Oval Definition:oval:org.opensuse.security:def:56870
Revision Date:2020-12-01Version:1
Title:Security update for libssh2_org (Moderate)
Description:

This update for libssh2_org fixes the following issues:

Security issues fixed:

- CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490). - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492). - CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481). - CVE-2019-3863: Fixed an Integer overflow in user authenticate keyboard interactive which could allow out-of-bounds writes with specially crafted keyboard responses (bsc#1128493). - CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write with specially crafted payload (bsc#1128472). - CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (bsc#1128480). - CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially crafted payload (bsc#1128471). - CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted SFTP packet (bsc#1128476). - CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet (bsc#1128474).

Other issue addressed:

- Libbssh2 will stop using keys unsupported types in the known_hosts file (bsc#1091236).
Family:unixClass:patch
Status:Reference(s):1001459
1005084
1005090
1005242
1005886
1006591
1006593
1006597
1006598
1006599
1006836
1006839
1007009
1008831
1009026
1010395
1010401
1010402
1010404
1010410
1010422
1010427
1010517
1011283
1011284
1011285
1011286
1011287
1011288
1011289
1011290
1011291
1011292
1011293
1011685
1012021
1012022
1012023
1012024
1012025
1012026
1012027
1012028
1012029
1012030
1012031
1012032
1012754
1012985
1014863
1018808
1023287
1027149
1028217
1030531
1030552
1030575
1031481
1031515
1031660
1033960
1034405
1035531
1035738
1037182
1037183
1037994
1038544
1038564
1038879
1038883
1038981
1038982
1039348
1039354
1039456
1039496
1039721
1039864
1039882
1039883
1039885
1040069
1041160
1041429
1041431
1042696
1042832
1042863
1044125
1045327
1045487
1045922
1046107
1048275
1048788
1049645
1049882
1053148
1053152
1053317
1056588
1056982
1057179
1058410
1058507
1058524
1059863
1062471
1062520
1063667
1064388
1071471
1073703
1081518
1083093
1091236
1093898
1096759
1098369
1103098
1103383
1112758
1124729
1124734
1128378
1128471
1128472
1128474
1128476
1128480
1128481
1128490
1128492
1128493
1131886
1133925
392410
856774
860250
863764
878240
887877
909695
922855
922871
926974
936032
941919
942553
959495
961886
963983
968373
968565
976944
986630
986924
992549
993099
994364
CVE-2008-3522
CVE-2011-3389
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150
CVE-2012-3386
CVE-2013-1752
CVE-2013-4238
CVE-2014-2667
CVE-2014-4650
CVE-2014-4975
CVE-2014-8158
CVE-2015-1855
CVE-2015-3900
CVE-2015-5203
CVE-2015-5221
CVE-2015-7551
CVE-2016-1577
CVE-2016-1867
CVE-2016-2089
CVE-2016-2116
CVE-2016-2339
CVE-2016-2523
CVE-2016-2530
CVE-2016-2531
CVE-2016-2532
CVE-2016-5285
CVE-2016-5290
CVE-2016-5291
CVE-2016-5296
CVE-2016-5297
CVE-2016-8611
CVE-2016-8632
CVE-2016-8655
CVE-2016-8690
CVE-2016-8691
CVE-2016-8692
CVE-2016-8693
CVE-2016-8880
CVE-2016-8881
CVE-2016-8882
CVE-2016-8883
CVE-2016-8884
CVE-2016-8885
CVE-2016-8886
CVE-2016-8887
CVE-2016-9064
CVE-2016-9066
CVE-2016-9074
CVE-2016-9434
CVE-2016-9435
CVE-2016-9436
CVE-2016-9437
CVE-2016-9438
CVE-2016-9439
CVE-2016-9440
CVE-2016-9441
CVE-2016-9442
CVE-2016-9443
CVE-2016-9555
CVE-2016-9621
CVE-2016-9622
CVE-2016-9623
CVE-2016-9624
CVE-2016-9625
CVE-2016-9626
CVE-2016-9627
CVE-2016-9628
CVE-2016-9629
CVE-2016-9630
CVE-2016-9631
CVE-2016-9632
CVE-2016-9633
CVE-2017-1000363
CVE-2017-1000364
CVE-2017-1000365
CVE-2017-1000380
CVE-2017-10661
CVE-2017-11176
CVE-2017-12153
CVE-2017-12154
CVE-2017-12762
CVE-2017-13080
CVE-2017-14051
CVE-2017-14106
CVE-2017-14140
CVE-2017-15265
CVE-2017-15274
CVE-2017-15649
CVE-2017-15868
CVE-2017-7482
CVE-2017-7487
CVE-2017-7518
CVE-2017-7541
CVE-2017-7542
CVE-2017-7889
CVE-2017-8831
CVE-2017-8890
CVE-2017-8924
CVE-2017-8925
CVE-2017-9074
