Oval Definition:oval:org.opensuse.security:def:57243
Revision Date:2020-12-01Version:1
Title:Security update for libproxy
Description:



This update for libproxy fixes a heap-based buffer overflow that could have allowed remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request (CVE-2012-4505).

Additionally, it fixes parsing of the $no_proxy environment variable when it contains more than one URL separated by white-spaces.

Security Issue reference:

* CVE-2012-4505

Family:unixClass:patch
Status:Reference(s):1027565
1028372
1030573
1085967
1086730
1096723
1097108
1099306
1102682
1103203
1105323
1106191
1112039
1113969
1118987
1119947
1122319
1128481
1136570
1162197
1162200
761626
784523
880984
919959
926159
928390
936923
947780
961305
CVE-2012-2737
CVE-2012-4505
CVE-2014-8139
CVE-2014-8140
CVE-2014-8141
CVE-2014-9636
CVE-2015-8605
CVE-2017-18344
CVE-2017-2636
CVE-2017-7184
CVE-2018-1000026
CVE-2018-1000140
CVE-2018-10853
CVE-2018-10853
CVE-2018-10902
CVE-2018-10938
CVE-2018-11805
CVE-2018-16468
CVE-2018-16884
CVE-2018-18386
CVE-2018-3646
CVE-2018-3646
CVE-2018-5390
CVE-2018-8048
CVE-2019-3860
CVE-2019-6116
CVE-2020-1930
CVE-2020-1931
SUSE-SU-2016:0481-1
SUSE-SU-2017:0864-1
SUSE-SU-2018:0828-1
SUSE-SU-2018:2368-1
SUSE-SU-2018:2860-1
SUSE-SU-2019:0144-1
SUSE-SU-2019:0394-1
SUSE-SU-2019:1606-1
SUSE-SU-2020:0810-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • curl-7.59.0-lp150.1 is installed
  • OR libcurl4-7.59.0-lp150.1 is installed
  • OR libcurl4-32bit-7.59.0-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chromedriver-74.0.3729.157-lp151.2.3 is installed
  • OR chromium-74.0.3729.157-lp151.2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libproxy0-0.3.1-2.6 is installed
  • OR libproxy0-32bit-0.3.1-2.6 is installed
  • OR libproxy0-config-gnome-0.3.1-2.6 is installed
  • OR libproxy0-config-gnome-32bit-0.3.1-2.6 is installed
  • OR libproxy0-config-kde4-0.3.1-2.6 is installed
  • OR libproxy0-networkmanager-0.3.1-2.6 is installed
  • OR libproxy0-networkmanager-32bit-0.3.1-2.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • dhcp-4.2.4.P2-0.24 is installed
  • OR dhcp-client-4.2.4.P2-0.24 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_85-default-6-2 is installed
  • OR kgraft-patch-3_12_74-60_64_85-xen-6-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_26-6-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • accountsservice-0.6.42-14 is installed
  • OR accountsservice-lang-0.6.42-14 is installed
  • OR libaccountsservice0-0.6.42-14 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.92 is installed
  • OR kernel-default-base-4.4.121-92.92 is installed
  • OR kernel-default-devel-4.4.121-92.92 is installed
  • OR kernel-devel-4.4.121-92.92 is installed
  • OR kernel-macros-4.4.121-92.92 is installed
  • OR kernel-source-4.4.121-92.92 is installed
  • OR kernel-syms-4.4.121-92.92 is installed
  • OR kgraft-patch-4_4_121-92_92-default-1-3.7 is installed
  • OR kgraft-patch-SLE12-SP2_Update_24-1-3.7 is installed
  • OR lttng-modules-2.7.1-9.4 is installed
  • OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-6-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • krb5-appl-clients-1.0.3-1 is installed
  • OR krb5-appl-servers-1.0.3-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libecpg6-10.12-1.18 is installed
  • OR libpq5-10.12-1.18 is installed
  • OR libpq5-32bit-10.12-1.18 is installed
  • OR postgresql10-10.12-1.18 is installed
  • OR postgresql10-contrib-10.12-1.18 is installed
  • OR postgresql10-docs-10.12-1.18 is installed
  • OR postgresql10-libs-10.12-1.18 is installed
  • OR postgresql10-plperl-10.12-1.18 is installed
  • OR postgresql10-plpython-10.12-1.18 is installed
  • OR postgresql10-pltcl-10.12-1.18 is installed
  • OR postgresql10-server-10.12-1.18 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.251-43.35 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.251-43.35 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.251-43.35 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.251-43.35 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ovmf-2017+git1492060560.b6d11d7c46-4.17 is installed
  • OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.17 is installed
  • OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libseccomp-2.4.1-11.3 is installed
  • OR libseccomp2-2.4.1-11.3 is installed
  • OR libseccomp2-32bit-2.4.1-11.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • ghostscript-9.26a-23.19 is installed
  • OR ghostscript-x11-9.26a-23.19 is installed
  • OR libspectre-0.2.7-12.6 is installed
  • OR libspectre1-0.2.7-12.6 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • icu-52.1-8.10 is installed
  • OR libicu-doc-52.1-8.10 is installed
  • OR libicu52_1-52.1-8.10 is installed
  • OR libicu52_1-32bit-52.1-8.10 is installed
  • OR libicu52_1-data-52.1-8.10 is installed
  • BACK