Oval Definition:oval:org.opensuse.security:def:56619
Revision Date:2020-12-01Version:1
Title:Security update for libX11 and libxcb (Moderate)
Description:

This update for libX11 and libxcb fixes the following issue:

libX11:

These security issues were fixed:

- CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact (bsc#1102062). - CVE-2018-14600: The function XListExtensions interpreted a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution (bsc#1102068). - CVE-2018-14598: A malicious server could have sent a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault) (bsc#1102073).

This non-security issue was fixed:

- Make use of the new 64-bit sequence number API in XCB 1.11.1 to avoid the 32-bit sequence number wrap in libX11 (bsc#1094327).

libxcb:

- Expose 64-bit sequence number from XCB API so that Xlib and others can use it even on 32-bit environment. (bsc#1094327)
Family:unixClass:patch
Status:Reference(s):1021578
1027519
1040039
1047184
1053431
1076118
1077724
1077725
1077978
1087289
1094327
1094725
1095242
1096224
1097521
1097522
1097523
1102062
1102068
1102073
1107832
1108963
1110233
1111634
1111635
1115375
1135715
1138459
1141780
1141782
1141783
1141784
1141785
1141786
1141787
1141789
1141853
1148931
1149496
1168404
1168407
1169066
964845
964847
964849
984650
991389
991390
991391
991746
997420
CVE-2013-1982
CVE-2015-3226
CVE-2015-3227
CVE-2015-8803
CVE-2015-8804
CVE-2015-8805
CVE-2016-1372
CVE-2016-5419
CVE-2016-5420
CVE-2016-5421
CVE-2016-7141
CVE-2017-10053
CVE-2017-10067
CVE-2017-10074
CVE-2017-10081
CVE-2017-10087
CVE-2017-10089
CVE-2017-10090
CVE-2017-10096
CVE-2017-10101
CVE-2017-10102
CVE-2017-10105
CVE-2017-10107
CVE-2017-10108
CVE-2017-10109
CVE-2017-10110
CVE-2017-10111
CVE-2017-10115
CVE-2017-10116
CVE-2017-10125
CVE-2017-10243
CVE-2017-17969
CVE-2017-3145
CVE-2018-1000807
CVE-2018-1000808
CVE-2018-11806
CVE-2018-12891
CVE-2018-12892
CVE-2018-12893
CVE-2018-14598
CVE-2018-14599
CVE-2018-14600
CVE-2018-14633
CVE-2018-14634
CVE-2018-17182
CVE-2018-20852
CVE-2018-3665
CVE-2018-5996
CVE-2019-10160
CVE-2019-2745
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2786
CVE-2019-2816
CVE-2019-2842
CVE-2019-5482
CVE-2019-7317
CVE-2019-8595
CVE-2019-8607
CVE-2019-8615
CVE-2019-8644
CVE-2019-8649
CVE-2019-8658
CVE-2019-8666
CVE-2019-8669
CVE-2019-8671
CVE-2019-8672
CVE-2019-8673
CVE-2019-8676
CVE-2019-8677
CVE-2019-8678
CVE-2019-8679
CVE-2019-8680
CVE-2019-8681
CVE-2019-8683
CVE-2019-8684
CVE-2019-8686
CVE-2019-8687
CVE-2019-8688
CVE-2019-8689
CVE-2019-8690
CVE-2020-1927
CVE-2020-1934
CVE-2020-1938
SUSE-SU-2016:0455-1
SUSE-SU-2016:2330-1
SUSE-SU-2017:2280-1
SUSE-SU-2018:0303-1
SUSE-SU-2018:0464-1
SUSE-SU-2018:2081-1
SUSE-SU-2018:3102-1
SUSE-SU-2018:4063-1
SUSE-SU-2019:2036-1
SUSE-SU-2019:2091-1
SUSE-SU-2019:2339-2
SUSE-SU-2019:2345-2
SUSE-SU-2020:1111-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.1 NonFree
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gcab-1.1-lp150.1 is installed
  • OR gcab-lang-1.1-lp150.1 is installed
  • OR libgcab-1_0-0-1.1-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libipa_hbac-devel-1.16.1-lp151.7.3 is installed
  • OR libipa_hbac0-1.16.1-lp151.7.3 is installed
  • OR libnfsidmap-sss-1.16.1-lp151.7.3 is installed
  • OR libsss_certmap-devel-1.16.1-lp151.7.3 is installed
  • OR libsss_certmap0-1.16.1-lp151.7.3 is installed
  • OR libsss_idmap-devel-1.16.1-lp151.7.3 is installed
  • OR libsss_idmap0-1.16.1-lp151.7.3 is installed
  • OR libsss_nss_idmap-devel-1.16.1-lp151.7.3 is installed
  • OR libsss_nss_idmap0-1.16.1-lp151.7.3 is installed
  • OR libsss_simpleifp-devel-1.16.1-lp151.7.3 is installed
  • OR libsss_simpleifp0-1.16.1-lp151.7.3 is installed
  • OR python3-ipa_hbac-1.16.1-lp151.7.3 is installed
  • OR python3-sss-murmur-1.16.1-lp151.7.3 is installed
  • OR python3-sss_nss_idmap-1.16.1-lp151.7.3 is installed
  • OR python3-sssd-config-1.16.1-lp151.7.3 is installed
  • OR sssd-1.16.1-lp151.7.3 is installed
  • OR sssd-32bit-1.16.1-lp151.7.3 is installed
  • OR sssd-ad-1.16.1-lp151.7.3 is installed
  • OR sssd-dbus-1.16.1-lp151.7.3 is installed
  • OR sssd-ipa-1.16.1-lp151.7.3 is installed
  • OR sssd-krb5-1.16.1-lp151.7.3 is installed
  • OR sssd-krb5-common-1.16.1-lp151.7.3 is installed
  • OR sssd-ldap-1.16.1-lp151.7.3 is installed
  • OR sssd-proxy-1.16.1-lp151.7.3 is installed
  • OR sssd-tools-1.16.1-lp151.7.3 is installed
