Oval Definition:oval:org.opensuse.security:def:56699
Revision Date:2020-12-01Version:1
Title:Security update for zziplib (Moderate)
Description:



This update for zziplib fixes the following issues:

Version update to 0.13.67 contains lots of bug- and security fixes.

- If an extension block is too small to hold an extension, do not use the information therein. - CVE-2018-6540: If the End of central directory record (EOCD) contains an Offset of start of central directory which is beyond the end of the file, reject the file. (bsc#1079096) - CVE-2018-6484: Reject the ZIP file and report it as corrupt if the size of the central directory and/or the offset of start of central directory point beyond the end of the ZIP file. (bsc#1078701) - CVE-2018-6381: If a file is uncompressed, compressed and uncompressed sizes should be identical. (bsc#1078497)

Family:unixClass:patch
Status:Reference(s):1001203
1009085
1014437
1014441
1014442
1024532
1024536
1034539
1040311
1040312
1040313
1046856
1047044
1047898
1050120
1050577
1050578
1050579
1050581
1050606
1051446
1052468
1052550
1052710
1052720
1052731
1052732
1053153
1055065
1055323
1055434
1055855
1055960
1058640
1059751
1069708
1074123
1074969
1074973
1074975
1076017
1078497
1078701
1079096
1083488
1085114
1085447
1111151
1115099
1116437
1122293
1122299
1123054
1125330
1127987
1129821
1130262
1131233
1131237
1131239
1131241
1131245
1132549
1132664
949520
960674
975299
986675
991564
994500
997833
998309
CVE-2009-4029
CVE-2012-0037
CVE-2015-8710
CVE-2016-2123
CVE-2016-2125
CVE-2016-2126
CVE-2016-6662
CVE-2017-1000083
CVE-2017-10661
CVE-2017-10800
CVE-2017-11141
CVE-2017-11529
CVE-2017-11624
CVE-2017-11625
CVE-2017-11626
CVE-2017-11627
CVE-2017-11644
CVE-2017-11724
CVE-2017-12434
CVE-2017-12564
CVE-2017-12595
CVE-2017-12667
CVE-2017-12670
CVE-2017-12672
CVE-2017-12675
CVE-2017-13060
CVE-2017-13146
CVE-2017-13166
CVE-2017-13648
CVE-2017-13658
CVE-2017-14326
CVE-2017-14533
CVE-2017-16939
CVE-2017-17881
CVE-2017-18022
CVE-2017-9208
CVE-2017-9209
CVE-2017-9210
CVE-2018-1000004
CVE-2018-1000805
CVE-2018-1068
CVE-2018-11212
CVE-2018-18335
CVE-2018-18356
CVE-2018-18506
CVE-2018-5246
CVE-2018-5247
CVE-2018-6381
CVE-2018-6484
CVE-2018-6540
CVE-2018-7566
CVE-2019-0196
CVE-2019-0197
CVE-2019-0211
CVE-2019-0217
CVE-2019-0220
CVE-2019-11234
CVE-2019-11235
CVE-2019-2422
CVE-2019-5785
CVE-2019-9788
CVE-2019-9790
CVE-2019-9791
CVE-2019-9792
CVE-2019-9793
CVE-2019-9794
CVE-2019-9795
CVE-2019-9796
CVE-2019-9801
CVE-2019-9810
CVE-2019-9813
SUSE-SU-2016:0178-1
SUSE-SU-2016:2404-1
SUSE-SU-2016:3272-1
SUSE-SU-2017:1894-1
SUSE-SU-2017:3321-1
SUSE-SU-2018:0130-1
SUSE-SU-2018:0548-1
SUSE-SU-2018:0988-1
SUSE-SU-2019:0481-1
SUSE-SU-2019:0604-1
SUSE-SU-2019:0852-1
SUSE-SU-2019:0878-1
SUSE-SU-2019:1039-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • NetworkManager-1.10.6-lp150.3 is installed
  • OR NetworkManager-lang-1.10.6-lp150.3 is installed
  • OR libnm-glib-vpn1-1.10.6-lp150.3 is installed
  • OR libnm-glib4-1.10.6-lp150.3 is installed
  • OR libnm-util2-1.10.6-lp150.3 is installed
  • OR libnm0-1.10.6-lp150.3 is installed
  • OR typelib-1_0-NM-1_0-1.10.6-lp150.3 is installed
  • OR typelib-1_0-NMClient-1_0-1.10.6-lp150.3 is installed
  • OR typelib-1_0-NetworkManager-1_0-1.10.6-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND teeworlds-0.7.3.1-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libzzip-0-13-0.13.67-10.5 is installed
  • OR zziplib-0.13.67-10.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libxml2-2.9.1-17 is installed
  • OR libxml2-2-2.9.1-17 is installed
