OVAL Reference oval:org.opensuse.security:def:58266

Oval Definition:

oval:org.opensuse.security:def:58266

Revision Date:	2020-12-01	Version:	1
Title:	Security update for squid (Important)
Description:	This update for squid fixes the following issues: - CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (bsc#1169659). - CVE-2020-11945: fixes a potential remote execution vulnerability when using HTTP Digest Authentication (bsc#1170313). - CVE-2019-12520, CVE-2019-12524: fixes a potential ACL bypass, cache-bypass and cross-site scripting attack when processing invalid HTTP Request messages (bsc#1170423).
Family:	unix	Class:	patch
Status:		Reference(s):	1019016 1038231 1042910 1046607 1053352 1059554 1065237 1086774 1086775 1086813 1086814 1086817 1086820 1090671 1099658 1106284 1106383 1110785 1113769 1118595 1118596 1119183 1120843 1120885 1121816 1121821 1128829 1128963 1131543 1131565 1131709 1132374 1132472 1133495 1134537 1134596 1134848 1135281 1135603 1136424 1136446 1136586 1136935 1137586 1139459 1151377 1151506 1153108 1154043 1154609 1155574 1156321 1156331 1156482 1157770 1159814 1160398 1162108 1167231 1167976 1169511 1169659 1170313 1170423 1173576 1173613 1173986 1174420 1176756 1178512 977410 CVE-2016-1000031 CVE-2017-12617 CVE-2017-15710 CVE-2017-15715 CVE-2017-5664 CVE-2017-7494 CVE-2017-7526 CVE-2017-7674 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-15518 CVE-2018-17972 CVE-2018-19873 CVE-2018-20856 CVE-2018-7191 CVE-2019-10220 CVE-2019-11190 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12524 CVE-2019-13272 CVE-2019-18197 CVE-2019-3846 CVE-2019-5489 CVE-2019-6109 CVE-2019-6111 CVE-2020-11945 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-1712 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-28196 CVE-2020-2830 SUSE-SU-2017:1392-1 SUSE-SU-2017:1794-1 SUSE-SU-2017:3039-1 SUSE-SU-2018:1161-1 SUSE-SU-2018:4183-1 SUSE-SU-2020:0331-1 SUSE-SU-2020:0920-2 SUSE-SU-2020:1227-1 SUSE-SU-2020:1686-1 SUSE-SU-2020:1899-1 SUSE-SU-2020:2759-1 SUSE-SU-2020:3379-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND chromium-66.0.3359.170-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.4 is installed OR kernel-debug-base-4.12.14-lp151.28.4 is installed OR kernel-debug-devel-4.12.14-lp151.28.4 is installed OR kernel-default-4.12.14-lp151.28.4 is installed OR kernel-default-base-4.12.14-lp151.28.4 is installed OR kernel-default-devel-4.12.14-lp151.28.4 is installed OR kernel-devel-4.12.14-lp151.28.4 is installed OR kernel-docs-4.12.14-lp151.28.4 is installed OR kernel-docs-html-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.4 is installed OR kernel-macros-4.12.14-lp151.28.4 is installed OR kernel-obs-build-4.12.14-lp151.28.4 is installed OR kernel-obs-qa-4.12.14-lp151.28.4 is installed OR kernel-source-4.12.14-lp151.28.4 is installed OR kernel-source-vanilla-4.12.14-lp151.28.4 is installed OR kernel-syms-4.12.14-lp151.28.4 is installed OR kernel-vanilla-4.12.14-lp151.28.4 is installed OR kernel-vanilla-base-4.12.14-lp151.28.4 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libgcrypt-1.6.1-16.42 is installed OR libgcrypt20-1.6.1-16.42 is installed OR libgcrypt20-32bit-1.6.1-16.42 is installed OR libgcrypt20-hmac-1.6.1-16.42 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libQt5Concurrent5-5.6.1-17.6 is installed OR libQt5Core5-5.6.1-17.6 is installed OR libQt5DBus5-5.6.1-17.6 is installed OR libQt5Gui5-5.6.1-17.6 is installed OR libQt5Network5-5.6.1-17.6 is installed OR libQt5OpenGL5-5.6.1-17.6 is installed OR libQt5PrintSupport5-5.6.1-17.6 is installed OR libQt5Sql5-5.6.1-17.6 is installed OR libQt5Sql5-mysql-5.6.1-17.6 is installed OR libQt5Sql5-postgresql-5.6.1-17.6 is installed OR libQt5Sql5-sqlite-5.6.1-17.6 is installed OR libQt5Sql5-unixODBC-5.6.1-17.6 is installed OR libQt5Test5-5.6.1-17.6 is installed OR libQt5Widgets5-5.6.1-17.6 is installed OR libQt5Xml5-5.6.1-17.6 is installed OR libqt5-qtbase-5.6.1-17.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information jakarta-commons-fileupload-1.1.1-122.3 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-122.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information apache2-2.4.23-29.18 is installed OR apache2-doc-2.4.23-29.18 is installed OR apache2-example-pages-2.4.23-29.18 is installed OR apache2-prefork-2.4.23-29.18 is installed OR apache2-utils-2.4.23-29.18 is installed OR apache2-worker-2.4.23-29.18 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_jk-1.2.40-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information perl-5.18.2-12.23 is installed OR perl-32bit-5.18.2-12.23 is installed OR perl-base-5.18.2-12.23 is installed OR perl-doc-5.18.2-12.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND libcares2-1.9.1-9.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND libass5-0.10.2-3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND squid-3.5.21-26.23 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND binutils-2.32-9.33 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-rack-1.6.11-3.3 is installed OR rubygem-rack-1.6.11-3.3 is installed

BACK