Oval Definition:oval:org.opensuse.security:def:56657
Revision Date:2020-12-01Version:1
Title:security update for spice-vdagent (Moderate)
Description:

This update for spice-vdagent provides the following fixes:

This security issue was fixed:

- CVE-2017-15108: Properly escape save directory that is passed to the shell to prevent local attacker with access to the session the agent runs from injecting arbitrary commands to be executed (bsc#1070724).

This non-security issue was fixed:

- Implement endian swapping, required for big-endian guests to connect to the spice client successfully. (bsc#1012215)
Family:unixClass:patch
Status:Reference(s):1000998
1012215
1021578
1053431
1068664
1070724
1084850
1087200
1104199
1104202
1109465
1111634
1111635
1117473
1117665
1123482
1123959
1124525
1133810
1137586
1137865
1137944
1139073
1139751
1140868
1142857
1144504
1144903
1145477
1145665
1145922
1146042
1146163
1146285
1146361
1146378
1146391
1146413
1146425
1146512
1146514
1146516
1146519
1146524
1146526
1146529
1146540
1146543
1146547
1146584
1146612
1147122
1148938
1149323
1149376
1149458
1149522
1149527
1149555
1150025
1150112
1150452
1150457
1150465
1151347
1151350
1151839
1152782
1152788
1153119
1154328
1155671
1159208
1159623
947494
966891
972335
975947
978993
982331
983164
984990
985609
985665
985669
985673
985675
985679
985682
985685
985688
985689
985697
985698
985700
985703
985704
985706
985826
985832
985835
987176
988361
994399
999278
CVE-2012-0876
CVE-2014-9654
CVE-2015-8918
CVE-2015-8919
CVE-2015-8920
CVE-2015-8921
CVE-2015-8922
CVE-2015-8923
CVE-2015-8924
CVE-2015-8925
CVE-2015-8926
CVE-2015-8928
CVE-2015-8929
CVE-2015-8930
CVE-2015-8931
CVE-2015-8932
CVE-2015-8933
CVE-2015-8934
CVE-2016-0718
CVE-2016-10906
CVE-2016-3627
CVE-2016-4300
CVE-2016-4301
CVE-2016-4302
CVE-2016-4472
CVE-2016-4809
CVE-2016-5011
CVE-2016-7545
CVE-2016-9063
CVE-2017-1000158
CVE-2017-10053
CVE-2017-10067
CVE-2017-10074
CVE-2017-10081
CVE-2017-10087
CVE-2017-10089
CVE-2017-10090
CVE-2017-10096
CVE-2017-10101
CVE-2017-10102
CVE-2017-10105
CVE-2017-10107
CVE-2017-10108
CVE-2017-10109
CVE-2017-10110
CVE-2017-10111
CVE-2017-10115
CVE-2017-10116
CVE-2017-10125
CVE-2017-10243
CVE-2017-15108
CVE-2017-18509
CVE-2017-18551
CVE-2017-18595
CVE-2017-9233
CVE-2018-1000807
CVE-2018-1000808
CVE-2018-10915
CVE-2018-10925
CVE-2018-12207
CVE-2018-20976
CVE-2018-7999
CVE-2019-10207
CVE-2019-10220
CVE-2019-11135
CVE-2019-11477
CVE-2019-11709
CVE-2019-11710
CVE-2019-11711
CVE-2019-11712
CVE-2019-11713
CVE-2019-11714
CVE-2019-11715
CVE-2019-11716
CVE-2019-11717
CVE-2019-11718
CVE-2019-11719
CVE-2019-11720
CVE-2019-11721
CVE-2019-11723
CVE-2019-11724
CVE-2019-11725
CVE-2019-11727
CVE-2019-11728
CVE-2019-11729
CVE-2019-11730
CVE-2019-11733
CVE-2019-11735
CVE-2019-11736
CVE-2019-11738
CVE-2019-11740
CVE-2019-11742
CVE-2019-11743
CVE-2019-11744
CVE-2019-11746
CVE-2019-11747
CVE-2019-11748
CVE-2019-11749
CVE-2019-11750
CVE-2019-11751
CVE-2019-11752
CVE-2019-11753
CVE-2019-12625
CVE-2019-12900
CVE-2019-14814
CVE-2019-14815
CVE-2019-14816
CVE-2019-14821
CVE-2019-14835
CVE-2019-15098
CVE-2019-15118
CVE-2019-15212
CVE-2019-15215
CVE-2019-15216
CVE-2019-15217
CVE-2019-15218
CVE-2019-15219
CVE-2019-15220
CVE-2019-15221
CVE-2019-15290
CVE-2019-15291
CVE-2019-15505
CVE-2019-15807
CVE-2019-15902
CVE-2019-15926
CVE-2019-15927
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16413
CVE-2019-17055
CVE-2019-17056
CVE-2019-3693
CVE-2019-9456
CVE-2019-9506
CVE-2019-9811
CVE-2019-9812
SUSE-SU-2016:1204-1
SUSE-SU-2016:1909-1
SUSE-SU-2016:2764-1
SUSE-SU-2017:0340-1
SUSE-SU-2017:2280-1
SUSE-SU-2018:0372-1
SUSE-SU-2018:0858-1
SUSE-SU-2018:3377-1
SUSE-SU-2018:4063-1
SUSE-SU-2019:2620-1
SUSE-SU-2019:2950-1
