Oval Definition:	oval:org.opensuse.security:def:56635
Revision Date: 2020-12-01 Version: 1 Title: Security update for zziplib (Moderate) Description: This update for zziplib fixes the following issues: - CVE-2018-17828: Remove any '../' components from pathnames of extracted files to avoid path traversal during unpacking. (bsc#1110687) Family: unix Class: patch Status: Reference(s): 1007869 1007870 1007871 1027353 1052311 1052368 1056865 1081164 1081556 1087200 1102775 1104668 1109412 1109413 1109414 1109465 1110687 1111122 1111996 1112534 1112535 1113247 1113252 1113255 1114674 1116827 1117473 1118830 1118831 1120640 1121034 1121035 1121056 1123156 1123482 1124525 1133131 1133232 1133810 1140868 1141913 1142772 1145559 1145665 1146873 1149323 1149811 1161066 1163018 1166240 1170940 798458 817781 857188 858676 858677 926826 965803 965807 965810 974449 974614 974618 975069 975070 983273 CVE-2009-2412 CVE-2011-0419 CVE-2011-1928 CVE-2011-4971 CVE-2013-0179 CVE-2013-7239 CVE-2013-7290 CVE-2013-7291 CVE-2015-8899 CVE-2016-1521 CVE-2016-1523 CVE-2016-1526 CVE-2016-3622 CVE-2016-3623 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-8704 CVE-2016-8705 CVE-2016-8706 CVE-2017-1000112 CVE-2017-12133 CVE-2017-9951 CVE-2018-1000876 CVE-2018-12539 CVE-2018-1517 CVE-2018-1656 CVE-2018-17358 CVE-2018-17359 CVE-2018-17360 CVE-2018-17828 CVE-2018-17985 CVE-2018-18065 CVE-2018-18309 CVE-2018-18311 CVE-2018-18483 CVE-2018-18484 CVE-2018-18605 CVE-2018-18606 CVE-2018-18607 CVE-2018-19931 CVE-2018-19932 CVE-2018-20623 CVE-2018-20651 CVE-2018-20671 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2019-1010180 CVE-2019-11500 CVE-2019-11709 CVE-2019-11710 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11714 CVE-2019-11715 CVE-2019-11716 CVE-2019-11717 CVE-2019-11718 CVE-2019-11719 CVE-2019-11720 CVE-2019-11721 CVE-2019-11723 CVE-2019-11724 CVE-2019-11725 CVE-2019-11727 CVE-2019-11728 CVE-2019-11729 CVE-2019-11730 CVE-2019-11733 CVE-2019-11735 CVE-2019-11736 CVE-2019-11738 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11747 CVE-2019-11748 CVE-2019-11749 CVE-2019-11750 CVE-2019-11751 CVE-2019-11752 CVE-2019-11753 CVE-2019-12068 CVE-2019-15890 CVE-2019-6778 CVE-2019-9811 CVE-2019-9812 CVE-2020-1711 CVE-2020-1983 CVE-2020-7039 CVE-2020-8608 SUSE-SU-2015:2056-2 SUSE-SU-2016:0779-1 SUSE-SU-2016:2508-1 SUSE-SU-2016:3269-1 SUSE-SU-2017:2442-1 SUSE-SU-2018:0655-1 SUSE-SU-2018:0807-1 SUSE-SU-2018:2649-1 SUSE-SU-2018:3379-1 SUSE-SU-2018:3447-1 SUSE-SU-2019:2264-1 SUSE-SU-2019:2454-1 SUSE-SU-2019:2620-1 SUSE-SU-2019:2650-1 SUSE-SU-2020:1514-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gpg2-2.2.5-lp150.2 is installed OR gpg2-lang-2.2.5-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information ncat-7.70-lp151.3.3 is installed OR ndiff-7.70-lp151.3.3 is installed OR nmap-7.70-lp151.3.3 is installed OR nping-7.70-lp151.3.3 is installed OR zenmap-7.70-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libzzip-0-13-0.13.67-10.14 is installed OR zziplib-0.13.67-10.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libksba-1.3.0-18 is installed OR libksba8-1.3.0-18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_35-default-5-2 is installed OR kgraft-patch-3_12_69-60_64_35-xen-5-2 is installed OR kgraft-patch-SLE12-SP1_Update_14-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND libapr1-1.5.1-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ImageMagick-6.8.8.1-71.108 is installed OR ImageMagick-config-6-SUSE-6.8.8.1-71.108 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.108 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.108 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.108 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_90-92_45-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_14-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information fetchmail-6.3.26-12 is installed OR fetchmailconf-6.3.26-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information curl-7.37.0-37.47 is installed OR libcurl4-7.37.0-37.47 is installed OR libcurl4-32bit-7.37.0-37.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.60-38.47 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.60-38.47 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.60-38.47 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.60-38.47 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.60-38.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cups-pk-helper-0.2.5-5 is installed OR cups-pk-helper-lang-0.2.5-5 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information dnsmasq-2.71-13 is installed OR dnsmasq-utils-2.71-13 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed
BACK