Oval Definition:	oval:org.opensuse.security:def:58495
Revision Date: 2020-12-01 Version: 1 Title: Security update for xorg-x11-server (Important) Description: This update for xorg-x11-server provides the following fixes: - CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a stack overflow by clients. (bnc#1035283) - Make sure the type of all events to be sent by ProcXSendExtensionEvent are in the allowed range. - CVE-2017-10972: Initialize the xEvent eventT with zeros to avoid information leakage. Family: unix Class: patch Status: Reference(s): 1008253 1020868 1020873 1020875 1020877 1020878 1020882 1020884 1020885 1020891 1020894 1020896 1020950 1021616 1021627 1022428 1024232 1024244 1024749 1024992 1024993 1025505 1025507 1026723 1026725 1026922 1027108 1027376 1035283 1042812 1042826 1043289 1045460 1049072 1050469 1081556 1083125 1085447 1090023 1090024 1090025 1090026 1090027 1090028 1090029 1090030 1090032 1090033 1090368 1090646 1090869 1102682 1103203 1105323 1106191 1138872 1150003 1150250 1155321 1156318 1159329 1161719 1162002 1163809 1165528 1167976 1169658 1170383 1171189 1171191 1171220 1171732 1171988 1172049 1172453 1172458 1172775 1172781 1172782 1172783 1172906 1172935 1172999 1173197 1173274 1173986 1174115 1174420 1174462 1174543 1176756 CVE-2016-10163 CVE-2016-10214 CVE-2016-6664 CVE-2016-7586 CVE-2016-7589 CVE-2016-7592 CVE-2016-7599 CVE-2016-7623 CVE-2016-7632 CVE-2016-7635 CVE-2016-7639 CVE-2016-7641 CVE-2016-7645 CVE-2016-7652 CVE-2016-7654 CVE-2016-7656 CVE-2017-10971 CVE-2017-10972 CVE-2017-11403 CVE-2017-12133 CVE-2017-13166 CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2362 CVE-2017-2363 CVE-2017-2364 CVE-2017-2365 CVE-2017-2366 CVE-2017-2369 CVE-2017-2371 CVE-2017-2373 CVE-2017-2496 CVE-2017-2510 CVE-2017-2538 CVE-2017-2539 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3317 CVE-2017-3318 CVE-2017-5580 CVE-2017-5937 CVE-2017-5956 CVE-2017-5957 CVE-2017-5993 CVE-2017-5994 CVE-2017-6209 CVE-2017-6210 CVE-2017-6317 CVE-2017-6355 CVE-2017-6386 CVE-2017-7018 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7046 CVE-2017-7048 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 CVE-2017-7064 CVE-2017-9439 CVE-2017-9440 CVE-2017-9501 CVE-2018-1087 CVE-2018-10902 CVE-2018-10938 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-5390 CVE-2018-8781 CVE-2018-8897 CVE-2019-11708 CVE-2019-1547 CVE-2019-1563 CVE-2019-20810 CVE-2019-20812 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2020-0305 CVE-2020-10018 CVE-2020-10135 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10773 CVE-2020-11793 CVE-2020-12771 CVE-2020-13974 CVE-2020-14093 CVE-2020-14154 CVE-2020-14416 CVE-2020-14422 CVE-2020-14954 CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 SUSE-SU-2017:0412-1 SUSE-SU-2017:0798-1 SUSE-SU-2017:1860-1 SUSE-SU-2017:2199-1 SUSE-SU-2017:2933-1 SUSE-SU-2018:0655-1 SUSE-SU-2018:1516-1 SUSE-SU-2018:1692-2 SUSE-SU-2019:1684-1 SUSE-SU-2020:1135-1 SUSE-SU-2020:2759-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND lftp-4.8.3-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-75.0.3770.90-2 is installed OR chromium-75.0.3770.90-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information xorg-x11-server-7.6_1.18.3-74 is installed OR xorg-x11-server-extra-7.6_1.18.3-74 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_50-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_15-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gnutls-3.3.27-1 is installed OR libgnutls-openssl27-3.3.27-1 is installed OR libgnutls28-3.3.27-1 is installed OR libgnutls28-32bit-3.3.27-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND mailman-2.1.17-3.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information hostinfo-1.0.1-19.5 is installed OR supportutils-3.0-95.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gstreamer-1.8.3-9 is installed OR gstreamer-lang-1.8.3-9 is installed OR gstreamer-utils-1.8.3-9 is installed OR libgstreamer-1_0-0-1.8.3-9 is installed OR libgstreamer-1_0-0-32bit-1.8.3-9 is installed OR typelib-1_0-Gst-1_0-1.8.3-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libfreebl3-3.53.1-58.48 is installed OR libfreebl3-32bit-3.53.1-58.48 is installed OR libfreebl3-hmac-3.53.1-58.48 is installed OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed OR libsoftokn3-3.53.1-58.48 is installed OR libsoftokn3-32bit-3.53.1-58.48 is installed OR libsoftokn3-hmac-3.53.1-58.48 is installed OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed OR mozilla-nspr-4.25-19.15 is installed OR mozilla-nspr-32bit-4.25-19.15 is installed OR mozilla-nspr-devel-4.25-19.15 is installed OR mozilla-nss-3.53.1-58.48 is installed OR mozilla-nss-32bit-3.53.1-58.48 is installed OR mozilla-nss-certs-3.53.1-58.48 is installed OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed OR mozilla-nss-devel-3.53.1-58.48 is installed OR mozilla-nss-sysinit-3.53.1-58.48 is installed OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed OR mozilla-nss-tools-3.53.1-58.48 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libgcrypt-1.6.1-16.68 is installed OR libgcrypt20-1.6.1-16.68 is installed OR libgcrypt20-32bit-1.6.1-16.68 is installed OR libgcrypt20-hmac-1.6.1-16.68 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
BACK