CVE-2017-9075
CVE-2017-9076
CVE-2017-9077
CVE-2017-9242
CVE-2018-16839
CVE-2018-3760
CVE-2018-5391
CVE-2019-3855
CVE-2019-3856
CVE-2019-3857
CVE-2019-3858
CVE-2019-3859
CVE-2019-3860
CVE-2019-3861
CVE-2019-3862
CVE-2019-3863
CVE-2019-6974
CVE-2019-7221
CVE-2019-9213
SUSE-SU-2016:1344-1
SUSE-SU-2016:2775-1
SUSE-SU-2016:3014-1
SUSE-SU-2016:3049-1
SUSE-SU-2016:3053-1
SUSE-SU-2017:1067-1
SUSE-SU-2017:1941-1
SUSE-SU-2017:2908-1
SUSE-SU-2018:0267-1
SUSE-SU-2018:2603-1
SUSE-SU-2019:0655-1
SUSE-SU-2019:0996-1
SUSE-SU-2019:1141-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • grub2-2.02-lp150.12 is installed
  • OR grub2-i386-pc-2.02-lp150.12 is installed
  • OR grub2-snapper-plugin-2.02-lp150.12 is installed
  • OR grub2-systemd-sleep-plugin-2.02-lp150.12 is installed
  • OR grub2-x86_64-efi-2.02-lp150.12 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND system-user-root-20190513-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.3 is installed
  • OR libssh2-1-32bit-1.4.3-20.3 is installed
  • OR libssh2_org-1.4.3-20.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libopenssl1_1-1.1.1b-2.12 is installed
  • OR libopenssl1_1-32bit-1.1.1b-2.12 is installed
  • OR openssl-1_1-1.1.1b-2.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • MozillaFirefox-45.5.0esr-88 is installed
  • OR MozillaFirefox-translations-45.5.0esr-88 is installed
  • OR libfreebl3-3.21.3-50 is installed
  • OR libfreebl3-32bit-3.21.3-50 is installed
  • OR libfreebl3-hmac-3.21.3-50 is installed
  • OR libfreebl3-hmac-32bit-3.21.3-50 is installed
  • OR libsoftokn3-3.21.3-50 is installed
  • OR libsoftokn3-32bit-3.21.3-50 is installed
  • OR libsoftokn3-hmac-3.21.3-50 is installed
  • OR libsoftokn3-hmac-32bit-3.21.3-50 is installed
  • OR mozilla-nss-3.21.3-50 is installed
  • OR mozilla-nss-32bit-3.21.3-50 is installed
  • OR mozilla-nss-certs-3.21.3-50 is installed
  • OR mozilla-nss-certs-32bit-3.21.3-50 is installed
  • OR mozilla-nss-sysinit-3.21.3-50 is installed
  • OR mozilla-nss-sysinit-32bit-3.21.3-50 is installed
  • OR mozilla-nss-tools-3.21.3-50 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_32-default-4-3 is installed
  • OR kgraft-patch-3_12_69-60_64_32-xen-4-3 is installed
  • OR kgraft-patch-SLE12-SP1_Update_13-4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gv-3.7.4-1 is installed
  • OR wdiff-1.2.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • ghostscript-9.27-23.31 is installed
  • OR ghostscript-x11-9.27-23.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_67-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_19-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • audiofile-0.3.6-10 is installed
  • OR libaudiofile1-0.3.6-10 is installed
  • OR libaudiofile1-32bit-0.3.6-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.65-38.53 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.65-38.53 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.65-38.53 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.65-38.53 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.65-38.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.242-27.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND libzypp-16.19.0-2.36 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • crowbar-4.0+git.1528801103.f5708341-7.20 is installed
  • OR crowbar-core-4.0+git.1534246408.3ab19c567-9.33 is installed
  • OR crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33 is installed
  • OR crowbar-devel-4.0+git.1528801103.f5708341-7.20 is installed
  • OR crowbar-ha-4.0+git.1533750802.5768e73-4.34 is installed
  • OR crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39 is installed
  • OR crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.15 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed
  • OR sqlite3-3.8.10.2-9.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Twisted-15.2.1-9.8 is installed
    • BACK