Oval Definition:oval:org.opensuse.security:def:58204
Revision Date:2020-12-01Version:1
Title:Security update for clamav (Moderate)
Description:

This update for clamav fixes the following issues:

Security issue fixed:

- CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504). - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458).

Non-security issues fixed:

- Added the --max-scantime clamscan option and MaxScanTime clamd configuration option (bsc#1144504). - Increased the startup timeout of clamd to 5 minutes to cater for the grown virus database as a workaround until clamd has learned to talk to systemd to extend the timeout as long as needed (bsc#1151839).
Family:unixClass:patch
Status:Reference(s):1007188
1022805
1029638
1029639
1029706
1029707
1029751
1042948
1049373
1051412
1052252
1052771
1058082
1072902
1074122
1074425
1074610
1092885
1101644
1101645
1101651
1101656
1102682
1103098
1107832
1110233
1112039
1112142
1112143
1112144
1112146
1112147
1112152
1112153
1117080
1125330
1127987
1129821
1130262
1144504
1149458
1151839
1154434
1160968
1162002
1164140
1169511
1170383
1171189
1171191
1171220
1171352
1171732
1171823
1171988
1172049
1172277
1172402
1172450
1172453
1172458
1172775
1172781
1172782
1172783
1172999
1173413
1173416
1173418
1174115
1174462
1174543
1174583
1175484
913058
965582
CVE-2016-0775
CVE-2016-2399
CVE-2016-6321
CVE-2017-1000445
CVE-2017-1000476
CVE-2017-11449
CVE-2017-11751
CVE-2017-12430
CVE-2017-12642
CVE-2017-14249
CVE-2017-17680
CVE-2017-17882
CVE-2017-6435
CVE-2017-6436
CVE-2017-6437
CVE-2017-6438
CVE-2017-6439
CVE-2017-9409
CVE-2018-13785
CVE-2018-14633
CVE-2018-16435
CVE-2018-17182
CVE-2018-17954
CVE-2018-18335
CVE-2018-18356
CVE-2018-18386
CVE-2018-18506
CVE-2018-18623
CVE-2018-18624
CVE-2018-18625
CVE-2018-2938
CVE-2018-2940
CVE-2018-2952
CVE-2018-2973
CVE-2018-3136
CVE-2018-3139
CVE-2018-3149
CVE-2018-3169
CVE-2018-3180
CVE-2018-3214
CVE-2018-3639
CVE-2018-3639
CVE-2018-5390
CVE-2018-5391
CVE-2019-12625
CVE-2019-12900
CVE-2019-15043
CVE-2019-20810
CVE-2019-20812
CVE-2019-2949
CVE-2019-5785
CVE-2019-9788
CVE-2019-9790
CVE-2019-9791
CVE-2019-9792
CVE-2019-9793
CVE-2019-9794
CVE-2019-9795
CVE-2019-9796
CVE-2019-9801
CVE-2019-9810
CVE-2019-9813
CVE-2020-0305
CVE-2020-10135
CVE-2020-10177
CVE-2020-10378
CVE-2020-10711
CVE-2020-10732
CVE-2020-10744
CVE-2020-10751
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10773
CVE-2020-10994
CVE-2020-11110
CVE-2020-12052
CVE-2020-12405
CVE-2020-12406
CVE-2020-12410
CVE-2020-12771
CVE-2020-13379
CVE-2020-13974
CVE-2020-14416
CVE-2020-1733
CVE-2020-17376
CVE-2020-2654
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
SUSE-SU-2016:2896-1
SUSE-SU-2017:0610-1
SUSE-SU-2017:2201-1
SUSE-SU-2018:0055-1
SUSE-SU-2018:1614-2
SUSE-SU-2019:0049-1
SUSE-SU-2019:0852-1
SUSE-SU-2019:2230-1
SUSE-SU-2019:3066-1
SUSE-SU-2020:1563-1
SUSE-SU-2020:1685-1
SUSE-SU-2020:2134-1
SUSE-SU-2020:2911-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND rpcbind-0.2.3-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exim-4.88-lp151.4.3 is installed
  • OR eximon-4.88-lp151.4.3 is installed
  • OR eximstats-html-4.88-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • tar-1.27.1-11 is installed
  • OR tar-lang-1.27.1-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libvirt-2.0.0-27.42 is installed
  • OR libvirt-client-2.0.0-27.42 is installed
  • OR libvirt-daemon-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.42 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-xen-2.0.0-27.42 is installed
  • OR libvirt-doc-2.0.0-27.42 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.42 is installed
  • OR libvirt-nss-2.0.0-27.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_67-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_19-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_117-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_31-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND gzip-1.6-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libvirglrenderer0-0.5.0-12.3 is installed
  • OR virglrenderer-0.5.0-12.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.14 is installed
  • OR libssh2-1-32bit-1.4.3-20.14 is installed
  • OR libssh2_org-1.4.3-20.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • ibus-1.5.13-15.11 is installed
  • OR ibus-gtk-1.5.13-15.11 is installed
  • OR ibus-gtk3-1.5.13-15.11 is installed
  • OR ibus-lang-1.5.13-15.11 is installed
  • OR libibus-1_0-5-1.5.13-15.11 is installed
  • OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.11 is installed
  • OR libvncclient0-0.9.9-17.11 is installed
  • OR libvncserver0-0.9.9-17.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • gstreamer-plugins-bad-1.8.3-17 is installed
  • OR gstreamer-plugins-bad-lang-1.8.3-17 is installed
  • OR libgstadaptivedemux-1_0-0-1.8.3-17 is installed
  • OR libgstbadaudio-1_0-0-1.8.3-17 is installed
  • OR libgstbadbase-1_0-0-1.8.3-17 is installed
  • OR libgstbadvideo-1_0-0-1.8.3-17 is installed
  • OR libgstbasecamerabinsrc-1_0-0-1.8.3-17 is installed
  • OR libgstcodecparsers-1_0-0-1.8.3-17 is installed
  • OR libgstgl-1_0-0-1.8.3-17 is installed
  • OR libgstmpegts-1_0-0-1.8.3-17 is installed
  • OR libgstphotography-1_0-0-1.8.3-17 is installed
  • OR libgsturidownloader-1_0-0-1.8.3-17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND clamav-0.100.3-33.26 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • pdns-4.1.2-3.3 is installed
  • OR pdns-backend-mysql-4.1.2-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-Django-1.11.11-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • libfreebl3-3.53.1-58.48 is installed
  • OR libfreebl3-32bit-3.53.1-58.48 is installed
  • OR libfreebl3-hmac-3.53.1-58.48 is installed
  • OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed
  • OR libsoftokn3-3.53.1-58.48 is installed
  • OR libsoftokn3-32bit-3.53.1-58.48 is installed
  • OR libsoftokn3-hmac-3.53.1-58.48 is installed
  • OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed
  • OR mozilla-nspr-4.25-19.15 is installed
  • OR mozilla-nspr-32bit-4.25-19.15 is installed
  • OR mozilla-nspr-devel-4.25-19.15 is installed
  • OR mozilla-nss-3.53.1-58.48 is installed
  • OR mozilla-nss-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-certs-3.53.1-58.48 is installed
  • OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-devel-3.53.1-58.48 is installed
  • OR mozilla-nss-sysinit-3.53.1-58.48 is installed
  • OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-tools-3.53.1-58.48 is installed
    • BACK