Oval Definition:oval:org.opensuse.security:def:57314
Revision Date:2020-12-01Version:1
Title:Security update for curl (Moderate)
Description:



This update for curl fixes the following issues:

- CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer (bsc#962983)

The following non-security bugs were fixed:

- bsc#926511: Check for errors on the control connection during FTP transfers

The following tracked bugs only affect the test suite:

- bsc#962996: Expired cookie in test 46 caused test failures
Family:unixClass:patch
Status:Reference(s):1012215
1040662
1045490
1070724
1083125
1084724
1085447
1086825
1087200
1090368
1090646
1090869
1091396
1092098
1095482
1099902
1100751
1102151
1104076
1105010
1109465
1111056
1116574
1117473
1123482
1124525
1133810
1137832
1140868
1145665
1149323
1155787
1161799
1169511
1172277
777565
814440
900610
904348
904965
920016
923002
926007
926511
926709
926774
930145
930788
932350
932805
933721
935053
935757
936118
938706
939826
939926
939955
940017
940925
941202
942204
942305
942367
942605
942688
942938
943786
944296
944831
944837
944989
944993
945691
945825
945827
946078
946309
947957
948330
948347
948521
949100
949298
949502
949706
949744
949981
951440
952084
952384
952579
953527
953980
954404
962983
962996
964336
CVE-2008-4989
CVE-2011-4128
CVE-2012-0390
CVE-2012-1569
CVE-2012-1573
CVE-2012-6706
CVE-2014-0092
CVE-2014-1959
CVE-2014-3466
CVE-2014-8564
CVE-2015-0272
CVE-2015-0294
CVE-2015-3622
CVE-2015-5157
CVE-2015-5307
CVE-2015-6251
CVE-2015-6252
CVE-2015-6937
CVE-2015-7872
CVE-2015-7990
CVE-2015-8104
CVE-2016-0755
CVE-2017-13166
CVE-2017-15108
CVE-2017-2518
CVE-2018-1000301
CVE-2018-1087
CVE-2018-12472
CVE-2018-13785
CVE-2018-14432
CVE-2018-15473
CVE-2018-3136
CVE-2018-3139
CVE-2018-3149
CVE-2018-3169
CVE-2018-3180
CVE-2018-3214
CVE-2018-8781
CVE-2018-8897
CVE-2019-11709
CVE-2019-11710
CVE-2019-11711
CVE-2019-11712
CVE-2019-11713
CVE-2019-11714
CVE-2019-11715
CVE-2019-11716
CVE-2019-11717
CVE-2019-11718
CVE-2019-11719
CVE-2019-11720
CVE-2019-11721
CVE-2019-11723
CVE-2019-11724
CVE-2019-11725
CVE-2019-11727
CVE-2019-11728
CVE-2019-11729
CVE-2019-11730
CVE-2019-11733
CVE-2019-11735
CVE-2019-11736
CVE-2019-11738
CVE-2019-11740
CVE-2019-11742
CVE-2019-11743
CVE-2019-11744
CVE-2019-11746
CVE-2019-11747
CVE-2019-11748
CVE-2019-11749
CVE-2019-11750
CVE-2019-11751
CVE-2019-11752
CVE-2019-11753
CVE-2019-12749
CVE-2019-9811
CVE-2019-9812
CVE-2020-2654
CVE-2020-2756
CVE-2020-2757
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
CVE-2020-6796
CVE-2020-6797
CVE-2020-6798
CVE-2020-6799
CVE-2020-6800
SUSE-SU-2015:2108-1
SUSE-SU-2016:0347-1
SUSE-SU-2017:1716-1
SUSE-SU-2018:0372-1
SUSE-SU-2018:1327-1
SUSE-SU-2018:1548-1
SUSE-SU-2018:2576-1
SUSE-SU-2018:3467-1
SUSE-SU-2018:3910-1
SUSE-SU-2018:3933-1
SUSE-SU-2019:1591-1
SUSE-SU-2019:2620-1
SUSE-SU-2019:3050-1
SUSE-SU-2020:0384-1
SUSE-SU-2020:1683-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • bluez-5.48-lp150.3 is installed
  • OR libbluetooth3-5.48-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exim-4.88-lp151.4.6 is installed
  • OR eximon-4.88-lp151.4.6 is installed
  • OR eximstats-html-4.88-lp151.4.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • curl-7.19.7-1.46 is installed
  • OR libcurl4-7.19.7-1.46 is installed
  • OR libcurl4-32bit-7.19.7-1.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • res-signingkeys-3.0.38-52.26 is installed
