OVAL Reference oval:org.opensuse.security:def:58803

Oval Definition:

oval:org.opensuse.security:def:58803

Revision Date:	2021-08-17	Version:	1
Title:	Security update for spice-vdagent (Moderate)
Description:	This update for spice-vdagent fixes the following issues: - CVE-2020-25650: memory DoS via arbitrary entries in `active_xfers` hash table (bsc#1177780) - CVE-2020-25651: possible file transfer DoS and information leak via `active_xfers` hash map (bsc#1177781) - CVE-2020-25652: possibility to exhaust file descriptors in `vdagentd` (bsc#1177782) - CVE-2020-25653: UNIX domain socket peer PID retrieved via `SO_PEERCRED` is subject to race condition (bsc#1177783)
Family:	unix	Class:	patch
Status:		Reference(s):	1005023 1023415 1036304 1045735 1049825 1057662 1059061 1070130 1070851 1072887 1073935 1073973 1076119 1076192 1076500 1076696 1079334 1081725 1083926 1083927 1088705 1090638 1091624 1092413 1096803 1099847 1100028 1101349 1101591 1102429 1103098 1112039 1114981 1115518 1119947 1119971 1120323 1144903 1145092 1153108 1153158 1153161 1165787 1177780 1177781 1177782 1177783 1177943 987170 CVE-2011-1521 CVE-2011-3389 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2012-2944 CVE-2012-4453 CVE-2013-1752 CVE-2013-1753 CVE-2013-4238 CVE-2014-0004 CVE-2014-1912 CVE-2014-4650 CVE-2014-7185 CVE-2016-0772 CVE-2016-1000110 CVE-2016-5636 CVE-2016-5699 CVE-2016-8637 CVE-2017-17833 CVE-2017-3144 CVE-2017-9269 CVE-2018-16864 CVE-2018-16865 CVE-2018-16866 CVE-2018-16884 CVE-2018-18386 CVE-2018-5391 CVE-2018-5729 CVE-2018-5730 CVE-2018-5748 CVE-2018-7685 CVE-2019-10208 CVE-2019-10220 CVE-2019-17133 CVE-2020-10188 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 SUSE-SU-2018:0385-1 SUSE-SU-2018:0532-1 SUSE-SU-2018:0846-1 SUSE-SU-2018:2716-1 SUSE-SU-2018:2991-1 SUSE-SU-2019:0135-1 SUSE-SU-2019:2159-1 SUSE-SU-2020:1533-1 SUSE-SU-2020:3310-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libavcodec57-3.4.2-lp150.2 is installed OR libavdevice57-3.4.2-lp150.2 is installed OR libavfilter6-3.4.2-lp150.2 is installed OR libavformat57-3.4.2-lp150.2 is installed OR libavresample3-3.4.2-lp150.2 is installed OR libavutil55-3.4.2-lp150.2 is installed OR libpostproc54-3.4.2-lp150.2 is installed OR libswresample2-3.4.2-lp150.2 is installed OR libswscale4-3.4.2-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information dia-0.97.3-lp151.4.3 is installed OR dia-lang-0.97.3-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libvirt-2.0.0-27.29 is installed OR libvirt-client-2.0.0-27.29 is installed OR libvirt-daemon-2.0.0-27.29 is installed OR libvirt-daemon-config-network-2.0.0-27.29 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.29 is installed OR libvirt-daemon-driver-interface-2.0.0-27.29 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.29 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.29 is installed OR libvirt-daemon-driver-network-2.0.0-27.29 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.29 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.29 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.29 is installed OR libvirt-daemon-driver-secret-2.0.0-27.29 is installed OR libvirt-daemon-driver-storage-2.0.0-27.29 is installed OR libvirt-daemon-lxc-2.0.0-27.29 is installed OR libvirt-daemon-qemu-2.0.0-27.29 is installed OR libvirt-daemon-xen-2.0.0-27.29 is installed OR libvirt-doc-2.0.0-27.29 is installed OR libvirt-lock-sanlock-2.0.0-27.29 is installed OR libvirt-nss-2.0.0-27.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_90-92_50-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_15-12-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libzypp-16.17.20-27.52 is installed OR zypper-1.13.45-18.33 is installed OR zypper-log-1.13.45-18.