OVAL Reference oval:org.opensuse.security:def:56857

Oval Definition:

oval:org.opensuse.security:def:56857

Revision Date:	2020-12-01	Version:	1
Title:	Security update for python-numpy (Important)
Description:	This update for python-numpy fixes the following issue: Security issue fixed: - CVE-2019-6446: Set allow_pickle to false by default to restrict loading untrusted content (bsc#1122208). With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing numpy.load(). A warning during runtime will show-up when the allow_pickle is not explicitly set. NOTE: By applying this update the behavior of python-numpy changes, which might break your application. In order to get the old behaviour back, you have to explicitly set `allow_pickle` to True. Be aware that this should only be done for trusted input, as loading untrusted input might lead to arbitrary code execution.
Family:	unix	Class:	patch
Status:		Reference(s):	1000998 1003952 1005070 1005072 1005076 1010700 1012382 1026978 1026979 1026980 1026981 1026982 1026983 1026984 1026985 1026986 1026987 1026988 1027519 1045340 1064233 1068032 1072728 1076110 1080156 1083635 1086654 1087081 1087289 1087320 1089343 1094725 1095242 1096224 1097521 1097522 1097523 1098016 1098377 1099592 1099924 1100089 1100416 1100418 1101877 1103119 1104365 1110299 1116717 1117275 1117740 1119493 1122208 1123156 1164692 939523 949399 957531 960996 962743 984639 986566 989980 998677 CVE-2006-7250 CVE-2008-5077 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2010-0740 CVE-2010-0742 CVE-2010-1633 CVE-2010-2939 CVE-2010-3864 CVE-2010-5298 CVE-2011-0014 CVE-2011-2186 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2686 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 CVE-2014-0076 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-5139 CVE-2014-8275 CVE-2014-9390 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2304 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2015-3216 CVE-2015-4000 CVE-2015-4871 CVE-2015-7575 CVE-2015-7747 CVE-2015-8126 CVE-2015-8327 CVE-2015-8472 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-2315 CVE-2016-2324 CVE-2016-4983 CVE-2016-5418 CVE-2016-5844 CVE-2016-6250 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7052 CVE-2016-7545 CVE-2016-8687 CVE-2016-8688 CVE-2016-8689 CVE-2017-1000364 CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830 CVE-2017-6831 CVE-2017-6832 CVE-2017-6833 CVE-2017-6834 CVE-2017-6835 CVE-2017-6836 CVE-2017-6837 CVE-2017-6838 CVE-2017-6839 CVE-2018-10852 CVE-2018-11806 CVE-2018-12891 CVE-2018-12892 CVE-2018-12893 CVE-2018-13053 CVE-2018-13405 CVE-2018-13406 CVE-2018-14734 CVE-2018-16872 CVE-2018-19364 CVE-2018-19489 CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625 CVE-2018-19626 CVE-2018-19627 CVE-2018-3620 CVE-2018-3646 CVE-2018-3665 CVE-2019-6446 CVE-2019-6778 CVE-2020-1938 SUSE-SU-2016:0092-1 SUSE-SU-2016:0265-1 SUSE-SU-2016:2911-1 SUSE-SU-2016:2915-1 SUSE-SU-2017:0340-1 SUSE-SU-2017:0940-1 SUSE-SU-2017:1704-1 SUSE-SU-2018:2081-1 SUSE-SU-2018:2384-1 SUSE-SU-2018:4298-1 SUSE-SU-2019:0081-1 SUSE-SU-2019:0419-1 SUSE-SU-2019:0471-1 SUSE-SU-2020:0725-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information glib2-lang-2.54.3-lp150.2 is installed OR glib2-tools-2.54.3-lp150.2 is installed OR libgio-2_0-0-2.54.3-lp150.2 is installed OR libglib-2_0-0-2.54.3-lp150.2 is installed OR libglib-2_0-0-32bit-2.54.3-lp150.2 is installed OR libgmodule-2_0-0-2.54.3-lp150.2 is installed OR libgobject-2_0-0-2.54.3-lp150.2 is installed OR libgthread-2_0-0-2.54.3-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libopenssl-1_0_0-devel-1.0.2p-lp151.5.3 is installed OR libopenssl-1_0_0-devel-32bit-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-32bit-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-hmac-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2p-lp151.5.3 is installed OR openssl-1_0_0-1.0.2p-lp151.5.3 is installed OR openssl-1_0_0-cavs-1.0.2p-lp151.5.3 is installed OR openssl-1_0_0-doc-1.0.2p-lp151.5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND python-numpy-1.8.0-5.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libwireshark9-2.4.11-48.35 is installed OR libwiretap7-2.4.11-48.35 is installed OR libwscodecs1-2.4.11-48.35 is installed OR libwsutil8-2.4.11-48.35 is installed OR wireshark-2.4.11-48.35 is installed OR wireshark-gtk-2.4.11-48.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_7_0-openjdk-1.7.0.95-24 is installed OR java-1_7_0-openjdk-demo-1.7.0.95-24 is installed OR java-1_7_0-openjdk-devel-1.7.0.95-24 is installed OR java-1_7_0-openjdk-headless-1.7.0.95-24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.48 is installed OR kernel-default-base-3.12.74-60.64.48 is installed OR kernel-default-devel-3.12.74-60.64.48 is installed OR kernel-default-man-3.12.74-60.64.48 is installed OR kernel-devel-3.12.74-60.64.48 is installed OR kernel-macros-3.12.74-60.64.48 is installed OR kernel-source-3.12.74-60.64.48 is installed OR kernel-syms-3.12.74-60.64.48 is installed OR kernel-xen-3.12.74-60.64.48 is installed OR kernel-xen-base-3.12.74-60.64.48 is installed OR kernel-xen-devel-3.12.74-60.64.48 is installed OR kgraft-patch-3_12_74-60_64_48-default-1-2 is installed OR kgraft-patch-3_12_74-60_64_48-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_17-1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND git-core-1.8.5.6-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-openjdk-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-36 is installed OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libexif-0.6.22-8.9 is installed OR libexif12-0.6.22-8.9 is installed OR libexif12-32bit-0.6.22-8.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND squid-3.5.21-26.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND libvpx1-1.3.0-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.6 is installed

BACK