Oval Definition:	oval:org.opensuse.security:def:56943
Revision Date: 2020-12-01 Version: 1 Title: Security update for hostinfo, supportutils (Important) Description: This update for hostinfo, supportutils fixes the following issues: Security issues fixed for supportutils: - CVE-2018-19640: Fixed an issue where users could kill arbitrary processes (bsc#1118463). - CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files (bsc#1118460). - CVE-2018-19639: Fixed a code execution if run with -v (bsc#1118462). - CVE-2018-19637: Fixed an issue where static temporary filename could allow overwriting of files (bsc#1117776). - CVE-2018-19636: Fixed a local root exploit via inclusion of attacker controlled shell script (bsc#1117751). Other issues fixed for supportutils: - Fixed invalid exit code commands (bsc#1125666) - SUSE separation in supportconfig (bsc#1125623) - Clarified supportconfig(8) -x option (bsc#1115245) - supportconfig: 3.0.127 - btrfs filesystem usage - List products.d - Dump lsof errors - Added ha commands for corosync - Dumped find errors in ib_info Issues fixed in hostinfo: - Removed extra kernel install dates (bsc#1099498) - Resolved network bond issue (bsc#1054979) Family: unix Class: patch Status: Reference(s): 1025506 1027038 1034173 1038078 1038337 1043398 1043652 1048914 1051222 1052311 1052365 1052368 1054979 1059777 1061076 1061077 1061080 1061081 1061082 1061084 1061086 1061087 1090338 1096740 1099498 1109893 1110542 1111319 1112911 1113296 1115245 1116574 1117751 1117776 1118460 1118462 1118463 1120629 1120630 1120631 1125623 1125666 1127155 1131291 1131823 1134226 1137977 1164692 1174157 1175259 958501 976942 976943 977614 977615 977616 977617 977621 CVE-2010-1674 CVE-2010-1675 CVE-2016-1856 CVE-2016-1857 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2183 CVE-2016-2342 CVE-2016-4049 CVE-2016-4590 CVE-2016-4591 CVE-2016-4622 CVE-2016-4624 CVE-2017-1000111 CVE-2017-1000112 CVE-2017-1000112 CVE-2017-11185 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15591 CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-5526 CVE-2017-7507 CVE-2017-7869 CVE-2018-13785 CVE-2018-19636 CVE-2018-19637 CVE-2018-19638 CVE-2018-19639 CVE-2018-19640 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 CVE-2018-3665 CVE-2019-17639 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-1938 SUSE-SU-2016:1233-1 SUSE-SU-2017:0839-1 SUSE-SU-2017:1838-1 SUSE-SU-2017:2131-1 SUSE-SU-2017:2143-1 SUSE-SU-2017:2439-1 SUSE-SU-2017:2873-1 SUSE-SU-2018:2097-1 SUSE-SU-2018:4064-1 SUSE-SU-2019:1122-1 SUSE-SU-2019:1136-1 SUSE-SU-2019:1972-1 SUSE-SU-2020:0806-1 SUSE-SU-2020:2482-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libdmx1-1.1.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND osc-0.165.4-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND supportutils-3.0-95.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libopenssl1_0_0-1.0.1i-47 is installed OR libopenssl1_0_0-32bit-1.0.1i-47 is installed OR libopenssl1_0_0-hmac-1.0.1i-47 is installed OR libopenssl1_0_0-hmac-32bit-1.0.1i-47 is installed OR openssl-1.0.1i-47 is installed OR openssl-doc-1.0.1i-47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_45-default-4-2 is installed OR kgraft-patch-3_12_74-60_64_45-xen-4-2 is installed OR kgraft-patch-SLE12-SP1_Update_16-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.12.5-1 is installed OR libwebkit2gtk-4_0-37-2.12.5-1 is installed OR typelib-1_0-JavaScriptCore-4_0-2.12.5-1 is installed OR typelib-1_0-WebKit2-4_0-2.12.5-1 is installed OR webkit2gtk-4_0-injected-bundles-2.12.5-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20180425-13.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_59-92_17-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_7-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information crash-7.1.8-3 is installed OR crash-kmp-default-7.1.8_k4.4.73_5-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libdcerpc-binding0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libdcerpc-binding0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libdcerpc0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libdcerpc0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-krb5pac0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-krb5pac0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-nbt0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-nbt0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-standard0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-standard0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libnetapi0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libnetapi0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-credentials0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-credentials0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-errors0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-errors0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-hostconfig0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-passdb0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-passdb0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-util0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-util0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamdb0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamdb0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbclient0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbclient0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbconf0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbconf0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbldap0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbldap0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libtevent-util0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libtevent-util0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libwbclient0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libwbclient0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-client-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-client-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-doc-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-libs-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-libs-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-winbind-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-winbind-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND stunnel-5.00-4.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libopenssl-devel-1.0.2j-60.52 is installed OR libopenssl1_0_0-1.0.2j-60.52 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.52 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.52 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.52 is installed OR openssl-1.0.2j-60.52 is installed OR openssl-doc-1.0.2j-60.52 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
BACK