Oval Definition:oval:org.opensuse.security:def:57072
Revision Date:2021-08-24Version:1
Title:Security update for python-PyYAML (Important)
Description:



This update for python-PyYAML fixes the following issues:

- Update to 5.3.1.

- CVE-2020-14343: A vulnerability was discovered in the PyYAML library, where it was susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
Family:unixClass:patch
Status:Reference(s):1017646
1022263
1022264
1022265
1022283
1022284
1022553
1025506
1027038
1031247
1031249
1031250
1031254
1031255
1031262
1031263
1045340
1063671
1064392
1066471
1066472
1076390
1077559
1077568
1077572
1082810
1083125
1090368
1090646
1097108
1109961
1111498
1117025
1117382
1120658
1122000
1122344
1123333
1123892
1125352
1145092
1149955
1153238
1174514
929900
955131
CVE-2010-0624
CVE-2013-2002
CVE-2013-2005
CVE-2016-10087
CVE-2016-10166
CVE-2016-10167
CVE-2016-10168
CVE-2016-10266
CVE-2016-10267
CVE-2016-10268
CVE-2016-10269
CVE-2016-10270
CVE-2016-10271
CVE-2016-10272
CVE-2016-2183
CVE-2016-6906
CVE-2016-6912
CVE-2016-9317
CVE-2017-1000364
CVE-2017-13080
CVE-2017-15649
CVE-2018-10853
CVE-2018-11763
CVE-2018-2579
CVE-2018-2582
CVE-2018-2588
CVE-2018-2599
CVE-2018-2602
CVE-2018-2603
CVE-2018-2618
CVE-2018-2633
CVE-2018-2634
CVE-2018-2637
CVE-2018-2638
CVE-2018-2639
CVE-2018-2641
CVE-2018-2663
CVE-2018-2677
CVE-2018-2678
CVE-2018-6196
CVE-2018-6197
CVE-2018-6198
CVE-2018-8781
CVE-2018-8897
CVE-2019-10208
CVE-2019-16056
CVE-2019-16935
CVE-2019-6454
CVE-2020-14343
SUSE-SU-2017:0468-1
SUSE-SU-2017:0839-1
SUSE-SU-2017:0853-1
SUSE-SU-2017:1044-1
SUSE-SU-2017:1707-1
SUSE-SU-2017:3131-1
SUSE-SU-2018:0665-1
SUSE-SU-2018:1513-1
SUSE-SU-2018:2684-1
SUSE-SU-2018:3582-1
SUSE-SU-2019:0428-1
SUSE-SU-2019:0776-1
SUSE-SU-2019:2158-1
SUSE-SU-2019:2748-1
SUSE-SU-2021:2818-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND openvpn-2.4.3-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libxslt-1.1.32-lp151.3.3 is installed
  • OR libxslt-devel-1.1.32-lp151.3.3 is installed
  • OR libxslt-devel-32bit-1.1.32-lp151.3.3 is installed
  • OR libxslt-python-1.1.32-lp151.3.3 is installed
  • OR libxslt-tools-1.1.32-lp151.3.3 is installed
  • OR libxslt1-1.1.32-lp151.3.3 is installed
  • OR libxslt1-32bit-1.1.32-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.36 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.36 is installed
  • OR python-2.7.13-28.36 is installed
  • OR python-base-2.7.13-28.36 is installed
  • OR python-curses-2.7.13-28.36 is installed
  • OR python-devel-2.7.13-28.36 is installed
  • OR python-tk-2.7.13-28.36 is installed
  • OR python-xml-2.7.13-28.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libtiff5-4.0.7-43 is installed
  • OR libtiff5-32bit-4.0.7-43 is installed
  • OR tiff-4.0.7-43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_29-default-9-2 is installed
  • OR kgraft-patch-3_12_69-60_64_29-xen-9-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_12-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libXt6-1.1.4-3 is installed
  • OR libXt6-32bit-1.1.4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libzypp-16.17.20-27.52 is installed
  • OR zypper-1.13.45-18.33 is installed
  • OR zypper-log-1.13.45-18.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-devel-52.9.0esr-109.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • openssh-7.2p2-74.25 is installed
  • OR openssh-askpass-gnome-7.2p2-74.25 is installed
  • OR openssh-fips-7.2p2-74.25 is installed
  • OR openssh-helpers-7.2p2-74.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • elfutils-0.158-6 is installed
  • OR libasm1-0.158-6 is installed
  • OR libasm1-32bit-0.158-6 is installed
  • OR libdw1-0.158-6 is installed
  • OR libdw1-32bit-0.158-6 is installed
  • OR libebl1-0.158-6 is installed
  • OR libebl1-32bit-0.158-6 is installed
  • OR libelf1-0.158-6 is installed
  • OR libelf1-32bit-0.158-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • python-PyYAML-5.3.1-28.6.1 is installed
  • OR python3-PyYAML-5.3.1-28.6.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.79 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.79 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.79 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libQt5Concurrent5-5.6.2-6.15 is installed
  • OR libQt5Core5-5.6.2-6.15 is installed
  • OR libQt5DBus5-5.6.2-6.15 is installed
  • OR libQt5Gui5-5.6.2-6.15 is installed
  • OR libQt5Network5-5.6.2-6.15 is installed
  • OR libQt5OpenGL5-5.6.2-6.15 is installed
  • OR libQt5PrintSupport5-5.6.2-6.15 is installed
  • OR libQt5Sql5-5.6.2-6.15 is installed
  • OR libQt5Sql5-mysql-5.6.2-6.15 is installed
  • OR libQt5Sql5-postgresql-5.6.2-6.15 is installed
  • OR libQt5Sql5-sqlite-5.6.2-6.15 is installed
  • OR libQt5Sql5-unixODBC-5.6.2-6.15 is installed
  • OR libQt5Test5-5.6.2-6.15 is installed
  • OR libQt5Widgets5-5.6.2-6.15 is installed
  • OR libQt5Xml5-5.6.2-6.15 is installed
  • OR libqt5-qtbase-5.6.2-6.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • apache2-2.4.23-29.27 is installed
  • OR apache2-doc-2.4.23-29.27 is installed
  • OR apache2-example-pages-2.4.23-29.27 is installed
  • OR apache2-prefork-2.4.23-29.27 is installed
  • OR apache2-utils-2.4.23-29.27 is installed
  • OR apache2-worker-2.4.23-29.27 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ansible-2.4.6.0-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
    • BACK