OVAL Reference oval:org.opensuse.security:def:56616

Oval Definition:

oval:org.opensuse.security:def:56616

Revision Date:	2020-12-01	Version:	1
Title:	Security update for libxml2 (Moderate)
Description:	This update for libxml2 fixes the following security issues: - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279). - CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1105166). - CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046). - CVE-2017-18258: The xz_head function allowed remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality did not restrict memory usage to what is required for a legitimate file (bsc#1088601).
Family:	unix	Class:	patch
Status:		Reference(s):	1013721 1013732 1013877 1015173 1026652 1049302 1049305 1049306 1049307 1049308 1049309 1049310 1049311 1049312 1049313 1049314 1049315 1049316 1049317 1049318 1049319 1049320 1049321 1049322 1049323 1049324 1049325 1049326 1049327 1049328 1049329 1049330 1049331 1049332 1057342 1080249 1081741 1087082 1087083 1088279 1088601 1096141 1100147 1102046 1103411 1105166 1108308 1115375 1122706 1129346 1139083 1141780 1141782 1141783 1141784 1141785 1141786 1141787 1141789 960402 963937 967970 969522 975131 975500 981566 986228 986869 991564 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004 CVE-2015-5041 CVE-2015-7575 CVE-2015-8126 CVE-2015-8472 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0475 CVE-2016-0483 CVE-2016-0494 CVE-2016-0752 CVE-2016-2119 CVE-2016-2533 CVE-2016-4009 CVE-2016-7837 CVE-2016-9800 CVE-2016-9801 CVE-2016-9804 CVE-2016-9918 CVE-2017-1000250 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10078 CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 CVE-2017-10118 CVE-2017-10125 CVE-2017-10135 CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 CVE-2017-18258 CVE-2018-1050 CVE-2018-10858 CVE-2018-14404 CVE-2018-14567 CVE-2018-3639 CVE-2018-3640 CVE-2018-6871 CVE-2018-9251 CVE-2019-12900 CVE-2019-2745 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 CVE-2019-3813 CVE-2019-7317 CVE-2019-9636 SUSE-SU-2016:0390-1 SUSE-SU-2016:2306-1 SUSE-SU-2017:2175-1 SUSE-SU-2018:0443-1 SUSE-SU-2018:1935-1 SUSE-SU-2018:3074-1 SUSE-SU-2018:3081-1 SUSE-SU-2019:0230-1 SUSE-SU-2019:0961-1 SUSE-SU-2019:2013-1 SUSE-SU-2019:2036-1 SUSE-SU-2019:2334-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information freerdp-2.0.0~rc2-lp150.1 is installed OR libfreerdp2-2.0.0~rc2-lp150.1 is installed OR libwinpr2-2.0.0~rc2-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information apache2-mod_php7-7.2.5-lp151.6.3 is installed OR php7-7.2.5-lp151.6.3 is installed OR php7-bcmath-7.2.5-lp151.6.3 is installed OR php7-bz2-7.2.5-lp151.6.3 is installed OR php7-calendar-7.2.5-lp151.6.3 is installed OR php7-ctype-7.2.5-lp151.6.3 is installed OR php7-curl-7.2.5-lp151.6.3 is installed OR php7-dba-7.2.5-lp151.6.3 is installed OR php7-devel-7.2.5-lp151.6.3 is installed OR php7-dom-7.2.5-lp151.6.3 is installed OR php7-embed-7.2.5-lp151.6.3 is installed OR php7-enchant-7.2.5-lp151.6.3 is installed OR php7-exif-7.2.5-lp151.6.3 is installed OR php7-fastcgi-7.2.5-lp151.6.3 is installed OR php7-fileinfo-7.2.5-lp151.6.3 is installed OR php7-firebird-7.2.5-lp151.6.3 is installed OR php7-fpm-7.2.5-lp151.6.3 is installed OR php7-ftp-7.2.5-lp151.6.3 is installed OR php7-gd-7.2.5-lp151.6.3 is installed OR php7-gettext-7.2.5-lp151.6.3 is installed OR php7-gmp-7.2.5-lp151.6.3 is installed OR php7-iconv-7.2.5-lp151.6.3 is installed OR php7-intl-7.2.5-lp151.6.3 is installed OR php7-json-7.2.5-lp151.6.3 is installed OR php7-ldap-7.2.5-lp151.6.3 is installed OR php7-mbstring-7.2.5-lp151.6.3 is installed OR php7-mysql-7.2.5-lp151.6.3 is installed OR php7-odbc-7.2.5-lp151.6.3 is installed OR php7-opcache-7.2.5-lp151.6.3 is installed OR php7-openssl-7.2.5-lp151.6.3 is installed OR php7-pcntl-7.2.5-lp151.6.3 is installed OR php7-pdo-7.2.5-lp151.6.3 is installed OR php7-pear-7.2.5-lp151.6.3 is installed OR php7-pear-Archive_Tar-7.2.5-lp151.6.3 is installed OR php7-pgsql-7.2.5-lp151.6.3 is installed OR php7-phar-7.2.5-lp151.6.3 is installed OR php7-posix-7.2.5-lp151.6.3 is installed OR php7-readline-7.2.5-lp151.6.3 is installed OR php7-shmop-7.2.5-lp151.6.3 is installed OR php7-snmp-7.2.5-lp151.6.3 is installed OR php7-soap-7.2.5-lp151.6.3 is installed OR php7-sockets-7.2.5-lp151.6.3 is installed OR php7-sodium-7.2.5-lp151.6.3 is installed OR php7-sqlite-7.2.5-lp151.6.3 is installed OR php7-sysvmsg-7.2.5-lp151.6.3 is installed OR php7-sysvsem-7.2.5-lp151.6.3 is installed OR php7-sysvshm-7.2.5-lp151.6.3 is installed OR php7-testresults-7.2.5-lp151.6.3 is installed OR php7-tidy-7.2.5-lp151.6.3 is installed OR php7-tokenizer-7.2.5-lp151.6.3 is installed OR php7-wddx-7.2.5-lp151.6.3 is installed OR php7-xmlreader-7.2.5-lp151.6.3 is installed OR php7-xmlrpc-7.2.5-lp151.6.3 is installed OR php7-xmlwriter-7.2.5-lp151.6.3 is installed OR php7-xsl-7.2.5-lp151.6.3 is installed OR php7-zip-7.2.5-lp151.6.3 is installed OR php7-zlib-7.2.5-lp151.6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libxml2-2.9.4-46.15 is installed OR libxml2-2-2.9.4-46.15 is installed OR libxml2-2-32bit-2.9.4-46.15 is installed OR libxml2-tools-2.9.4-46.15 is installed OR python-libxml2-2.9.4-46.