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information dracut-044-113 is installed OR dracut-fips-044-113 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libfreebl3-3.53.1-58.48 is installed OR libfreebl3-32bit-3.53.1-58.48 is installed OR libfreebl3-hmac-3.53.1-58.48 is installed OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed OR libsoftokn3-3.53.1-58.48 is installed OR libsoftokn3-32bit-3.53.1-58.48 is installed OR libsoftokn3-hmac-3.53.1-58.48 is installed OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed OR mozilla-nspr-4.25-19.15 is installed OR mozilla-nspr-32bit-4.25-19.15 is installed OR mozilla-nss-3.53.1-58.48 is installed OR mozilla-nss-32bit-3.53.1-58.48 is installed OR mozilla-nss-certs-3.53.1-58.48 is installed OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed OR mozilla-nss-sysinit-3.53.1-58.48 is installed OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed OR mozilla-nss-tools-3.53.1-58.48 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND spice-vdagent-0.16.0-8.8.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information ardana-ansible-8.0+git.1560208949.67048e3-3.64 is installed OR ardana-db-8.0+git.1564410318.f0cca2c-3.28 is installed OR ardana-freezer-8.0+git.1564164977.ef9baeb-3.18 is installed OR ardana-glance-8.0+git.1564491709.349d78e-3.14 is installed OR ardana-input-model-8.0+git.1562848601.c3daff0-3.30 is installed OR ardana-nova-8.0+git.1565388406.c6abb8d-3.32 is installed OR ardana-osconfig-8.0+git.1563383198.c7fd9b4-3.39 is installed OR ardana-swiftlm-drive-provision-8.0+git.1541434883.e0ebe69-5.9 is installed OR ardana-swiftlm-log-tailer-8.0+git.1541434883.e0ebe69-5.9 is installed OR ardana-swiftlm-uptime-mon-8.0+git.1541434883.e0ebe69-5.9 is installed OR ardana-tempest-8.0+git.1562849010.73bc517-3.24 is installed OR caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.15 is installed OR documentation-suse-openstack-cloud-installation-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-operations-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-opsconsole-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-planning-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-security-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-supplement-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-upstream-admin-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-upstream-user-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-user-8.20190805-1.20 is installed OR galera-python-clustercheck-0.0+git.1562242499.36b8b64-4.6 is installed OR grafana-monasca-ui-drilldown-1.8.1~dev39-3.9 is installed OR openstack-cinder-11.2.3~dev7-3.18 is installed OR openstack-cinder-api-11.2.3~dev7-3.18 is installed OR openstack-cinder-backup-11.2.3~dev7-3.18 is installed OR openstack-cinder-doc-11.2.3~dev7-3.18 is installed OR openstack-cinder-scheduler-11.2.3~dev7-3.18 is installed OR openstack-cinder-volume-11.2.3~dev7-3.18 is installed OR openstack-glance-15.0.3~dev2-3.9 is installed OR openstack-glance-api-15.0.3~dev2-3.9 is installed OR openstack-glance-doc-15.0.3~dev2-3.9 is installed OR openstack-glance-registry-15.0.3~dev2-3.9 is installed OR openstack-heat-9.0.8~dev11-3.21 is installed OR openstack-heat-api-9.0.8~dev11-3.21 is installed OR openstack-heat-api-cfn-9.0.8~dev11-3.21 is installed OR openstack-heat-api-cloudwatch-9.0.8~dev11-3.21 is installed OR openstack-heat-doc-9.0.8~dev11-3.21 is installed OR openstack-heat-engine-9.0.8~dev11-3.21 is installed OR openstack-heat-plugin-heat_docker-9.0.8~dev11-3.21 is installed OR openstack-heat-test-9.0.8~dev11-3.21 is installed OR openstack-horizon-plugin-monasca-ui-1.8.1~dev39-3.9 is installed OR openstack-horizon-plugin-neutron-fwaas-ui-1.0.1~dev9-4.6 is installed OR openstack-ironic-9.1.8~dev7-3.21 is installed OR openstack-ironic-api-9.1.8~dev7-3.21 is installed OR openstack-ironic-conductor-9.1.8~dev7-3.21 is installed OR openstack-ironic-doc-9.1.8~dev7-3.21 is installed OR openstack-keystone-12.0.4~dev2-5.22 is installed OR openstack-keystone-doc-12.0.4~dev2-5.22 is installed OR openstack-manila-5.1.1~dev2-3.18 is installed OR openstack-manila-api-5.1.1~dev2-3.18 is installed OR openstack-manila-data-5.1.1~dev2-3.18 is installed OR