OVAL Reference oval:org.opensuse.security:def:57558

Oval Definition:

oval:org.opensuse.security:def:57558

Revision Date:	2021-03-01	Version:	1
Title:	Security update for perl-XML-Twig (Moderate)
Description:	This update for perl-XML-Twig fixes the following issues: - Security fix [bsc#1008644, CVE-2016-9180] * Added: the no_xxe option to XML::Twig::new, which causes the parse to fail if external entities are used (to prevent malicious XML to access the filesystem). * Setting expand_external_ents to 0 or -1 currently doesn't work as expected; To completely turn off expanding external entities use no_xxe. * Update documentation for XML::Twig to mention problems with expand_external_ents and add information about new no_xxe argument
Family:	unix	Class:	patch
Status:		Reference(s):	1008644 1012964 1052604 1052829 1073230 1076017 1082318 1083125 1083488 1085114 1085447 1090368 1090646 1090869 1122839 1128828 1131239 1131241 1142614 1151021 1154862 1155419 1160471 1170441 916835 947003 CVE-2010-2242 CVE-2011-1146 CVE-2011-2511 CVE-2011-4600 CVE-2012-3445 CVE-2013-0170 CVE-2013-1962 CVE-2013-2063 CVE-2013-2218 CVE-2013-2230 CVE-2013-4153 CVE-2013-4154 CVE-2013-4239 CVE-2013-4245 CVE-2013-4296 CVE-2013-4297 CVE-2013-4311 CVE-2013-4399 CVE-2013-4400 CVE-2013-4401 CVE-2013-6436 CVE-2013-6457 CVE-2013-6458 CVE-2014-0028 CVE-2014-0179 CVE-2014-1447 CVE-2014-3540 CVE-2014-3633 CVE-2014-3657 CVE-2014-7823 CVE-2014-8136 CVE-2015-0236 CVE-2015-3294 CVE-2015-4500 CVE-2015-4501 CVE-2015-4506 CVE-2015-4509 CVE-2015-4511 CVE-2015-4517 CVE-2015-4519 CVE-2015-4520 CVE-2015-4521 CVE-2015-4522 CVE-2015-5247 CVE-2015-5313 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 CVE-2016-9079 CVE-2016-9180 CVE-2017-12440 CVE-2017-13166 CVE-2017-7753 CVE-2017-7779 CVE-2017-7782 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2018-1000004 CVE-2018-1068 CVE-2018-1087 CVE-2018-17199 CVE-2018-7566 CVE-2018-8781 CVE-2018-8897 CVE-2019-0217 CVE-2019-0220 CVE-2019-14835 CVE-2019-15681 CVE-2019-15690 CVE-2019-17498 CVE-2019-20788 CVE-2019-9893 SUSE-SU-2015:1703-1 SUSE-SU-2015:2172-1 SUSE-SU-2016:3048-1 SUSE-SU-2017:2589-1 SUSE-SU-2017:2627-1 SUSE-SU-2018:1021-1 SUSE-SU-2018:1545-1 SUSE-SU-2019:0888-1 SUSE-SU-2019:2936-1 SUSE-SU-2019:2941-1 SUSE-SU-2020:1165-1 SUSE-SU-2020:2173-2
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libFLAC++6-1.3.2-lp150.1 is installed OR libFLAC8-1.3.2-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libzstd-devel-1.4.2-lp151.3.3 is installed OR libzstd-devel-static-1.4.2-lp151.3.3 is installed OR libzstd1-1.4.2-lp151.3.3 is installed OR libzstd1-32bit-1.4.2-lp151.3.3 is installed OR zstd-1.4.2-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-38.3.0esr-22 is installed OR MozillaFirefox-translations-38.3.0esr-22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information apache2-2.4.16-20.24 is installed OR apache2-doc-2.4.16-20.24 is installed OR apache2-example-pages-2.4.16-20.24 is installed OR apache2-prefork-2.4.16-20.24 is installed OR apache2-utils-2.4.16-20.24 is installed OR apache2-worker-2.4.16-20.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.30 is installed OR openssh-askpass-gnome-7.2p2-74.30 is installed OR openssh-fips-7.2p2-74.30 is installed OR openssh-helpers-7.2p2-74.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180425-13.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_38-default-9-2 is installed OR kgraft-patch-SLE12-SP2_Update_13-9-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND clamav-0.99.2-32 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND perl-XML-Twig-3.44-5.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information LibVNCServer-0.9.9-17.11 is installed OR libvncclient0-0.9.9-17.11 is installed OR libvncserver0-0.9.9-17.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information file-5.22-10.6 is installed OR file-magic-5.22-10.6 is installed OR libmagic1-5.22-10.6 is installed OR libmagic1-32bit-5.22-10.6 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information openstack-aodh-3.0.4~a0~dev1-2.3 is installed OR openstack-aodh-api-3.0.4~a0~dev1-2.3 is installed OR openstack-aodh-doc-3.0.4~a0~dev1-2.3 is installed OR openstack-aodh-evaluator-3.0.4~a0~dev1-2.3 is installed OR openstack-aodh-expirer-3.0.4~a0~dev1-2.3 is installed OR openstack-aodh-listener-3.0.4~a0~dev1-2.3 is installed OR openstack-aodh-notifier-3.0.4~a0~dev1-2.3 is installed OR python-aodh-3.0.4~a0~dev1-2.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND ucode-intel-20191112a-13.56 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmariadb3-3.0.3-3.3 is installed OR mariadb-10.2.15-4.3 is installed OR mariadb-client-10.2.15-4.3 is installed OR mariadb-connector-c-3.0.3-3.3 is installed OR mariadb-errormessages-10.2.15-4.3 is installed OR mariadb-galera-10.2.15-4.3 is installed OR mariadb-tools-10.2.15-4.3 is installed OR xtrabackup-2.4.10-4.3 is installed

BACK