Oval Definition:	oval:org.opensuse.security:def:58217
Revision Date: 2020-12-01 Version: 1 Title: Security update for rubygem-loofah (Moderate) Description: This update for rubygem-loofah fixes the following issues: Security issues fixed: - CVE-2018-16468: Fixed XXS by removing the svg animate attribute `from` from the allowlist (bsc#1113969). - CVE-2018-8048: Fixed XSS vulnerability due to unescaped characters by libcxml2 (bsc#1085967). Family: unix Class: patch Status: Reference(s): 1012964 1025506 1027038 1051684 1051685 1053259 1057460 1076390 1082810 1085018 1085967 1087082 1087083 1096141 1097356 1100078 1100147 1106923 1108835 1109252 1110445 1111278 1112024 1113083 1113632 1113665 1113969 1113975 1117951 1127080 1145559 1154212 1157471 1158442 1172798 1172846 1173027 1173455 1173972 1174753 1174817 1175168 929900 955131 966304 CVE-2016-2183 CVE-2016-9079 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 CVE-2018-15686 CVE-2018-15688 CVE-2018-16468 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2657 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-3639 CVE-2018-3640 CVE-2018-5848 CVE-2018-8048 CVE-2019-11500 CVE-2019-1559 CVE-2019-17631 CVE-2019-19191 CVE-2019-2933 CVE-2019-2945 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2996 CVE-2019-2999 CVE-2020-13844 CVE-2020-15049 CVE-2020-8177 SUSE-SU-2016:3048-1 SUSE-SU-2017:0839-1 SUSE-SU-2017:2356-1 SUSE-SU-2018:0694-1 SUSE-SU-2018:1935-2 SUSE-SU-2019:0394-1 SUSE-SU-2019:0803-1 SUSE-SU-2019:2454-1 SUSE-SU-2020:0024-1 SUSE-SU-2020:0115-1 SUSE-SU-2020:1732-1 SUSE-SU-2020:1946-1 SUSE-SU-2020:3263-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND sysvinit-tools-2.88+-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information MozillaFirefox-60.7.2-lp151.2.7 is installed OR MozillaFirefox-branding-upstream-60.7.2-lp151.2.7 is installed OR MozillaFirefox-buildsymbols-60.7.2-lp151.2.7 is installed OR MozillaFirefox-devel-60.7.2-lp151.2.7 is installed OR MozillaFirefox-translations-common-60.7.2-lp151.2.7 is installed OR MozillaFirefox-translations-other-60.7.2-lp151.2.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information MozillaFirefox-45.5.1esr-93 is installed OR MozillaFirefox-translations-45.5.1esr-93 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20180703-13.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND kbd-1.15.5-8.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND permissions-2015.09.28.1626-17.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_64-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_20-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libprocps3-3.3.9-11.18 is installed OR procps-3.3.9-11.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND ipsec-tools-0.8.0-19.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information ruby2.1-rubygem-loofah-2.0.2-3.5 is installed OR rubygem-loofah-2.0.2-3.5 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information ardana-monasca-8.0+git.1535031421.9262a47-3.12 is installed OR ardana-spark-8.0+git.1534267176.a5f3a22-3.6 is installed OR kafka-0.10.2.2-5.6 is installed OR openstack-monasca-api-2.2.1~dev24-3.6 is installed OR python-monasca-api-2.2.1~dev24-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.1-11.30 is installed
BACK