OVAL Reference oval:org.opensuse.security:def:56896

Oval Definition:

oval:org.opensuse.security:def:56896

Revision Date:	2020-12-01	Version:	1
Title:	Security update for python, python-base (Moderate)
Description:	This update for python, python-base fixes the following issues: Security issues fixed: - CVE-2018-1000802: Prevent command injection in shutil module (make_archive function) via passage of unfiltered user input (bsc#1109663). - CVE-2018-1061: Fixed DoS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (bsc#1088004). - CVE-2018-1060: Fixed DoS via regular expression catastrophic backtracking in apop() method in pop3lib (bsc#1088009). Bug fixes: - bsc#1086001: python tarfile uses random order.
Family:	unix	Class:	patch
Status:		Reference(s):	1002639 1007280 1007853 1007854 1007855 1007857 1007858 1008253 1010161 1010163 1010893 1011103 1011107 1011805 1011812 1013669 1020868 1020873 1020875 1020877 1020878 1020882 1020884 1020885 1020891 1020894 1020896 1022428 1038231 1040662 1044947 1045490 1051684 1051685 1053259 1086001 1088004 1088009 1103040 1104457 1106171 1106172 1106173 1106195 1107410 1107411 1107412 1107413 1107420 1107421 1107422 1107423 1107426 1107581 1108027 1109105 1109663 1110723 1125230 1143194 1143273 1159856 1159858 1159860 1160250 1160251 1160937 1170771 914890 974449 974840 984813 984815 987351 CVE-2012-2738 CVE-2012-6706 CVE-2013-1988 CVE-2014-8127 CVE-2016-0762 CVE-2016-3622 CVE-2016-3658 CVE-2016-5018 CVE-2016-5321 CVE-2016-5323 CVE-2016-5652 CVE-2016-5875 CVE-2016-6664 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-9273 CVE-2016-9297 CVE-2016-9448 CVE-2016-9453 CVE-2016-9811 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3317 CVE-2017-3318 CVE-2017-7494 CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 CVE-2018-1000802 CVE-2018-1060 CVE-2018-1061 CVE-2018-14680 CVE-2018-14681 CVE-2018-14682 CVE-2018-15378 CVE-2018-15587 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16509 CVE-2018-16510 CVE-2018-16511 CVE-2018-16513 CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16543 CVE-2018-16585 CVE-2018-16802 CVE-2018-17183 CVE-2019-13057 CVE-2019-13565 CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 CVE-2020-12243 SUSE-SU-2016:3081-1 SUSE-SU-2016:3301-1 SUSE-SU-2017:0211-1 SUSE-SU-2017:0412-1 SUSE-SU-2017:1392-1 SUSE-SU-2017:1635-1 SUSE-SU-2017:1716-1 SUSE-SU-2017:2355-1 SUSE-SU-2018:2975-1 SUSE-SU-2018:3436-1 SUSE-SU-2018:3554-2 SUSE-SU-2019:1391-1 SUSE-SU-2020:0159-1 SUSE-SU-2020:1210-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND klogd-1.4.1-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND ansible-2.8.1-12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libpython2_7-1_0-2.7.13-28.16 is installed OR libpython2_7-1_0-32bit-2.7.13-28.16 is installed OR python-2.7.13-28.16 is installed OR python-base-2.7.13-28.16 is installed OR python-curses-2.7.13-28.16 is installed OR python-devel-2.7.13-28.16 is installed OR python-tk-2.7.13-28.16 is installed OR python-xml-2.7.13-28.16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libtiff5-4.0.7-35 is installed OR libtiff5-32bit-4.0.7-35 is installed OR tiff-4.0.7-35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND clamav-0.99.2-32 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXRes1-1.0.7-3 is installed OR libXRes1-32bit-1.0.7-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR avahi-utils-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.5.0-109.106 is installed OR MozillaFirefox-translations-common-68.5.0-109.106 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information cups-1.7.5-20.29 is installed OR cups-client-1.7.5-20.29 is installed OR cups-libs-1.7.5-20.29 is installed OR cups-libs-32bit-1.7.5-20.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.6.0-109.110 is installed OR MozillaFirefox-translations-common-68.6.0-109.110 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libtirpc-1.0.1-17.6 is installed OR libtirpc-netconfig-1.0.1-17.6 is installed OR libtirpc3-1.0.1-17.6 is installed OR libtirpc3-32bit-1.0.1-17.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information perl-5.18.2-12.17 is installed OR perl-32bit-5.18.2-12.17 is installed OR perl-base-5.18.2-12.17 is installed OR perl-doc-5.18.2-12.17 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND clamav-0.100.2-33.18 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.2-2.53 is installed OR libwebkit2gtk-4_0-37-2.28.2-2.53 is installed OR libwebkit2gtk3-lang-2.28.2-2.53 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.2-2.53 is installed OR typelib-1_0-WebKit2-4_0-2.28.2-2.53 is installed OR webkit2gtk-4_0-injected-bundles-2.28.2-2.53 is installed OR webkit2gtk3-2.28.2-2.53 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed

BACK