.5.3_08-17 is installed OR xen-kmp-default-4.5.3_08_k3.12.59_60.45-17 is installed OR xen-libs-4.5.3_08-17 is installed OR xen-libs-32bit-4.5.3_08-17 is installed OR xen-tools-4.5.3_08-17 is installed OR xen-tools-domU-4.5.3_08-17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_18-default-8-3 is installed OR kgraft-patch-3_12_67-60_64_18-xen-8-3 is installed OR kgraft-patch-SLE12-SP1_Update_9-8-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND hardlink-1.0-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_59-92_20-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_8-12-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information git-2.12.3-27.22 is installed OR git-core-2.12.3-27.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libsqlite3-0-3.8.10.2-9.15 is installed OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed OR sqlite3-3.8.10.2-9.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information openstack-dashboard-8.0.2~a0~dev7-2 is installed OR python-horizon-8.0.2~a0~dev7-2 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information openstack-nova-14.0.10~dev13-4.11 is installed OR openstack-nova-api-14.0.10~dev13-4.11 is installed OR openstack-nova-cells-14.0.10~dev13-4.11 is installed OR openstack-nova-cert-14.0.10~dev13-4.11 is installed OR openstack-nova-compute-14.0.10~dev13-4.11 is installed OR openstack-nova-conductor-14.0.10~dev13-4.11 is installed OR openstack-nova-console-14.0.10~dev13-4.11 is installed OR openstack-nova-consoleauth-14.0.10~dev13-4.11 is installed OR openstack-nova-doc-14.0.10~dev13-4.11 is installed OR openstack-nova-novncproxy-14.0.10~dev13-4.11 is installed OR openstack-nova-placement-api-14.0.10~dev13-4.11 is installed OR openstack-nova-scheduler-14.0.10~dev13-4.11 is installed OR openstack-nova-serialproxy-14.0.10~dev13-4.11 is installed OR openstack-nova-vncproxy-14.0.10~dev13-4.11 is installed OR python-nova-14.0.10~dev13-4.11 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed

BACK