SUSE-SU-2019:3066-1
SUSE-SU-2019:3076-1
SUSE-SU-2020:0497-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND kdebase4-workspace-libs-4.11.22-lp150.7 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • elfutils-0.168-lp151.4.3 is installed
  • OR elfutils-lang-0.168-lp151.4.3 is installed
  • OR libasm-devel-0.168-lp151.4.3 is installed
  • OR libasm1-0.168-lp151.4.3 is installed
  • OR libasm1-32bit-0.168-lp151.4.3 is installed
  • OR libdw-devel-0.168-lp151.4.3 is installed
  • OR libdw1-0.168-lp151.4.3 is installed
  • OR libdw1-32bit-0.168-lp151.4.3 is installed
  • OR libebl-devel-0.168-lp151.4.3 is installed
  • OR libebl-plugins-0.168-lp151.4.3 is installed
  • OR libebl-plugins-32bit-0.168-lp151.4.3 is installed
  • OR libelf-devel-0.168-lp151.4.3 is installed
  • OR libelf-devel-32bit-0.168-lp151.4.3 is installed
  • OR libelf1-0.168-lp151.4.3 is installed
  • OR libelf1-32bit-0.168-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND spice-vdagent-0.16.0-8.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libarchive-3.1.2-22 is installed
  • OR libarchive13-3.1.2-22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • python-setuptools-18.0.1-4.8 is installed
  • OR python3-setuptools-18.0.1-4.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libicu-doc-52.1-7 is installed
  • OR libicu52_1-52.1-7 is installed
  • OR libicu52_1-32bit-52.1-7 is installed
  • OR libicu52_1-data-52.1-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • xen-4.7.6_06-43.51 is installed
  • OR xen-doc-html-4.7.6_06-43.51 is installed
  • OR xen-libs-4.7.6_06-43.51 is installed
  • OR xen-libs-32bit-4.7.6_06-43.51 is installed
  • OR xen-tools-4.7.6_06-43.51 is installed
  • OR xen-tools-domU-4.7.6_06-43.51 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND shadow-4.2.1-27.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_32-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_11-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • grub2-2.02-2 is installed
  • OR grub2-arm64-efi-2.02-2 is installed
  • OR grub2-i386-pc-2.02-2 is installed
  • OR grub2-powerpc-ieee1275-2.02-2 is installed
  • OR grub2-s390x-emu-2.02-2 is installed
  • OR grub2-snapper-plugin-2.02-2 is installed
  • OR grub2-systemd-sleep-plugin-2.02-2 is installed
  • OR grub2-x86_64-efi-2.02-2 is installed
  • OR grub2-x86_64-xen-2.02-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • wicked-0.6.60-38.27 is installed
  • OR wicked-service-0.6.60-38.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • bzip2-1.0.6-30.5 is installed
  • OR bzip2-doc-1.0.6-30.5 is installed
  • OR libbz2-1-1.0.6-30.5 is installed
  • OR libbz2-1-32bit-1.0.6-30.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • file-5.22-10.6 is installed
  • OR file-magic-5.22-10.6 is installed
  • OR libmagic1-5.22-10.6 is installed
  • OR libmagic1-32bit-5.22-10.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.10-38.5 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND python-setuptools-18.0.1-4.8 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • postgresql96-9.6.10-3.22 is installed
  • OR postgresql96-contrib-9.6.10-3.22 is installed
  • OR postgresql96-docs-9.6.10-3.22 is installed
  • OR postgresql96-libs-9.6.10-3.22 is installed
  • OR postgresql96-server-9.6.10-3.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Werkzeug-0.14.1-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • xen-4.9.4_06-3.59 is installed
  • OR xen-doc-html-4.9.4_06-3.59 is installed
  • OR xen-libs-4.9.4_06-3.59 is installed
  • OR xen-libs-32bit-4.9.4_06-3.59 is installed
  • OR xen-tools-4.9.4_06-3.59 is installed
  • OR xen-tools-domU-4.9.4_06-3.59 is installed
    • BACK