  • OR smt-3.0.38-52.26 is installed
  • OR smt-support-3.0.38-52.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gnutls-3.2.15-11 is installed
  • OR libgnutls-openssl27-3.2.15-11 is installed
  • OR libgnutls28-3.2.15-11 is installed
  • OR libgnutls28-32bit-3.2.15-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • xen-4.7.6_04-43.39 is installed
  • OR xen-doc-html-4.7.6_04-43.39 is installed
  • OR xen-libs-4.7.6_04-43.39 is installed
  • OR xen-libs-32bit-4.7.6_04-43.39 is installed
  • OR xen-tools-4.7.6_04-43.39 is installed
  • OR xen-tools-domU-4.7.6_04-43.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_45-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_14-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND ft2demos-2.6.3-7.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND permissions-2015.09.28.1626-17.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libpcap-1.8.1-10.3 is installed
  • OR libpcap1-1.8.1-10.3 is installed
  • OR tcpdump-4.9.2-14.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ghostscript-9.25-23.13 is installed
  • OR ghostscript-x11-9.25-23.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • file-5.22-10.12 is installed
  • OR file-magic-5.22-10.12 is installed
  • OR libmagic1-5.22-10.12 is installed
  • OR libmagic1-32bit-5.22-10.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openstack-dashboard-10.0.6~dev4-4.15 is installed
  • OR openstack-heat-7.0.7~dev10-5.12 is installed
  • OR openstack-heat-api-7.0.7~dev10-5.12 is installed
  • OR openstack-heat-api-cfn-7.0.7~dev10-5.12 is installed
  • OR openstack-heat-api-cloudwatch-7.0.7~dev10-5.12 is installed
  • OR openstack-heat-doc-7.0.7~dev10-5.12 is installed
  • OR openstack-heat-engine-7.0.7~dev10-5.12 is installed
  • OR openstack-heat-plugin-heat_docker-7.0.7~dev10-5.12 is installed
  • OR openstack-heat-test-7.0.7~dev10-5.12 is installed
  • OR openstack-horizon-plugin-designate-ui-3.0.2~dev1-3.6 is installed
  • OR openstack-keystone-10.0.3~dev9-7.12 is installed
  • OR openstack-keystone-doc-10.0.3~dev9-7.12 is installed
  • OR openstack-nova-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-api-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-cells-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-cert-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-compute-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-conductor-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-console-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-consoleauth-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-doc-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-novncproxy-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-placement-api-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-scheduler-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-serialproxy-14.0.11~dev13-4.25 is installed
  • OR openstack-nova-vncproxy-14.0.11~dev13-4.25 is installed
  • OR python-heat-7.0.7~dev10-5.12 is installed
  • OR python-horizon-10.0.6~dev4-4.15 is installed
  • OR python-horizon-plugin-designate-ui-3.0.2~dev1-3.6 is installed
  • OR python-keystone-10.0.3~dev9-7.12 is installed
  • OR python-nova-14.0.11~dev13-4.25 is installed
  • OR python-os-vif-1.2.1-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.14 is installed
  • OR libssh2-1-32bit-1.4.3-20.14 is installed
  • OR libssh2_org-1.4.3-20.14 is installed
    • BACK