Oval Definition:	oval:org.opensuse.security:def:58519
Revision Date: 2020-12-01 Version: 1 Title: Security update for libplist (Moderate) Description: This update for libplist fixes the following issues: Security issues fixed: - CVE-2017-6439: Heap-based buffer overflow in the parse_string_node function. (bsc#1029638) - CVE-2017-6438: Heap-based buffer overflow in the parse_unicode_node function. (bsc#1029706) - CVE-2017-6437: The base64encode function in base64.c allows local users to cause denial of service (out-of-bounds read) via a crafted plist file. (bsc#1029707) - CVE-2017-6436: Integer overflow in parse_string_node. (bsc#1029751) - CVE-2017-6435: Crafted plist file could lead to Heap-buffer overflow. (bsc#1029639) Family: unix Class: patch Status: Reference(s): 1000092 1000619 1003077 1005918 1006469 1006472 1007729 1008742 1009546 1009674 1009718 1009911 1010612 1010690 1010933 1011176 1011602 1011660 1011913 1012382 1012422 1012829 1012910 1013000 1013001 1013273 1013540 1013792 1013994 1014120 1014410 1015038 1015367 1015840 1016250 1016403 1016517 1016884 1016979 1017164 1017170 1017410 1018100 1018316 1018358 1018446 1018813 1018913 1019061 1019148 1019168 1019260 1019351 1019594 1019630 1019631 1019784 1019851 1020048 1020214 1020488 1020602 1020685 1020817 1020945 1020975 1021082 1021248 1021251 1021258 1021260 1021294 1021455 1021474 1022304 1022429 1022476 1022547 1022559 1022971 1023101 1023175 1023762 1023884 1023888 1024081 1024234 1024508 1024938 1025235 1027519 1029638 1029639 1029706 1029707 1029751 1033783 1049825 1058058 1068101 1074562 1086039 1086730 1092631 1104668 1107832 1109893 1110233 1110542 1111319 1112911 1113296 1116995 1117951 1120629 1120630 1120631 1127155 1131823 1134226 1137977 1140039 1144903 1145521 1152107 1153108 1153158 1153161 1158809 1160163 1160968 1172031 1172225 1173477 1173691 1173694 1173700 1173701 1173743 1173798 1173874 1173875 1173876 1173880 1174205 1174757 1175691 1176069 921494 959709 964944 969476 969477 969479 971975 974215 981709 982783 985561 987192 987576 989056 991273 998106 CVE-2015-8709 CVE-2016-7117 CVE-2016-9806 CVE-2017-18922 CVE-2017-2583 CVE-2017-2584 CVE-2017-5551 CVE-2017-5576 CVE-2017-5577 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 CVE-2017-5897 CVE-2017-5970 CVE-2017-5986 CVE-2017-6435 CVE-2017-6436 CVE-2017-6437 CVE-2017-6438 CVE-2017-6439 CVE-2017-7467 CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 CVE-2017-9798 CVE-2018-1000140 CVE-2018-12539 CVE-2018-14633 CVE-2018-1517 CVE-2018-1656 CVE-2018-17182 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2018-21247 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3639 CVE-2019-10220 CVE-2019-1551 CVE-2019-16746 CVE-2019-17133 CVE-2019-20807 CVE-2019-20839 CVE-2019-20840 CVE-2020-14314 CVE-2020-14331 CVE-2020-14386 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-16166 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 SUSE-SU-2017:0575-1 SUSE-SU-2017:1092-1 SUSE-SU-2017:2201-1 SUSE-SU-2017:2542-1 SUSE-SU-2017:3213-1 SUSE-SU-2018:0828-1 SUSE-SU-2018:1699-1 SUSE-SU-2018:2649-2 SUSE-SU-2018:3173-1 SUSE-SU-2019:2265-1 SUSE-SU-2020:0474-1 SUSE-SU-2020:1550-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information MozillaFirefox-60.0-lp150.2 is installed OR MozillaFirefox-translations-common-60.0-lp150.2 is installed OR MozillaFirefox-translations-other-60.0-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information neovim-0.3.5-lp151.2.3 is installed OR neovim-lang-0.3.5-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libplist-1.12-20.3 is installed OR libplist3-1.12-20.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_109-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_29-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.5-37 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.5-37 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.5-37 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.5-37 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_06-3.59 is installed OR xen-doc-html-4.9.4_06-3.59 is installed OR xen-libs-4.9.4_06-3.59 is installed OR xen-libs-32bit-4.9.4_06-3.59 is installed OR xen-tools-4.9.4_06-3.59 is installed OR xen-tools-domU-4.9.4_06-3.59 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.10-30.69 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.10-30.69 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.10-30.69 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.10-30.69 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libruby2_1-2_1-2.1.9-19.3 is installed OR ruby2.1-2.1.9-19.3 is installed OR ruby2.1-stdlib-2.1.9-19.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpolkit0-0.113-5.12 is installed OR polkit-0.113-5.12 is installed OR typelib-1_0-Polkit-1_0-0.113-5.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information kernel-default-4.12.14-94.41 is installed OR kernel-default-base-4.12.14-94.41 is installed OR kernel-default-devel-4.12.14-94.41 is installed OR kernel-default-man-4.12.14-94.41 is installed OR kernel-devel-4.12.14-94.41 is installed OR kernel-macros-4.12.14-94.41 is installed OR kernel-source-4.12.14-94.41 is installed OR kernel-syms-4.12.14-94.41 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libgcrypt-1.6.1-16.68 is installed OR libgcrypt20-1.6.1-16.68 is installed OR libgcrypt20-32bit-1.6.1-16.68 is installed OR libgcrypt20-hmac-1.6.1-16.68 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_7_0-openjdk-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed
BACK