Oval Definition:oval:org.opensuse.security:def:56640
Revision Date:2020-12-01Version:1
Title:Security update for clamav (Moderate)
Description:

This update for clamav fixes the following issues:

clamav was updated to version 0.100.2:

- CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. (bsc#1110723) - CVE-2018-14680, CVE-2018-14681, CVE-2018-14682: more fixes for embedded libmspack. (bsc#1103040)

- Make freshclam more robust against lagging signature mirrors. - On-Access 'Extra Scanning', an opt-in minor feature of OnAccess scanning on Linux systems, has been disabled due to a known issue with resource cleanup OnAccessExtraScanning will be re-enabled in a future release when the issue is resolved. In the mean-time, users who enabled the feature in clamd.conf will see a warning informing them that the feature is not active. For details, see: https://bugzilla.clamav.net/show_bug.cgi?id=12048

- Restore exit code compatibility of freshclam with versions before 0.100.0 when the virus database is already up to date (bsc#1104457).
Family:unixClass:patch
Status:Reference(s):1003898
1044947
1047002
1056278
1056280
1056281
1056282
1057406
1082877
1086774
1086775
1086813
1086814
1086817
1086820
1103040
1104457
1105437
1105459
1105460
1110723
1112852
1126140
1126141
1126192
1126195
1126196
1126198
1126201
1127400
1141780
1141782
1141783
1141785
1141789
1143797
1146874
1147021
1149813
1150733
1151021
1160467
1160468
939342
953817
963017
CVE-2009-1886
CVE-2009-1888
CVE-2009-2813
CVE-2009-2906
CVE-2009-2948
CVE-2010-0547
CVE-2010-0728
CVE-2010-0787
CVE-2010-0926
CVE-2010-1635
CVE-2010-1642
CVE-2010-2063
CVE-2010-3069
CVE-2011-0719
CVE-2011-2522
CVE-2011-2694
CVE-2012-0817
CVE-2012-0870
CVE-2012-1182
CVE-2012-2111
CVE-2012-6150
CVE-2013-0172
CVE-2013-0213
CVE-2013-0214
CVE-2013-0454
CVE-2013-1863
CVE-2013-4124
CVE-2013-4408
CVE-2013-4475
CVE-2013-4476
CVE-2013-4496
CVE-2013-6442
CVE-2014-0178
CVE-2014-0239
CVE-2014-0244
CVE-2014-3493
CVE-2014-3560
CVE-2014-8143
CVE-2015-0240
CVE-2015-3223
CVE-2015-3228
CVE-2015-5252
CVE-2015-5296
CVE-2015-5299
CVE-2015-5330
CVE-2015-5370
CVE-2015-7560
CVE-2015-8023
CVE-2015-8467
CVE-2016-2110
CVE-2016-2111
CVE-2016-2112
CVE-2016-2113
CVE-2016-2115
CVE-2016-2118
CVE-2016-2119
CVE-2017-10790
CVE-2017-14316
CVE-2017-14317
CVE-2017-14318
CVE-2017-14319
CVE-2017-15710
CVE-2017-15715
CVE-2017-18201
CVE-2017-7508
CVE-2017-7520
CVE-2017-7521
CVE-2018-10844
CVE-2018-10845
CVE-2018-10846
CVE-2018-12389
CVE-2018-12390
CVE-2018-12392
CVE-2018-12393
CVE-2018-12395
CVE-2018-12396
CVE-2018-12397
CVE-2018-1283
CVE-2018-1301
CVE-2018-1303
CVE-2018-1312
CVE-2018-14680
CVE-2018-14681
CVE-2018-14682
CVE-2018-15378
CVE-2019-11771
CVE-2019-11775
CVE-2019-12068
CVE-2019-14378
CVE-2019-14835
CVE-2019-14896
CVE-2019-14897
CVE-2019-15890
CVE-2019-17340
CVE-2019-17341
CVE-2019-17342
CVE-2019-17343
CVE-2019-17344
CVE-2019-17346
CVE-2019-17347
CVE-2019-17348
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2816
CVE-2019-3689
CVE-2019-4473
CVE-2019-7317
SUSE-SU-2015:2183-2
SUSE-SU-2016:0884-1
SUSE-SU-2016:2565-1
SUSE-SU-2017:1635-1
SUSE-SU-2017:2466-1
SUSE-SU-2018:0673-1
SUSE-SU-2018:0879-1
SUSE-SU-2018:2825-1
SUSE-SU-2018:3436-1
SUSE-SU-2018:3749-1
SUSE-SU-2019:2336-1
SUSE-SU-2019:2781-1
SUSE-SU-2019:2783-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.1 NonFree
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gstreamer-1.12.5-lp150.1 is installed
  • OR gstreamer-lang-1.12.5-lp150.1 is installed
  • OR gstreamer-utils-1.12.5-lp150.1 is installed
  • OR libgstreamer-1_0-0-1.12.5-lp150.1 is installed
  • OR typelib-1_0-Gst-1_0-1.12.5-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • GraphicsMagick-1.3.29-lp151.4.3 is installed
  • OR GraphicsMagick-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick3-config-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.3 is installed
  • OR perl-GraphicsMagick-1.3.29-lp151.4.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 NonFree is installed
  • AND opera-63.0.3368.66-lp151.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND clamav-0.100.2-33.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • strongswan-5.1.3-22 is installed
  • OR strongswan-doc-5.1.3-22 is installed
  • OR strongswan-hmac-5.1.3-22 is installed
  • OR strongswan-ipsec-5.1.3-22 is installed
  • OR strongswan-libs0-5.1.3-22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • xen-4.5.5_16-22.28 is installed
  • OR xen-doc-html-4.5.5_16-22.28 is installed
  • OR xen-kmp-default-4.5.5_16_k3.12.74_60.64.57-22.28 is installed
  • OR xen-libs-4.5.5_16-22.28 is installed
  • OR xen-libs-32bit-4.5.5_16-22.28 is installed
  • OR xen-tools-4.5.5_16-22.28 is installed
  • OR xen-tools-domU-4.5.5_16-22.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libdcerpc-atsvc0-4.2.4-26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • krb5-1.12.5-40.31 is installed
  • OR krb5-32bit-1.12.5-40.31 is installed
  • OR krb5-client-1.12.5-40.31 is installed
  • OR krb5-doc-1.12.5-40.31 is installed
  • OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed
  • OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed
  • OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed
  • OR krb5-server-1.12.5-40.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • git-2.12.3-27.14 is installed
  • OR git-core-2.12.3-27.14 is installed
  • OR git-doc-2.12.3-27.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • fuse-2.9.3-5 is installed
  • OR libfuse2-2.9.3-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND squid-3.5.21-26.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • dbus-1-1.8.22-29.10 is installed
  • OR dbus-1-x11-1.8.22-29.10 is installed
  • OR libdbus-1-3-1.8.22-29.10 is installed
  • OR libdbus-1-3-32bit-1.8.22-29.10 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openvpn-2.3.8-16.17 is installed
  • OR openvpn-auth-pam-plugin-2.3.8-16.17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • gnutls-3.2.15-18.6 is installed
  • OR libgnutls-openssl27-3.2.15-18.6 is installed
  • OR libgnutls28-3.2.15-18.6 is installed
  • OR libgnutls28-32bit-3.2.15-18.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-haml-4.0.6-3.3 is installed
  • OR rubygem-haml-4.0.6-3.3 is installed
    • BACK