Oval Definition:	oval:org.opensuse.security:def:5792
Revision Date: 2021-08-05 Version: 1 Title: Security update for apache-commons-compress (Important) Description: This update for apache-commons-compress fixes the following issues: - Updated to 1.21 - CVE-2021-35515: Fixed an infinite loop when reading a specially crafted 7Z archive. (bsc#1188463) - CVE-2021-35516: Fixed an excessive memory allocation when reading a specially crafted 7Z archive. (bsc#1188464) - CVE-2021-35517: Fixed an excessive memory allocation when reading a specially crafted TAR archive. (bsc#1188465) - CVE-2021-36090: Fixed an excessive memory allocation when reading a specially crafted ZIP archive. (bsc#1188466) Family: unix Class: patch Status: Reference(s): 1188463 1188464 1188465 1188466 CVE-2004-0801 CVE-2008-3825 CVE-2008-4546 CVE-2009-0793 CVE-2009-0799 CVE-2009-0800 CVE-2009-0901 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 CVE-2009-1384 CVE-2009-1862 CVE-2009-1863 CVE-2009-1864 CVE-2009-1865 CVE-2009-1866 CVE-2009-1867 CVE-2009-1868 CVE-2009-1869 CVE-2009-1870 CVE-2009-2395 CVE-2009-2493 CVE-2009-3607 CVE-2009-3608 CVE-2009-3793 CVE-2009-3794 CVE-2009-3796 CVE-2009-3797 CVE-2009-3798 CVE-2009-3799 CVE-2009-3800 CVE-2009-3951 CVE-2010-0186 CVE-2010-0187 CVE-2010-0209 CVE-2010-0624 CVE-2010-1297 CVE-2010-2160 CVE-2010-2161 CVE-2010-2162 CVE-2010-2163 CVE-2010-2164 CVE-2010-2165 CVE-2010-2166 CVE-2010-2167 CVE-2010-2169 CVE-2010-2170 CVE-2010-2171 CVE-2010-2172 CVE-2010-2173 CVE-2010-2174 CVE-2010-2175 CVE-2010-2176 CVE-2010-2177 CVE-2010-2178 CVE-2010-2179 CVE-2010-2180 CVE-2010-2181 CVE-2010-2182 CVE-2010-2183 CVE-2010-2184 CVE-2010-2185 CVE-2010-2186 CVE-2010-2187 CVE-2010-2188 CVE-2010-2189 CVE-2010-2213 CVE-2010-2214 CVE-2010-2216 CVE-2010-2884 CVE-2010-3654 CVE-2010-4267 CVE-2011-0558 CVE-2011-0559 CVE-2011-0560 CVE-2011-0561 CVE-2011-0571 CVE-2011-0572 CVE-2011-0573 CVE-2011-0574 CVE-2011-0575 CVE-2011-0577 CVE-2011-0578 CVE-2011-0589 CVE-2011-0607 CVE-2011-0608 CVE-2011-0609 CVE-2011-0611 CVE-2011-0618 CVE-2011-0619 CVE-2011-0620 CVE-2011-0621 CVE-2011-0622 CVE-2011-0623 CVE-2011-0624 CVE-2011-0625 CVE-2011-0626 CVE-2011-0627 CVE-2011-1946 CVE-2011-2107 CVE-2011-2110 CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 CVE-2011-2445 CVE-2011-2450 CVE-2011-2451 CVE-2011-2452 CVE-2011-2453 CVE-2011-2454 CVE-2011-2455 CVE-2011-2456 CVE-2011-2457 CVE-2011-2458 CVE-2011-2459 CVE-2011-2460 CVE-2011-2697 CVE-2011-2722 CVE-2011-3630 CVE-2011-3631 CVE-2011-3632 CVE-2012-0751 CVE-2012-0752 CVE-2012-0753 CVE-2012-0754 CVE-2012-0755 CVE-2012-0756 CVE-2012-0767 CVE-2012-0768 CVE-2012-0769 CVE-2012-0773 CVE-2012-0779 CVE-2012-1174 CVE-2012-1535 CVE-2012-2034 CVE-2012-2035 CVE-2012-2036 CVE-2012-2037 CVE-2012-2038 CVE-2012-2039 CVE-2012-2040 CVE-2012-5112 CVE-2012-5133 CVE-2012-5248 CVE-2012-5249 CVE-2012-5250 CVE-2012-5251 CVE-2012-5252 CVE-2012-5253 CVE-2012-5254 CVE-2012-5255 CVE-2012-5256 CVE-2012-5257 CVE-2012-5258 CVE-2012-5259 CVE-2012-5260 CVE-2012-5261 CVE-2012-5262 CVE-2012-5263 CVE-2012-5264 CVE-2012-5265 CVE-2012-5266 CVE-2012-5267 CVE-2012-5268 CVE-2012-5269 CVE-2012-5270 CVE-2012-5271 CVE-2012-5272 CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 CVE-2013-0240 CVE-2013-0504 CVE-2013-0630 CVE-2013-0633 CVE-2013-0634 CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0643 CVE-2013-0644 CVE-2013-0645 CVE-2013-0646 CVE-2013-0647 CVE-2013-0648 CVE-2013-0649 CVE-2013-0650 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1371 