Oval Definition:	oval:org.opensuse.security:def:56657
Revision Date: 2020-12-01 Version: 1 Title: security update for spice-vdagent (Moderate) Description: This update for spice-vdagent provides the following fixes: This security issue was fixed: - CVE-2017-15108: Properly escape save directory that is passed to the shell to prevent local attacker with access to the session the agent runs from injecting arbitrary commands to be executed (bsc#1070724). This non-security issue was fixed: - Implement endian swapping, required for big-endian guests to connect to the spice client successfully. (bsc#1012215) Family: unix Class: patch Status: Reference(s): 1000998 1012215 1021578 1053431 1068664 1070724 1084850 1087200 1104199 1104202 1109465 1111634 1111635 1117473 1117665 1123482 1123959 1124525 1133810 1137586 1137865 1137944 1139073 1139751 1140868 1142857 1144504 1144903 1145477 1145665 1145922 1146042 1146163 1146285 1146361 1146378 1146391 1146413 1146425 1146512 1146514 1146516 1146519 1146524 1146526 1146529 1146540 1146543 1146547 1146584 1146612 1147122 1148938 1149323 1149376 1149458 1149522 1149527 1149555 1150025 1150112 1150452 1150457 1150465 1151347 1151350 1151839 1152782 1152788 1153119 1154328 1155671 1159208 1159623 947494 966891 972335 975947 978993 982331 983164 984990 985609 985665 985669 985673 985675 985679 985682 985685 985688 985689 985697 985698 985700 985703 985704 985706 985826 985832 985835 987176 988361 994399 999278 CVE-2012-0876 CVE-2014-9654 CVE-2015-8918 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8928 CVE-2015-8929 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-0718 CVE-2016-10906 CVE-2016-3627 CVE-2016-4300 CVE-2016-4301 CVE-2016-4302 CVE-2016-4472 CVE-2016-4809 CVE-2016-5011 CVE-2016-7545 CVE-2016-9063 CVE-2017-1000158 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10081 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10115 CVE-2017-10116 CVE-2017-10125 CVE-2017-10243 CVE-2017-15108 CVE-2017-18509 CVE-2017-18551 CVE-2017-18595 CVE-2017-9233 CVE-2018-1000807 CVE-2018-1000808 CVE-2018-10915 CVE-2018-10925 CVE-2018-12207 CVE-2018-20976 CVE-2018-7999 CVE-2019-10207 CVE-2019-10220 CVE-2019-11135 CVE-2019-11477 CVE-2019-11709 CVE-2019-11710 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11714 CVE-2019-11715 CVE-2019-11716 CVE-2019-11717 CVE-2019-11718 CVE-2019-11719 CVE-2019-11720 CVE-2019-11721 CVE-2019-11723 CVE-2019-11724 CVE-2019-11725 CVE-2019-11727 CVE-2019-11728 CVE-2019-11729 CVE-2019-11730 CVE-2019-11733 CVE-2019-11735 CVE-2019-11736 CVE-2019-11738 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11747 CVE-2019-11748 CVE-2019-11749 CVE-2019-11750 CVE-2019-11751 CVE-2019-11752 CVE-2019-11753 CVE-2019-12625 CVE-2019-12900 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14821 CVE-2019-14835 CVE-2019-15098 CVE-2019-15118 CVE-2019-15212 CVE-2019-15215 CVE-2019-15216 CVE-2019-15217 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15290 CVE-2019-15291 CVE-2019-15505 CVE-2019-15807 CVE-2019-15902 CVE-2019-15926 CVE-2019-15927 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16413 CVE-2019-17055 CVE-2019-17056 CVE-2019-3693 CVE-2019-9456 CVE-2019-9506 CVE-2019-9811 CVE-2019-9812 SUSE-SU-2016:1204-1 SUSE-SU-2016:1909-1 SUSE-SU-2016:2764-1 SUSE-SU-2017:0340-1 SUSE-SU-2017:2280-1 SUSE-SU-2018:0372-1 SUSE-SU-2018:0858-1 SUSE-SU-2018:3377-1 SUSE-SU-2018:4063-1 SUSE-SU-2019:2620-1 SUSE-SU-2019:2950-1 SUSE-SU-2019:3066-1 SUSE-SU-2019:3076-1 SUSE-SU-2020:0497-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND kdebase4-workspace-libs-4.11.22-lp150.7 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information elfutils-0.168-lp151.4.3 is installed OR elfutils-lang-0.168-lp151.4.3 is installed OR libasm-devel-0.168-lp151.4.3 is installed OR libasm1-0.168-lp151.4.3 is installed OR libasm1-32bit-0.168-lp151.4.3 is installed OR libdw-devel-0.168-lp151.4.3 is installed OR libdw1-0.168-lp151.4.3 is installed OR libdw1-32bit-0.168-lp151.4.3 is installed OR libebl-devel-0.168-lp151.4.3 is installed OR libebl-plugins-0.168-lp151.4.3 is installed OR libebl-plugins-32bit-0.168-lp151.4.3 is installed OR libelf-devel-0.168-lp151.4.3 is installed OR libelf-devel-32bit-0.168-lp151.4.3 is installed OR libelf1-0.168-lp151.4.3 is installed OR libelf1-32bit-0.168-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND spice-vdagent-0.16.0-8.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libarchive-3.1.2-22 is installed OR libarchive13-3.1.2-22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information python-setuptools-18.0.1-4.8 is installed OR python3-setuptools-18.0.1-4.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libicu-doc-52.1-7 is installed OR libicu52_1-52.1-7 is installed OR libicu52_1-32bit-52.1-7 is installed OR libicu52_1-data-52.1-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND shadow-4.2.1-27.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_32-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_11-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information grub2-2.02-2 is installed OR grub2-arm64-efi-2.02-2 is installed OR grub2-i386-pc-2.02-2 is installed OR grub2-powerpc-ieee1275-2.02-2 is installed OR grub2-s390x-emu-2.02-2 is installed OR grub2-snapper-plugin-2.02-2 is installed OR grub2-systemd-sleep-plugin-2.02-2 is installed OR grub2-x86_64-efi-2.02-2 is installed OR grub2-x86_64-xen-2.02-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information wicked-0.6.60-38.27 is installed OR wicked-service-0.6.60-38.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information file-5.22-10.6 is installed OR file-magic-5.22-10.6 is installed OR libmagic1-5.22-10.6 is installed OR libmagic1-32bit-5.22-10.6 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.10-38.5 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND python-setuptools-18.0.1-4.8 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information postgresql96-9.6.10-3.22 is installed OR postgresql96-contrib-9.6.10-3.22 is installed OR postgresql96-docs-9.6.10-3.22 is installed OR postgresql96-libs-9.6.10-3.22 is installed OR postgresql96-server-9.6.10-3.22 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information xen-4.9.4_06-3.59 is installed OR xen-doc-html-4.9.4_06-3.59 is installed OR xen-libs-4.9.4_06-3.59 is installed OR xen-libs-32bit-4.9.4_06-3.59 is installed OR xen-tools-4.9.4_06-3.59 is installed OR xen-tools-domU-4.9.4_06-3.59 is installed
BACK