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libdcerpc-binding0-4.2.4-26 is installed OR libdcerpc-binding0-32bit-4.2.4-26 is installed OR libdcerpc0-4.2.4-26 is installed OR libdcerpc0-32bit-4.2.4-26 is installed OR libgensec0-4.2.4-26 is installed OR libgensec0-32bit-4.2.4-26 is installed OR libndr-krb5pac0-4.2.4-26 is installed OR libndr-krb5pac0-32bit-4.2.4-26 is installed OR libndr-nbt0-4.2.4-26 is installed OR libndr-nbt0-32bit-4.2.4-26 is installed OR libndr-standard0-4.2.4-26 is installed OR libndr-standard0-32bit-4.2.4-26 is installed OR libndr0-4.2.4-26 is installed OR libndr0-32bit-4.2.4-26 is installed OR libnetapi0-4.2.4-26 is installed OR libnetapi0-32bit-4.2.4-26 is installed OR libregistry0-4.2.4-26 is installed OR libsamba-credentials0-4.2.4-26 is installed OR libsamba-credentials0-32bit-4.2.4-26 is installed OR libsamba-hostconfig0-4.2.4-26 is installed OR libsamba-hostconfig0-32bit-4.2.4-26 is installed OR libsamba-passdb0-4.2.4-26 is installed OR libsamba-passdb0-32bit-4.2.4-26 is installed OR libsamba-util0-4.2.4-26 is installed OR libsamba-util0-32bit-4.2.4-26 is installed OR libsamdb0-4.2.4-26 is installed OR libsamdb0-32bit-4.2.4-26 is installed OR libsmbclient-raw0-4.2.4-26 is installed OR libsmbclient-raw0-32bit-4.2.4-26 is installed OR libsmbclient0-4.2.4-26 is installed OR libsmbclient0-32bit-4.2.4-26 is installed OR libsmbconf0-4.2.4-26 is installed OR libsmbconf0-32bit-4.2.4-26 is installed OR libsmbldap0-4.2.4-26 is installed OR libsmbldap0-32bit-4.2.4-26 is installed OR libtevent-util0-4.2.4-26 is installed OR libtevent-util0-32bit-4.2.4-26 is installed OR libwbclient0-4.2.4-26 is installed OR libwbclient0-32bit-4.2.4-26 is installed OR samba-4.2.4-26 is installed OR samba-32bit-4.2.4-26 is installed OR samba-client-4.2.4-26 is installed OR samba-client-32bit-4.2.4-26 is installed OR samba-doc-4.2.4-26 is installed OR samba-libs-4.2.4-26 is installed OR samba-libs-32bit-4.2.4-26 is installed OR samba-winbind-4.2.4-26 is installed OR samba-winbind-32bit-4.2.4-26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-demo-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-devel-1.8.0.144-27.5 is installed OR java-1_8_0-openjdk-headless-1.8.0.144-27.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libX11-6-1.6.2-4 is installed OR libX11-6-32bit-1.6.2-4 is installed OR libX11-data-1.6.2-4 is installed OR libX11-xcb1-1.6.2-4 is installed OR libX11-xcb1-32bit-1.6.2-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.30 is installed OR openssh-askpass-gnome-7.2p2-74.30 is installed OR openssh-fips-7.2p2-74.30 is installed OR openssh-helpers-7.2p2-74.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_35-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_12-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information curl-7.37.0-36 is installed OR libcurl4-7.37.0-36 is installed OR libcurl4-32bit-7.37.0-36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpython2_7-1_0-2.7.17-28.42 is installed OR libpython2_7-1_0-32bit-2.7.17-28.42 is installed OR python-2.7.17-28.42 is installed OR python-32bit-2.7.17-28.42 is installed OR python-base-2.7.17-28.42 is installed OR python-base-32bit-2.7.17-28.42 is installed OR python-curses-2.7.17-28.42 is installed OR python-demo-2.7.17-28.42 is installed OR python-devel-2.7.17-28.42 is installed OR python-doc-2.7.17-28.42 is installed OR python-doc-pdf-2.7.17-28.42 is installed OR python-gdbm-2.7.17-28.42 is installed OR python-idle-2.7.17-28.42 is installed OR python-rpm-macros-20200207.5feb6c1-3.19 is installed OR python-tk-2.7.17-28.42 is installed OR python-xml-2.7.17-28.42 is installed OR shared-python-startup-0.1-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-78.0.1-112.3 is installed OR MozillaFirefox-branding-SLE-78-35.3 is installed OR MozillaFirefox-devel-78.0.1-112.3 is installed OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND binutils-2.31-9.26 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-actionview-4_2-4.2.2-5 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND ucode-intel-20180703-13.25 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND python-urllib3-1.22-5.6 is installed

BACK