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 CVE-2013-1375 CVE-2013-1378 CVE-2013-1379 CVE-2013-1380 CVE-2013-1788 CVE-2013-1789 CVE-2013-1790 CVE-2013-1799 CVE-2013-2555 CVE-2013-2728 CVE-2013-3324 CVE-2013-3325 CVE-2013-3326 CVE-2013-3327 CVE-2013-3328 CVE-2013-3329 CVE-2013-3330 CVE-2013-3331 CVE-2013-3332 CVE-2013-3333 CVE-2013-3334 CVE-2013-3335 CVE-2013-3343 CVE-2013-3344 CVE-2013-3345 CVE-2013-3347 CVE-2013-3361 CVE-2013-3362 CVE-2013-3363 CVE-2013-4276 CVE-2013-4288 CVE-2013-4325 CVE-2013-4473 CVE-2013-4474 CVE-2013-5324 CVE-2013-5329 CVE-2013-5330 CVE-2013-5331 CVE-2013-5332 CVE-2013-6402 CVE-2013-6427 CVE-2014-0467 CVE-2014-0491 CVE-2014-0492 CVE-2014-0497 CVE-2014-0498 CVE-2014-0499 CVE-2014-0502 CVE-2014-0503 CVE-2014-0506 CVE-2014-0507 CVE-2014-0508 CVE-2014-0509 CVE-2014-0515 CVE-2014-0516 CVE-2014-0517 CVE-2014-0518 CVE-2014-0519 CVE-2014-0520 CVE-2014-0531 CVE-2014-0532 CVE-2014-0533 CVE-2014-0534 CVE-2014-0535 CVE-2014-0536 CVE-2014-0537 CVE-2014-0538 CVE-2014-0539 CVE-2014-0540 CVE-2014-0541 CVE-2014-0542 CVE-2014-0543 CVE-2014-0544 CVE-2014-0545 CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 CVE-2014-1344 CVE-2014-1384 CVE-2014-1385 CVE-2014-1386 CVE-2014-1387 CVE-2014-1388 CVE-2014-1389 CVE-2014-1390 CVE-2014-4671 CVE-2014-9116 CVE-2015-2330 CVE-2015-3451 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-8025 CVE-2016-10156 CVE-2016-7795 CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090 Platform(s): openSUSE 13.1 openSUSE 13.2 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-PyYAML-3.10-15.1 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 is installed AND kernel-zfcpdump-3.12.38-44 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND Package Information libreoffice-5.1.3.2-22 is installed OR libreoffice-sdk-5.1.3.2-22 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND kernel-zfcpdump-4.4.21-90 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information flash-player-11.2.202.406-1 is installed OR flash-player-gnome-11.2.202.406-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND libwebkit2gtk-3_0-25-2.4.8-16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gnome-online-accounts-3.20.5-9 is installed OR gnome-online-accounts-lang-3.20.5-9 is installed OR libgoa-1_0-0-3.20.5-9 is installed OR libgoa-1_0-0-32bit-3.20.5-9 is installed OR libgoa-backend-1_0-1-3.20.5-9 is installed OR typelib-1_0-Goa-1_0-3.20.5-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.85 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.85 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 SP1 is installed AND sudo-1.8.10p3-2.19.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-28.3 is installed OR samba-4.2.4-28.3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND ctdb-4.6.5+git.27.6afd48b1083-2 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND fence-agents-4.4.0+git.1558595666.5f79f9e9-3.8 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_43-52_6-default-1-2 is installed OR kgraft-patch-3_12_43-52_6-xen-1-2 is installed OR kgraft-patch-SLE12_Update_5-1-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed Definition Synopsis SUSE Linux Enterprise Server 11 is installed AND Package Information libxml2-2.7.1-10.11.1 is installed OR libxml2-32bit-2.7.1-10.11.1 is installed OR libxml2-doc-2.7.1-10.11.1 is installed OR libxml2-x86-2.7.1-10.11.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND clamav-0.97.8-0.2.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2-LTSS is installed AND clamav-0.97.8-0.2.