Oval Definition:oval:org.opensuse.security:def:58600
Revision Date:2020-12-01Version:1
Title:Security update for openssh (Moderate)
Description:

This update for openssh fixes the following issues:

Security issue fixed:

- CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server (bsc#1065000).

Bug fixes:

- FIPS: Startup selfchecks (bsc#1068310). - FIPS: Silent complaints about unsupported key exchange methods (bsc#1006166). - Refine handling of sockets for X11 forwarding to remove reintroduced CVE-2008-1483 (bsc#1069509). - Test configuration before running daemon to prevent looping resulting in service shutdown (bsc#1048367)
Family:unixClass:patch
Status:Reference(s):1005023
1006166
1007959
1007962
1008842
1008965
1010032
1011913
1012382
1012504
1012632
1012910
1013095
1013994
1014136
1015609
1017461
1017641
1018263
1018419
1019163
1019332
1019614
1019618
1020048
1020077
1020985
1021762
1022340
1022785
1023041
1023866
1024015
1025683
1026024
1026405
1026462
1026505
1026509
1026692
1026722
1027054
1027066
1027153
1027179
1027189
1027190
1027195
1027273
1027616
1028017
1028027
1028041
1028158
1028217
1028325
1028415
1028819
1028895
1029220
1029514
1029634
1029986
1030118
1030213
1031003
1031052
1031200
1031206
1031208
1031440
1031481
1031579
1031660
1031662
1031717
1031831
1032006
1032673
1032681
1034005
1034402
1037811
1042948
1048367
1049373
1051412
1052252
1052771
1058082
1065000
1068310
1069509
1072902
1074122
1074425
1074610
1076696
1077445
1082063
1082210
1083417
1083420
1083422
1083424
1083426
1097560
1101591
1107832
1110233
1114981
1115518
1119971
1120323
1137832
1166844
1168422
1177914
897662
951844
968697
969755
970083
977043
977572
977860
978056
980892
981634
982783
987899
988281
991173
998106
CVE-2008-1483
CVE-2009-1886
CVE-2009-1888
CVE-2009-2813
CVE-2009-2906
CVE-2009-2948
CVE-2010-0547
CVE-2010-0728
CVE-2010-0787
CVE-2012-1586
CVE-2012-2737
CVE-2012-4502
CVE-2012-4503
CVE-2014-0021
CVE-2016-10200
CVE-2016-1549
CVE-2016-1567
CVE-2016-2117
CVE-2016-9191
CVE-2017-1000445
CVE-2017-1000476
CVE-2017-11449
CVE-2017-11751
CVE-2017-12430
CVE-2017-12642
CVE-2017-14249
CVE-2017-15906
CVE-2017-17680
CVE-2017-17882
CVE-2017-2596
CVE-2017-2616
CVE-2017-2671
CVE-2017-6074
CVE-2017-6214
CVE-2017-6345
CVE-2017-6346
CVE-2017-6347
CVE-2017-6353
CVE-2017-7187
CVE-2017-7261
CVE-2017-7294
CVE-2017-7308
CVE-2017-7374
CVE-2017-9409
CVE-2018-14633
CVE-2018-16864
CVE-2018-16865
CVE-2018-16866
CVE-2018-17182
CVE-2018-7170
CVE-2018-7182
CVE-2018-7183
CVE-2018-7184
CVE-2018-7185
CVE-2019-12749
CVE-2020-10531
CVE-2020-15999
CVE-2020-3898
SUSE-SU-2017:0554-1
SUSE-SU-2017:1183-1
SUSE-SU-2017:1577-1
SUSE-SU-2017:3230-1
SUSE-SU-2018:0055-1
SUSE-SU-2018:1765-1
SUSE-SU-2018:2902-1
SUSE-SU-2019:0135-1
SUSE-SU-2019:1591-1
SUSE-SU-2020:1180-1
SUSE-SU-2020:2998-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND hyper-v-7-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gpg2-2.2.5-lp151.6.3 is installed
  • OR gpg2-lang-2.2.5-lp151.6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • openssh-7.2p2-74.11 is installed
  • OR openssh-askpass-gnome-7.2p2-74.11 is installed
  • OR openssh-fips-7.2p2-74.11 is installed
  • OR openssh-helpers-7.2p2-74.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • dbus-1-1.8.22-24.19 is installed
  • OR dbus-1-x11-1.8.22-24.19 is installed
  • OR libdbus-1-3-1.8.22-24.19 is installed
  • OR libdbus-1-3-32bit-1.8.22-24.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_56-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_17-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • ntp-4.2.8p11-64.5 is installed
  • OR ntp-doc-4.2.8p11-64.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • accountsservice-0.6.42-14 is installed
  • OR accountsservice-lang-0.6.42-14 is installed
  • OR libaccountsservice0-0.6.42-14 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • perl-5.18.2-12.20 is installed
  • OR perl-32bit-5.18.2-12.20 is installed
  • OR perl-base-5.18.2-12.20 is installed
