OVAL Reference oval:org.opensuse.security:def:56647

Oval Definition:

oval:org.opensuse.security:def:56647

Revision Date:	2020-12-01	Version:	1
Title:	Security update for python, python-base (Moderate)
Description:	This update for python, python-base fixes the following issues: Security issues fixed: - CVE-2018-1000802: Prevent command injection in shutil module (make_archive function) via passage of unfiltered user input (bsc#1109663). - CVE-2018-1061: Fixed DoS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (bsc#1088004). - CVE-2018-1060: Fixed DoS via regular expression catastrophic backtracking in apop() method in pop3lib (bsc#1088009). Bug fixes: - bsc#1086001: python tarfile uses random order.
Family:	unix	Class:	patch
Status:		Reference(s):	1004237 1042419 1046779 1058565 1058622 1058624 1076537 1082299 1082318 1083125 1083242 1083275 1084521 1084524 1084532 1084536 1085279 1085331 1086001 1086162 1086194 1087088 1087260 1088004 1088009 1088147 1088260 1088261 1089608 1089752 1090643 1092885 1096223 1098735 1109663 1112039 1118597 1119376 1128828 1129071 1130246 1132663 1142614 1153332 1154862 1161167 947165 954018 954405 956408 956409 956411 956592 956832 971942 CVE-2009-0946 CVE-2010-2497 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2010-3855 CVE-2011-0226 CVE-2011-3256 CVE-2011-3439 CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2014-2240 CVE-2014-2241 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2015-3259 CVE-2015-4106 CVE-2015-5154 CVE-2015-5239 CVE-2015-5307 CVE-2015-6815 CVE-2015-7311 CVE-2015-7504 CVE-2015-7835 CVE-2015-8104 CVE-2015-8339 CVE-2015-8340 CVE-2015-8341 CVE-2015-8345 CVE-2016-3119 CVE-2016-8602 CVE-2017-0861 CVE-2017-11089 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-13220 CVE-2017-18203 CVE-2017-7506 CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 CVE-2018-1000802 CVE-2018-10087 CVE-2018-10124 CVE-2018-1060 CVE-2018-1061 CVE-2018-1087 CVE-2018-11806 CVE-2018-12617 CVE-2018-16301 CVE-2018-18386 CVE-2018-19870 CVE-2018-19872 CVE-2018-20060 CVE-2018-3639 CVE-2018-7757 CVE-2018-8781 CVE-2018-8822 CVE-2018-8897 CVE-2019-11236 CVE-2019-15165 CVE-2019-17498 CVE-2019-9740 CVE-2019-9893 CVE-2020-0569 SUSE-SU-2015:2324-1 SUSE-SU-2016:0994-1 SUSE-SU-2016:2654-1 SUSE-SU-2017:1832-1 SUSE-SU-2017:2726-1 SUSE-SU-2018:0769-1 SUSE-SU-2018:1220-1 SUSE-SU-2018:2973-1 SUSE-SU-2018:3554-1 SUSE-SU-2019:2399-1 SUSE-SU-2019:2669-1 SUSE-SU-2019:2936-1 SUSE-SU-2019:2941-1 SUSE-SU-2020:0319-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND hardlink-1.0+git.e66999f-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information bind-9.11.2-lp151.11.3 is installed OR bind-chrootenv-9.11.2-lp151.11.3 is installed OR bind-devel-9.11.2-lp151.11.3 is installed OR bind-devel-32bit-9.11.2-lp151.11.3 is installed OR bind-doc-9.11.2-lp151.11.3 is installed OR bind-lwresd-9.11.2-lp151.11.3 is installed OR bind-utils-9.11.2-lp151.11.3 is installed OR libbind9-160-9.11.2-lp151.11.3 is installed OR libbind9-160-32bit-9.11.2-lp151.11.3 is installed OR libdns169-9.11.2-lp151.11.3 is installed OR libdns169-32bit-9.11.2-lp151.11.3 is installed OR libirs-devel-9.11.2-lp151.11.3 is installed OR libirs160-9.11.2-lp151.11.3 is installed OR libirs160-32bit-9.11.2-lp151.11.3 is installed OR libisc166-9.11.2-lp151.11.3 is installed OR libisc166-32bit-9.11.2-lp151.11.3 is installed OR libisccc160-9.11.2-lp151.11.3 is installed OR libisccc160-32bit-9.11.2-lp151.11.3 is installed OR libisccfg160-9.11.2-lp151.11.3 is installed OR libisccfg160-32bit-9.11.2-lp151.11.3 is installed OR liblwres160-9.11.2-lp151.11.3 is installed OR liblwres160-32bit-9.11.2-lp151.11.3 is installed OR python3-bind-9.11.2-lp151.11.