Oval Definition:	oval:org.opensuse.security:def:57562
Revision Date: 2021-03-03 Version: 1 Title: Security update for openldap2 (Important) Description: This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. Family: unix Class: patch Status: Reference(s): 1000106 1003030 1003032 1004981 1005004 1005005 1007157 1007941 1009100 1009103 1009104 1009105 1009107 1009108 1009109 1009111 1011652 1042419 1044084 1050707 1058565 1058622 1058624 1066198 1068032 1073230 1075975 1076017 1083488 1084878 1085114 1085447 1092497 1106913 1117665 1119687 1131576 1135966 1135967 1137865 1139550 1140671 1141054 1144338 1144903 1145477 1146285 1146361 1146378 1146391 1146413 1146425 1146512 1146514 1146516 1146519 1146584 1147122 1148394 1148938 1149376 1149522 1149527 1149555 1149612 1149849 1150025 1150112 1150223 1150452 1150457 1150465 1150466 1151021 1151347 1151350 1152685 1152782 1152788 1153158 1154372 1155671 1155898 1156187 1156275 1170603 1182279 1182408 1182411 1182412 1182413 1182415 1182416 1182417 1182418 1182419 1182420 937752 940191 946204 CVE-2008-5519 CVE-2009-3894 CVE-2013-1991 CVE-2013-2000 CVE-2013-2064 CVE-2014-8111 CVE-2015-5122 CVE-2015-5123 CVE-2015-7236 CVE-2016-10906 CVE-2016-7777 CVE-2016-7908 CVE-2016-7909 CVE-2016-8667 CVE-2016-8669 CVE-2016-8910 CVE-2016-9377 CVE-2016-9378 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9384 CVE-2016-9385 CVE-2016-9386 CVE-2016-9637 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-13166 CVE-2017-16239 CVE-2017-18509 CVE-2017-18595 CVE-2018-0486 CVE-2018-1000004 CVE-2018-1068 CVE-2018-12207 CVE-2018-20346 CVE-2018-20506 CVE-2018-20976 CVE-2018-7566 CVE-2019-0154 CVE-2019-0155 CVE-2019-10220 CVE-2019-11135 CVE-2019-13272 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14821 CVE-2019-14835 CVE-2019-14869 CVE-2019-15098 CVE-2019-15211 CVE-2019-15212 CVE-2019-15214 CVE-2019-15215 CVE-2019-15216 CVE-2019-15217 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15290 CVE-2019-15291 CVE-2019-15505 CVE-2019-15666 CVE-2019-15807 CVE-2019-15902 CVE-2019-15924 CVE-2019-15926 CVE-2019-15927 CVE-2019-16231 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16413 CVE-2019-16995 CVE-2019-17055 CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2019-18680 CVE-2019-18805 CVE-2019-9456 CVE-2019-9506 CVE-2020-12268 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2021-27212 SUSE-SU-2015:1258-1 SUSE-SU-2015:1706-1 SUSE-SU-2016:3067-1 SUSE-SU-2017:2650-1 SUSE-SU-2017:3080-1 SUSE-SU-2018:0140-1 SUSE-SU-2018:1033-1 SUSE-SU-2019:0913-1 SUSE-SU-2019:2983-1 SUSE-SU-2019:2984-1 SUSE-SU-2020:1212-1 SUSE-SU-2021:0693-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libIlmImf-2_2-23-2.2.1-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-76.0.3809.100-lp151.2.20 is installed OR chromium-76.0.3809.100-lp151.2.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.491-0.11 is installed OR flash-player-gnome-11.2.202.491-0.11 is installed OR flash-player-kde4-11.2.202.491-0.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libsqlite3-0-3.8.10.2-9.3 is installed OR libsqlite3-0-32bit-3.8.10.2-9.3 is installed OR sqlite3-3.8.10.2-9.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_jk-1.2.40-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ghostscript-9.26-23.16 is installed OR ghostscript-x11-9.26-23.16 is installed OR libspectre-0.2.7-12.4 is installed OR libspectre1-0.2.7-12.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-9-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-9-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cpio-2.11-35 is installed OR cpio-lang-2.11-35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libldap-2_4-2-2.4.41-18.83.1 is installed OR libldap-2_4-2-32bit-2.4.41-18.83.1 is installed OR openldap2-2.4.41-18.83.1 is installed OR openldap2-back-meta-2.4.41-18.83.1 is installed OR openldap2-client-2.4.41-18.83.1 is installed OR openldap2-doc-2.4.41-18.83.1 is installed OR openldap2-ppolicy-check-password-1.2-18.83.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND apache2-mod_perl-2.0.8-13.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information fuse-2.9.3-6.3 is installed OR libfuse2-2.9.3-6.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openstack-nova-14.0.10~dev13-4.11 is installed OR openstack-nova-api-14.0.10~dev13-4.11 is installed OR openstack-nova-cells-14.0.10~dev13-4.11 is installed OR openstack-nova-cert-14.0.10~dev13-4.11 is installed OR openstack-nova-compute-14.0.10~dev13-4.11 is installed OR openstack-nova-conductor-14.0.10~dev13-4.11 is installed OR openstack-nova-console-14.0.10~dev13-4.11 is installed OR openstack-nova-consoleauth-14.0.10~dev13-4.11 is installed OR openstack-nova-doc-14.0.10~dev13-4.11 is installed OR openstack-nova-novncproxy-14.0.10~dev13-4.11 is installed OR openstack-nova-placement-api-14.0.10~dev13-4.11 is installed OR openstack-nova-scheduler-14.0.10~dev13-4.11 is installed OR openstack-nova-serialproxy-14.0.10~dev13-4.11 is installed OR openstack-nova-vncproxy-14.0.10~dev13-4.11 is installed OR python-nova-14.0.10~dev13-4.11 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed
BACK