  • OR perl-doc-5.18.2-12.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed
  • OR openssl-1.0.2j-60.46 is installed
  • OR openssl-doc-1.0.2j-60.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libltdl7-2.4.2-17.4 is installed
  • OR libltdl7-32bit-2.4.2-17.4 is installed
  • OR libtool-2.4.2-17.4 is installed
  • OR libtool-32bit-2.4.2-17.4 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ntp-4.2.8p15-88 is installed
  • OR ntp-doc-4.2.8p15-88 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • crowbar-core-6.0+git.1582892022.cbd70e833-3.19 is installed
  • OR crowbar-core-branding-upstream-6.0+git.1582892022.cbd70e833-3.19 is installed
  • OR crowbar-ha-6.0+git.1574286261.6fd1a34-3.13 is installed
  • OR crowbar-openstack-6.0+git.1580922461.67fb3c087-3.19 is installed
  • OR crowbar-ui-1.3.0+git.1575896697.a01a3a08-17 is installed
  • OR keepalived-2.0.19-3.3 is installed
  • OR openstack-barbican-7.0.1~dev24-3.6 is installed
  • OR openstack-barbican-api-7.0.1~dev24-3.6 is installed
  • OR openstack-barbican-keystone-listener-7.0.1~dev24-3.6 is installed
  • OR openstack-barbican-retry-7.0.1~dev24-3.6 is installed
  • OR openstack-barbican-worker-7.0.1~dev24-3.6 is installed
  • OR openstack-ceilometer-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-agent-central-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-agent-compute-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-agent-ipmi-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-agent-notification-11.0.2~dev21-3.10 is installed
  • OR openstack-ceilometer-polling-11.0.2~dev21-3.10 is installed
  • OR openstack-cinder-13.0.9~dev11-3.16 is installed
  • OR openstack-cinder-api-13.0.9~dev11-3.16 is installed
  • OR openstack-cinder-backup-13.0.9~dev11-3.16 is installed
  • OR openstack-cinder-scheduler-13.0.9~dev11-3.16 is installed
  • OR openstack-cinder-volume-13.0.9~dev11-3.16 is installed
  • OR openstack-dashboard-14.1.1~dev1-3.12 is installed
  • OR openstack-dashboard-theme-SUSE-2018.2+git.1555335229.5c8dec9-3.3 is installed
  • OR openstack-designate-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-agent-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-api-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-central-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-producer-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-sink-7.0.1~dev23-3.13 is installed
  • OR openstack-designate-worker-7.0.1~dev23-3.13 is installed
  • OR openstack-heat-11.0.3~dev31-3.13 is installed
  • OR openstack-heat-api-11.0.3~dev31-3.13 is installed
  • OR openstack-heat-api-cfn-11.0.3~dev31-3.13 is installed
  • OR openstack-heat-engine-11.0.3~dev31-3.13 is installed
  • OR openstack-heat-plugin-heat_docker-11.0.3~dev31-3.13 is installed
  • OR openstack-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed
  • OR openstack-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed
  • OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed
  • OR openstack-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed
  • OR openstack-ironic-11.1.4~dev22-3.13 is installed
  • OR openstack-ironic-api-11.1.4~dev22-3.13 is installed
  • OR openstack-ironic-conductor-11.1.4~dev22-3.13 is installed
  • OR openstack-ironic-python-agent-3.3.3~dev6-3.13 is installed
  • OR openstack-keystone-14.1.1~dev36-3.19 is installed
  • OR openstack-magnum-7.2.1~dev1-3.10 is installed
  • OR openstack-magnum-api-7.2.1~dev1-3.10 is installed
  • OR openstack-magnum-conductor-7.2.1~dev1-3.10 is installed
  • OR openstack-monasca-agent-2.8.1~dev13-3.6 is installed
  • OR openstack-neutron-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-dhcp-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-fwaas-13.0.3~dev4-3.9 is installed
  • OR openstack-neutron-gbp-5.0.1~dev491-3.16 is installed