  • OR sssd-wbclient-1.16.1-lp151.7.3 is installed
  • OR sssd-wbclient-devel-1.16.1-lp151.7.3 is installed
  • OR sssd-winbind-idmap-1.16.1-lp151.7.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 NonFree is installed
  • AND opera-67.0.3575.97-lp151.2.12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libX11-1.6.2-12.5 is installed
  • OR libX11-6-1.6.2-12.5 is installed
  • OR libX11-6-32bit-1.6.2-12.5 is installed
  • OR libX11-data-1.6.2-12.5 is installed
  • OR libX11-xcb1-1.6.2-12.5 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.5 is installed
  • OR libxcb-1.10-4.3 is installed
  • OR libxcb-dri2-0-1.10-4.3 is installed
  • OR libxcb-dri2-0-32bit-1.10-4.3 is installed
  • OR libxcb-dri3-0-1.10-4.3 is installed
  • OR libxcb-dri3-0-32bit-1.10-4.3 is installed
  • OR libxcb-glx0-1.10-4.3 is installed
  • OR libxcb-glx0-32bit-1.10-4.3 is installed
  • OR libxcb-present0-1.10-4.3 is installed
  • OR libxcb-present0-32bit-1.10-4.3 is installed
  • OR libxcb-randr0-1.10-4.3 is installed
  • OR libxcb-render0-1.10-4.3 is installed
  • OR libxcb-render0-32bit-1.10-4.3 is installed
  • OR libxcb-shape0-1.10-4.3 is installed
  • OR libxcb-shm0-1.10-4.3 is installed
  • OR libxcb-shm0-32bit-1.10-4.3 is installed
  • OR libxcb-sync1-1.10-4.3 is installed
  • OR libxcb-sync1-32bit-1.10-4.3 is installed
  • OR libxcb-xf86dri0-1.10-4.3 is installed
  • OR libxcb-xfixes0-1.10-4.3 is installed
  • OR libxcb-xfixes0-32bit-1.10-4.3 is installed
  • OR libxcb-xinerama0-1.10-4.3 is installed
  • OR libxcb-xkb1-1.10-4.3 is installed
  • OR libxcb-xkb1-32bit-1.10-4.3 is installed
  • OR libxcb-xv0-1.10-4.3 is installed
  • OR libxcb1-1.10-4.3 is installed
  • OR libxcb1-32bit-1.10-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • curl-7.37.0-28 is installed
  • OR libcurl4-7.37.0-28 is installed
  • OR libcurl4-32bit-7.37.0-28 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.10-38.5 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libXext6-1.3.2-3 is installed
  • OR libXext6-32bit-1.3.2-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.25-30.39 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.25-30.39 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.25-30.39 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.25-30.39 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libwireshark9-2.4.9-48.29 is installed
  • OR libwiretap7-2.4.9-48.29 is installed
  • OR libwscodecs1-2.4.9-48.29 is installed
  • OR libwsutil8-2.4.9-48.29 is installed
  • OR wireshark-2.4.9-48.29 is installed
  • OR wireshark-gtk-2.4.9-48.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_45-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_14-7-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND davfs2-1.5.2-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • qemu-2.9.1-6.44 is installed
  • OR qemu-block-curl-2.9.1-6.44 is installed
  • OR qemu-block-iscsi-2.9.1-6.44 is installed
  • OR qemu-block-rbd-2.9.1-6.44 is installed
  • OR qemu-block-ssh-2.9.1-6.44 is installed
  • OR qemu-guest-agent-2.9.1-6.44 is installed
  • OR qemu-ipxe-1.0.0+-6.44 is installed
  • OR qemu-kvm-2.9.1-6.44 is installed
  • OR qemu-lang-2.9.1-6.44 is installed
  • OR qemu-seabios-1.10.2-6.44 is installed
  • OR qemu-sgabios-8-6.44 is installed
  • OR qemu-tools-2.9.1-6.44 is installed
  • OR qemu-vgabios-1.10.2-6.44 is installed
  • OR qemu-x86-2.9.1-6.44 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND golang-github-prometheus-node_exporter-0.18.1-1.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • bzip2-1.0.6-29 is installed
  • OR bzip2-doc-1.0.6-29 is installed
  • OR libbz2-1-1.0.6-29 is installed
  • OR libbz2-1-32bit-1.0.6-29 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-activesupport-4_2-4.2.2-2 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND python-setuptools-18.0.1-4.8 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • xen-4.7.6_02-43.36 is installed
  • OR xen-doc-html-4.7.6_02-43.36 is installed
  • OR xen-libs-4.7.6_02-43.36 is installed
  • OR xen-libs-32bit-4.7.6_02-43.36 is installed
  • OR xen-tools-4.7.6_02-43.36 is installed
  • OR xen-tools-domU-4.7.6_02-43.36 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
  • OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
  • OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
  • OR webkit2gtk3-2.24.4-2.47 is installed
  • BACK