Oval Definition:oval:org.opensuse.security:def:57493
Revision Date:2021-08-24Version:1
Title:Security update for python-PyYAML (Important)
Description:



This update for python-PyYAML fixes the following issues:

- Update to 5.3.1.

- CVE-2020-14343: A vulnerability was discovered in the PyYAML library, where it was susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
Family:unixClass:patch
Status:Reference(s):1024014
1024017
1024030
1024034
1024062
1027519
1035642
1037243
1042160
1042882
1042893
1042915
1042923
1042924
1042931
1042938
1082318
1097356
1102682
1103203
1128828
1133191
1133375
1136446
1137597
1140747
1142614
1143194
1143273
1144903
1151021
1153108
1153158
1153161
1159646
1170446
1170771
1173594
1174514
295284
904970
907150
912457
920615
920633
930408
934299
936909
948244
949022
953382
954512
958582
958583
958584
958586
CVE-2011-4405
CVE-2013-7447
CVE-2014-9273
CVE-2015-5252
CVE-2015-5296
CVE-2015-5299
CVE-2015-5330
CVE-2015-7651
CVE-2015-7652
CVE-2015-7653
CVE-2015-7654
CVE-2015-7655
CVE-2015-7656
CVE-2015-7657
CVE-2015-7658
CVE-2015-7659
CVE-2015-7660
CVE-2015-7661
CVE-2015-7662
CVE-2015-7663
CVE-2015-8042
CVE-2015-8043
CVE-2015-8044
CVE-2015-8046
CVE-2016-10198
CVE-2016-10199
CVE-2016-6855
CVE-2017-5840
CVE-2017-5841
CVE-2017-5845
CVE-2017-8309
CVE-2017-9330
CVE-2018-5390
CVE-2018-5848
CVE-2019-10220
CVE-2019-11477
CVE-2019-11477
CVE-2019-11478
CVE-2019-11478
CVE-2019-11487
CVE-2019-13057
CVE-2019-13565
CVE-2019-14835
CVE-2019-17133
CVE-2019-17571
CVE-2019-3846
CVE-2019-3846
CVE-2019-9893
CVE-2019-9928
CVE-2020-12243
CVE-2020-14343
CVE-2020-8695
CVE-2020-8698
SUSE-SU-2015:1960-1
SUSE-SU-2016:0164-1
SUSE-SU-2017:1010-1
SUSE-SU-2017:1742-1
SUSE-SU-2019:1600-1
SUSE-SU-2019:2821-1
SUSE-SU-2019:2941-1
SUSE-SU-2020:0054-1
SUSE-SU-2020:1210-1
SUSE-SU-2020:3279-1
SUSE-SU-2021:2818-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.1 NonFree
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • elfutils-0.168-lp150.2 is installed
  • OR elfutils-lang-0.168-lp150.2 is installed
  • OR libasm1-0.168-lp150.2 is installed
  • OR libdw1-0.168-lp150.2 is installed
  • OR libdw1-32bit-0.168-lp150.2 is installed
  • OR libebl-plugins-0.168-lp150.2 is installed
  • OR libebl-plugins-32bit-0.168-lp150.2 is installed
  • OR libelf1-0.168-lp150.2 is installed
  • OR libelf1-32bit-0.168-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chromedriver-75.0.3770.80-lp151.2.6 is installed
  • OR chromium-75.0.3770.80-lp151.2.6 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 NonFree is installed
  • AND opera-67.0.3575.97-lp151.2.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libldb1-3.6.3-64 is installed
  • OR libldb1-32bit-3.6.3-64 is installed
  • OR libsmbclient0-3.6.3-64 is installed
  • OR libsmbclient0-32bit-3.6.3-64 is installed
  • OR libtalloc2-3.6.3-64 is installed
  • OR libtalloc2-32bit-3.6.3-64 is installed
  • OR libtdb1-3.6.3-64 is installed
  • OR libtdb1-32bit-3.6.3-64 is installed
  • OR libtevent0-3.6.3-64 is installed
  • OR libtevent0-32bit-3.6.3-64 is installed
  • OR libwbclient0-3.6.3-64 is installed
  • OR libwbclient0-32bit-3.6.3-64 is installed
  • OR samba-3.6.3-64 is installed
  • OR samba-32bit-3.6.3-64 is installed
  • OR samba-client-3.6.3-64 is installed
  • OR samba-client-32bit-3.6.3-64 is installed
  • OR samba-doc-3.6.3-64 is installed
  • OR samba-krb-printing-3.6.3-64 is installed
  • OR samba-winbind-3.6.3-64 is installed
  • OR samba-winbind-32bit-3.6.3-64 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • flash-player-11.2.202.548-0.26 is installed
  • OR flash-player-gnome-11.2.202.548-0.26 is installed
  • OR flash-player-kde4-11.2.202.548-0.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_110-default-6-2 is installed
  • OR kgraft-patch-3_12_74-60_64_110-xen-6-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_33-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • eog-3.20.4-7 is installed
  • OR eog-lang-3.20.4-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND ucode-intel-20180807-13.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_50-default-12-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_15-12-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_53-default-12-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_16-12-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • accountsservice-0.6.42-14 is installed
  • OR accountsservice-lang-0.6.42-14 is installed
  • OR libaccountsservice0-0.6.42-14 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • python-PyYAML-5.3.1-28.6.1 is installed
  • OR python3-PyYAML-5.3.1-28.6.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libdcerpc0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libdcerpc0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-krb5pac0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-nbt0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-standard0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr-standard0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libndr0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libnetapi0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libnetapi0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-credentials0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-errors0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-hostconfig0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-passdb0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-util0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamba-util0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamdb0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsamdb0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbclient0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbclient0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbconf0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbconf0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbldap0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libsmbldap0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libtevent-util0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libtevent-util0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libwbclient0-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR libwbclient0-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-client-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-client-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-doc-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-libs-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-libs-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-winbind-4.6.16+git.174.c2fd2e28c84-3.49 is installed
  • OR samba-winbind-32bit-4.6.16+git.174.c2fd2e28c84-3.49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • apache2-2.4.23-29.43 is installed
  • OR apache2-doc-2.4.23-29.43 is installed
  • OR apache2-example-pages-2.4.23-29.43 is installed
  • OR apache2-prefork-2.4.23-29.43 is installed
  • OR apache2-utils-2.4.23-29.43 is installed
  • OR apache2-worker-2.4.23-29.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libseccomp-2.4.1-11.3 is installed
  • OR libseccomp2-2.4.1-11.3 is installed
  • OR libseccomp2-32bit-2.4.1-11.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-Django-1.11.11-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • BACK