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND clamav-0.97.8-0.2.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND bind-9.9.4P2-0.6.1 is installed OR bind-chrootenv-9.9.4P2-0.6.1 is installed OR bind-doc-9.9.4P2-0.6.1 is installed OR bind-libs-9.9.4P2-0.6.1 is installed OR bind-libs-32bit-9.9.4P2-0.6.1 is installed OR bind-libs-x86-9.9.4P2-0.6.1 is installed OR bind-utils-9.9.4P2-0.6.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND bind-9.9.4P2-0.6.1 is installed OR bind-chrootenv-9.9.4P2-0.6.1 is installed OR bind-doc-9.9.4P2-0.6.1 is installed OR bind-libs-9.9.4P2-0.6.1 is installed OR bind-libs-32bit-9.9.4P2-0.6.1 is installed OR bind-libs-x86-9.9.4P2-0.6.1 is installed OR bind-utils-9.9.4P2-0.6.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND acpid-1.0.6-91.25.20 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND LibVNCServer-0.9.1-154.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information emacs-24.3-14 is installed OR emacs-el-24.3-14 is installed OR emacs-info-24.3-14 is installed OR emacs-nox-24.3-14 is installed OR emacs-x11-24.3-14 is installed OR etags-24.3-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libopenssl1_1-1.1.1-1 is installed OR libopenssl1_1-32bit-1.1.1-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information libmysqlclient-devel-10.0.30-20.26.1 is installed OR libmysqlclient18-10.0.30-20.26.1 is installed OR libmysqlclient18-32bit-10.0.30-20.26.1 is installed OR libmysqlclient_r18-10.0.30-20.26.1 is installed OR libmysqld-devel-10.0.30-20.26.1 is installed OR libmysqld18-10.0.30-20.26.1 is installed OR mariadb-10.0.30-20.26.1 is installed OR mariadb-client-10.0.30-20.26.1 is installed OR mariadb-errormessages-10.0.30-20.26.1 is installed OR mariadb-tools-10.0.30-20.26.1 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND Package Information qemu-2.3.1-33.23 is installed OR qemu-block-curl-2.3.1-33.23 is installed OR qemu-block-rbd-2.3.1-33.23 is installed OR qemu-guest-agent-2.3.1-33.23 is installed OR qemu-ipxe-1.0.0-33.23 is installed OR qemu-kvm-2.3.1-33.23 is installed OR qemu-lang-2.3.1-33.23 is installed OR qemu-seabios-1.8.1-33.23 is installed OR qemu-sgabios-8-33.23 is installed OR qemu-tools-2.3.1-33.23 is installed OR qemu-vgabios-1.8.1-33.23 is installed OR qemu-x86-2.3.1-33.23 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information MozillaFirefox-devel-24.6.0esr-0.8.1 is installed OR mozilla-nspr-devel-4.10.6-0.3.1 is installed OR mozilla-nss-devel-3.16.1-0.8.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND NetworkManager-devel-0.7.1_git20090811-3.28.2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND MozillaFirefox-devel-31.1.0esr-1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND bind-devel-9.9.6P1-30 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND accountsservice-devel-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND libusbmuxd-devel-1.0.10-2 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-5 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information colord-1.1.7-5 is installed OR colord-lang-1.1.7-5 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information NetworkManager-1.0.12-8 is installed OR NetworkManager-lang-1.0.12-8 is installed OR typelib-1_0-NM-1_0-1.0.12-8 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND argyllcms-1.6.3-3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.85 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85 is installed
BACK