OVAL Reference oval:org.opensuse.security:def:56623

Oval Definition:

oval:org.opensuse.security:def:56623

Revision Date:	2020-12-01	Version:	1
Title:	Security update for fuse (Moderate)
Description:	This update for fuse fixes the following security issue: - CVE-2018-10906: fusermount was vulnerable to a restriction bypass when SELinux is active. This allowed non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects (bsc#1101797)
Family:	unix	Class:	patch
Status:		Reference(s):	1023415 1051684 1051685 1053259 1059061 1068032 1073935 1076119 1082858 1101410 1101412 1101654 1101797 1103040 1107832 1108963 1110233 1135902 1137825 1139945 1140402 1143794 1150011 1165439 1166844 578053 954210 966435 966436 987170 990856 CVE-2007-4772 CVE-2013-0156 CVE-2013-1985 CVE-2015-8079 CVE-2016-0766 CVE-2016-0773 CVE-2016-6354 CVE-2017-3144 CVE-2017-5715 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 CVE-2018-0360 CVE-2018-0361 CVE-2018-1000085 CVE-2018-10906 CVE-2018-14633 CVE-2018-14634 CVE-2018-14679 CVE-2018-17182 CVE-2019-12155 CVE-2019-12387 CVE-2019-12781 CVE-2019-13164 CVE-2019-14378 CVE-2019-14822 CVE-2020-10531 CVE-2020-1747 SUSE-SU-2016:0555-1 SUSE-SU-2016:2397-1 SUSE-SU-2017:2356-1 SUSE-SU-2018:0041-1 SUSE-SU-2018:0532-1 SUSE-SU-2018:2323-1 SUSE-SU-2018:3219-1 SUSE-SU-2019:2066-1 SUSE-SU-2019:2221-1 SUSE-SU-2019:2379-1 SUSE-SU-2019:2389-1 SUSE-SU-2020:1180-1 SUSE-SU-2020:1285-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gegl-0_3-0.3.34-lp150.1 is installed OR gegl-0_3-lang-0.3.34-lp150.1 is installed OR libgegl-0_3-0-0.3.34-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libnetpbm-devel-10.80.1-lp151.4.3 is installed OR libnetpbm11-10.80.1-lp151.4.3 is installed OR libnetpbm11-32bit-10.80.1-lp151.4.3 is installed OR netpbm-10.80.1-lp151.4.3 is installed OR netpbm-vulnerable-10.80.1-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information fuse-2.9.3-6.3 is installed OR libfuse2-2.9.3-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information at-3.1.14-7 is installed OR cyrus-imapd-2.3.18-40 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR kdelibs4-4.12.0-7 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed OR libkde4-4.12.0-7 is installed OR libkde4-32bit-4.12.0-7 is installed OR libkdecore4-4.12.0-7 is installed OR libkdecore4-32bit-4.12.0-7 is installed OR libksuseinstall1-4.12.0-7 is installed OR libksuseinstall1-32bit-4.12.0-7 is installed OR libnetpbm11-10.66.3-4 is installed OR libnetpbm11-32bit-10.66.3-4 is installed OR netpbm-10.66.3-4 is installed OR openslp-2.0.0-11 is installed OR openslp-32bit-2.0.0-11 is installed OR openslp-server-2.0.0-11 is installed OR perl-Cyrus-IMAP-2.3.18-40 is installed OR perl-Cyrus-SIEVE-managesieve-2.3.18-40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libecpg6-9.6.4-3.6 is installed OR libpq5-9.6.4-3.6 is installed OR libpq5-32bit-9.6.4-3.6 is installed OR postgresql96-9.6.4-3.6 is installed OR postgresql96-contrib-9.6.4-3.6 is installed OR postgresql96-docs-9.6.4-3.6 is installed OR postgresql96-libs-9.6.4-3.6 is installed OR postgresql96-server-9.6.4-3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXinerama1-1.1.3-3 is installed OR libXinerama1-32bit-1.1.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.4.0esr-109.55 is installed OR MozillaFirefox-devel-60.4.0esr-109.55 is installed OR MozillaFirefox-translations-common-60.4.0esr-109.55 is installed OR libfreebl3-3.40.1-58.18 is installed OR libfreebl3-32bit-3.40.1-58.18 is installed OR libsoftokn3-3.40.1-58.18 is installed OR libsoftokn3-32bit-3.40.1-58.18 is installed OR mozilla-nspr-4.20-19.6 is installed OR mozilla-nspr-32bit-4.20-19.6 is installed OR mozilla-nss-3.40.1-58.18 is installed OR mozilla-nss-32bit-3.40.1-58.18 is installed OR mozilla-nss-certs-3.40.1-58.18 is installed OR mozilla-nss-certs-32bit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-32bit-3.40.1-58.18 is installed OR mozilla-nss-tools-3.40.1-58.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information qemu-2.6.2-41.43 is installed OR qemu-block-curl-2.6.2-41.43 is installed OR qemu-block-rbd-2.6.2-41.43 is installed OR qemu-block-ssh-2.6.2-41.43 is installed OR qemu-guest-agent-2.6.2-41.43 is installed OR qemu-ipxe-1.0.0-41.43 is installed OR qemu-kvm-2.6.2-41.43 is installed OR qemu-lang-2.6.2-41.43 is installed OR qemu-seabios-1.9.1-41.43 is installed OR qemu-sgabios-8-41.43 is installed OR qemu-tools-2.6.2-41.43 is installed OR qemu-vgabios-1.9.1-41.43 is installed OR qemu-x86-2.6.2-41.43 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND dnsmasq-2.76-17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_0-openjdk-1.7.0.261-43.38 is installed OR java-1_7_0-openjdk-demo-1.7.0.261-43.38 is installed OR java-1_7_0-openjdk-devel-1.7.0.261-43.38 is installed OR java-1_7_0-openjdk-headless-1.7.0.261-43.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND clamav-0.100.2-33.18 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-extlib-0.9.16-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 6-LTSS is installed AND python-PyYAML-5.1.2-26.12 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND clamav-0.100.1-33.15 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed

BACK