  • OR openstack-neutron-ha-tool-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-l3-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-linuxbridge-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-macvtap-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-metadata-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-metering-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-openvswitch-agent-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-server-13.0.7~dev48-3.19 is installed
  • OR openstack-neutron-vpnaas-13.0.2~dev6-3.6 is installed
  • OR openstack-neutron-vyatta-agent-13.0.2~dev6-3.6 is installed
  • OR openstack-nova-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-api-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-cells-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-compute-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-conductor-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-console-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-novncproxy-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-placement-api-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-scheduler-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-serialproxy-18.2.4~dev63-3.19 is installed
  • OR openstack-nova-vncproxy-18.2.4~dev63-3.19 is installed
  • OR openstack-octavia-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-amphora-agent-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-amphora-image-0.1.2-7.6 is installed
  • OR openstack-octavia-amphora-image-x86_64-0.1.2-7.6 is installed
  • OR openstack-octavia-api-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-health-manager-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-housekeeping-3.2.2~dev8-3.19 is installed
  • OR openstack-octavia-worker-3.2.2~dev8-3.19 is installed
  • OR openstack-sahara-9.0.2~dev15-3.9 is installed
  • OR openstack-sahara-api-9.0.2~dev15-3.9 is installed
  • OR openstack-sahara-engine-9.0.2~dev15-3.9 is installed
  • OR openstack-swift-2.19.2~dev48-3.3 is installed
  • OR openstack-swift-account-2.19.2~dev48-3.3 is installed
  • OR openstack-swift-container-2.19.2~dev48-3.3 is installed
  • OR openstack-swift-object-2.19.2~dev48-3.3 is installed
  • OR openstack-swift-proxy-2.19.2~dev48-3.3 is installed
  • OR python-amqp-2.4.2-4.3 is installed
  • OR python-barbican-7.0.1~dev24-3.6 is installed
  • OR python-ceilometer-11.0.2~dev21-3.10 is installed
  • OR python-cinder-13.0.9~dev11-3.16 is installed
  • OR python-designate-7.0.1~dev23-3.13 is installed
  • OR python-heat-11.0.3~dev31-3.13 is installed
  • OR python-horizon-14.1.1~dev1-3.12 is installed
  • OR python-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed
  • OR python-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed
  • OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed
  • OR python-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed
  • OR python-ironic-11.1.4~dev22-3.13 is installed
  • OR python-ironic-lib-2.14.2-3.3 is installed
  • OR python-keystone-14.1.1~dev36-3.19 is installed
  • OR python-keystoneauth1-3.10.1~dev10-3.3 is installed
  • OR python-keystoneclient-3.17.1~dev5-3.3 is installed
  • OR python-keystoneclient-doc-3.17.1~dev5-3.3 is installed
  • OR python-keystonemiddleware-5.2.2~dev3-14 is installed
  • OR python-magnum-7.2.1~dev1-3.10 is installed
  • OR python-monasca-agent-2.8.1~dev13-3.6 is installed
  • OR python-neutron-13.0.7~dev48-3.19 is installed
  • OR python-neutron-fwaas-13.0.3~dev4-3.9 is installed
  • OR python-neutron-gbp-5.0.1~dev491-3.16 is installed
  • OR python-neutron-vpnaas-13.0.2~dev6-3.6 is installed
  • OR python-nova-18.2.4~dev63-3.19 is installed
  • OR python-octavia-3.2.2~dev8-3.19 is installed
  • OR python-openstack_auth-14.1.1~dev1-3.12 is installed
  • OR python-ovs-2.9.0-3.3 is installed
  • OR python-sahara-9.0.2~dev15-3.9 is installed
  • OR python-swift-2.19.2~dev48-3.3 is installed
  • OR ruby2.1-rubygem-crowbar-client-3.9.1-3.3 is installed
  • OR ruby2.1-rubygem-puma-2.16.0-4.3 is installed
  • OR rubygem-crowbar-client-3.9.1-3.3 is installed
  • OR rubygem-puma-2.16.0-4.3 is installed
  • OR supportutils-plugin-suse-openstack-cloud-9.0.1574431436.987b47d-3.6 is installed
    • BACK