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libpython2_7-1_0-2.7.13-28.16 is installed OR libpython2_7-1_0-32bit-2.7.13-28.16 is installed OR python-2.7.13-28.16 is installed OR python-base-2.7.13-28.16 is installed OR python-curses-2.7.13-28.16 is installed OR python-devel-2.7.13-28.16 is installed OR python-tk-2.7.13-28.16 is installed OR python-xml-2.7.13-28.16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information xen-4.5.2_02-4 is installed OR xen-doc-html-4.5.2_02-4 is installed OR xen-kmp-default-4.5.2_02_k3.12.49_11-4 is installed OR xen-libs-4.5.2_02-4 is installed OR xen-libs-32bit-4.5.2_02-4 is installed OR xen-tools-4.5.2_02-4 is installed OR xen-tools-domU-4.5.2_02-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libdcerpc-binding0-4.2.4-28.19 is installed OR libdcerpc-binding0-32bit-4.2.4-28.19 is installed OR libdcerpc0-4.2.4-28.19 is installed OR libdcerpc0-32bit-4.2.4-28.19 is installed OR libgensec0-4.2.4-28.19 is installed OR libgensec0-32bit-4.2.4-28.19 is installed OR libndr-krb5pac0-4.2.4-28.19 is installed OR libndr-krb5pac0-32bit-4.2.4-28.19 is installed OR libndr-nbt0-4.2.4-28.19 is installed OR libndr-nbt0-32bit-4.2.4-28.19 is installed OR libndr-standard0-4.2.4-28.19 is installed OR libndr-standard0-32bit-4.2.4-28.19 is installed OR libndr0-4.2.4-28.19 is installed OR libndr0-32bit-4.2.4-28.19 is installed OR libnetapi0-4.2.4-28.19 is installed OR libnetapi0-32bit-4.2.4-28.19 is installed OR libregistry0-4.2.4-28.19 is installed OR libsamba-credentials0-4.2.4-28.19 is installed OR libsamba-credentials0-32bit-4.2.4-28.19 is installed OR libsamba-hostconfig0-4.2.4-28.19 is installed OR libsamba-hostconfig0-32bit-4.2.4-28.19 is installed OR libsamba-passdb0-4.2.4-28.19 is installed OR libsamba-passdb0-32bit-4.2.4-28.19 is installed OR libsamba-util0-4.2.4-28.19 is installed OR libsamba-util0-32bit-4.2.4-28.19 is installed OR libsamdb0-4.2.4-28.19 is installed OR libsamdb0-32bit-4.2.4-28.19 is installed OR libsmbclient-raw0-4.2.4-28.19 is installed OR libsmbclient-raw0-32bit-4.2.4-28.19 is installed OR libsmbclient0-4.2.4-28.19 is installed OR libsmbclient0-32bit-4.2.4-28.19 is installed OR libsmbconf0-4.2.4-28.19 is installed OR libsmbconf0-32bit-4.2.4-28.19 is installed OR libsmbldap0-4.2.4-28.19 is installed OR libsmbldap0-32bit-4.2.4-28.19 is installed OR libtevent-util0-4.2.4-28.19 is installed OR libtevent-util0-32bit-4.2.4-28.19 is installed OR libwbclient0-4.2.4-28.19 is installed OR libwbclient0-32bit-4.2.4-28.19 is installed OR samba-4.2.4-28.19 is installed OR samba-32bit-4.2.4-28.19 is installed OR samba-client-4.2.4-28.19 is installed OR samba-client-32bit-4.2.4-28.19 is installed OR samba-doc-4.2.4-28.19 is installed OR samba-libs-4.2.4-28.19 is installed OR samba-libs-32bit-4.2.4-28.19 is installed OR samba-winbind-4.2.4-28.19 is installed OR samba-winbind-32bit-4.2.4-28.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libfreetype6-2.6.3-7.8 is installed OR libfreetype6-32bit-2.6.3-7.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-openjdk-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-demo-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-devel-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-headless-1.8.0.212-27.32 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND git-core-2.12.3-26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_57-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_18-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dracut-044.1-9 is installed OR dracut-fips-044.1-9 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information libspice-server1-0.12.5-10 is installed OR spice-0.12.5-10 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information qemu-2.6.2-41.43 is installed OR qemu-block-curl-2.6.2-41.43 is installed OR qemu-block-rbd-2.6.2-41.43 is installed OR qemu-block-ssh-2.6.2-41.43 is installed OR qemu-guest-agent-2.6.2-41.43 is installed OR qemu-ipxe-1.0.0-41.43 is installed OR qemu-kvm-2.6.2-41.43 is installed OR qemu-lang-2.6.2-41.43 is installed OR qemu-s390-2.6.2-41.43 is installed OR qemu-seabios-1.9.1-41.43 is installed OR qemu-sgabios-8-41.43 is installed OR qemu-tools-2.6.2-41.43 is installed OR qemu-vgabios-1.9.1-41.43 is installed OR qemu-x86-2.6.2-41.43 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Django1-1.11.20-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND ucode-intel-20191112a-13.56 is installed

BACK