  • OR libxml2-2-32bit-2.9.1-17 is installed
  • OR libxml2-doc-2.9.1-17 is installed
  • OR libxml2-tools-2.9.1-17 is installed
  • OR python-libxml2-2.9.1-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • evince-3.10.3-2.3 is installed
  • OR evince-lang-3.10.3-2.3 is installed
  • OR libevdocument3-4-3.10.3-2.3 is installed
  • OR libevview3-3-3.10.3-2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • automake-1.13.4-6 is installed
  • OR m4-1.4.16-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND clamav-0.100.1-33.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • glibc-2.22-62.13 is installed
  • OR glibc-32bit-2.22-62.13 is installed
  • OR glibc-devel-2.22-62.13 is installed
  • OR glibc-devel-32bit-2.22-62.13 is installed
  • OR glibc-html-2.22-62.13 is installed
  • OR glibc-i18ndata-2.22-62.13 is installed
  • OR glibc-info-2.22-62.13 is installed
  • OR glibc-locale-2.22-62.13 is installed
  • OR glibc-locale-32bit-2.22-62.13 is installed
  • OR glibc-profile-2.22-62.13 is installed
  • OR glibc-profile-32bit-2.22-62.13 is installed
  • OR nscd-2.22-62.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_56-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_17-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR avahi-utils-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND sudo-1.8.20p2-3.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libvirt-3.3.0-5.40 is installed
  • OR libvirt-admin-3.3.0-5.40 is installed
  • OR libvirt-client-3.3.0-5.40 is installed
  • OR libvirt-daemon-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-hooks-3.3.0-5.40 is installed
  • OR libvirt-daemon-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-xen-3.3.0-5.40 is installed
  • OR libvirt-doc-3.3.0-5.40 is installed
  • OR libvirt-libs-3.3.0-5.40 is installed
  • OR libvirt-lock-sanlock-3.3.0-5.40 is installed
  • OR libvirt-nss-3.3.0-5.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND sudo-1.8.20p2-3.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • cups-filters-1.0.58-15.2 is installed
  • OR cups-filters-cups-browsed-1.0.58-15.2 is installed
  • OR cups-filters-foomatic-rip-1.0.58-15.2 is installed
  • OR cups-filters-ghostscript-1.0.58-15.2 is installed
  • OR libqpdf18-7.1.1-3.3 is installed
  • OR qpdf-7.1.1-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • freeradius-server-3.0.3-17.12 is installed
  • OR freeradius-server-doc-3.0.3-17.12 is installed
  • OR freeradius-server-krb5-3.0.3-17.12 is installed
  • OR freeradius-server-ldap-3.0.3-17.12 is installed
  • OR freeradius-server-libs-3.0.3-17.12 is installed
  • OR freeradius-server-mysql-3.0.3-17.12 is installed
  • OR freeradius-server-perl-3.0.3-17.12 is installed
  • OR freeradius-server-postgresql-3.0.3-17.12 is installed
  • OR freeradius-server-python-3.0.3-17.12 is installed
  • OR freeradius-server-sqlite-3.0.3-17.12 is installed
  • OR freeradius-server-utils-3.0.3-17.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • mariadb-10.2.29-3.22 is installed
  • OR mariadb-galera-10.2.29-3.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libvirglrenderer0-0.5.0-12.3 is installed
  • OR virglrenderer-0.5.0-12.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • openstack-manila-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-api-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-data-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-scheduler-7.3.1~dev15-4.18 is installed
  • OR openstack-manila-share-7.3.1~dev15-4.18 is installed
  • OR python-manila-7.3.1~dev15-4.18 is installed
    • BACK