openstack-manila-doc-5.1.1~dev2-3.18 is installed OR openstack-manila-scheduler-5.1.1~dev2-3.18 is installed OR openstack-manila-share-5.1.1~dev2-3.18 is installed OR openstack-monasca-agent-2.2.5~dev5-3.12 is installed OR openstack-monasca-api-2.2.2~dev1-3.15 is installed OR openstack-monasca-persister-1.7.1~dev10-3.9 is installed OR openstack-monasca-persister-java-1.7.1~a0~dev2-3.3 is installed OR openstack-murano-4.0.2~dev2-3.9 is installed OR openstack-murano-api-4.0.2~dev2-3.9 is installed OR openstack-murano-doc-4.0.2~dev2-3.9 is installed OR openstack-murano-engine-4.0.2~dev2-3.9 is installed OR openstack-neutron-11.0.9~dev42-3.21 is installed OR openstack-neutron-dhcp-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-doc-11.0.9~dev42-3.21 is installed OR openstack-neutron-gbp-7.3.1~dev45-3.6 is installed OR openstack-neutron-ha-tool-11.0.9~dev42-3.21 is installed OR openstack-neutron-l3-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-lbaas-11.0.4~dev6-3.12 is installed OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.12 is installed OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.12 is installed OR openstack-neutron-linuxbridge-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-macvtap-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-metadata-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-metering-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-openvswitch-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-server-11.0.9~dev42-3.21 is installed OR openstack-nova-16.1.9~dev4-3.26 is installed OR openstack-nova-api-16.1.9~dev4-3.26 is installed OR openstack-nova-cells-16.1.9~dev4-3.26 is installed OR openstack-nova-compute-16.1.9~dev4-3.26 is installed OR openstack-nova-conductor-16.1.9~dev4-3.26 is installed OR openstack-nova-console-16.1.9~dev4-3.26 is installed OR openstack-nova-consoleauth-16.1.9~dev4-3.26 is installed OR openstack-nova-doc-16.1.9~dev4-3.26 is installed OR openstack-nova-novncproxy-16.1.9~dev4-3.26 is installed OR openstack-nova-placement-api-16.1.9~dev4-3.26 is installed OR openstack-nova-scheduler-16.1.9~dev4-3.26 is installed OR openstack-nova-serialproxy-16.1.9~dev4-3.26 is installed OR openstack-nova-vncproxy-16.1.9~dev4-3.26 is installed OR openstack-octavia-1.0.6~dev2-4.18 is installed OR openstack-octavia-amphora-agent-1.0.6~dev2-4.18 is installed OR openstack-octavia-api-1.0.6~dev2-4.18 is installed OR openstack-octavia-health-manager-1.0.6~dev2-4.18 is installed OR openstack-octavia-housekeeping-1.0.6~dev2-4.18 is installed OR openstack-octavia-worker-1.0.6~dev2-4.18 is installed OR python-Beaver-8.0+git.1502900605.3e0068a-4.3 is installed OR python-cinder-11.2.3~dev7-3.18 is installed OR python-glance-15.0.3~dev2-3.9 is installed OR python-heat-9.0.8~dev11-3.21 is installed OR python-horizon-plugin-monasca-ui-1.8.1~dev39-3.9 is installed OR python-horizon-plugin-neutron-fwaas-ui-1.0.1~dev9-4.6 is installed OR python-ironic-9.1.8~dev7-3.21 is installed OR python-keystone-12.0.4~dev2-5.22 is installed OR python-manila-5.1.1~dev2-3.18 is installed OR python-monasca-agent-2.2.5~dev5-3.12 is installed OR python-monasca-api-2.2.2~dev1-3.15 is installed OR python-monasca-persister-1.7.1~dev10-3.9 is installed OR python-murano-4.0.2~dev2-3.9 is installed OR python-neutron-11.0.9~dev42-3.21 is installed OR python-neutron-gbp-7.3.1~dev45-3.6 is installed OR python-neutron-lbaas-11.0.4~dev6-3.12 is installed OR python-nova-16.1.9~dev4-3.26 is installed OR python-octavia-1.0.6~dev2-4.18 is installed OR python-oslo.db-4.25.2-3.6 is installed OR python-osprofiler-1.11.1-3.3 is installed OR python-swiftlm-8.0+git.1541434883.e0ebe69-5.9 is installed OR venv-openstack-magnum-5.0.2_5.0.2_5.0.2~dev31-11.18 is installed OR venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.18 is installed OR venv-openstack-monasca-2.2.2~dev1-11.16 is installed OR venv-openstack-monasca-ceilometer-1.5.1_1.5.1_1.5.1~dev3-8.14 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.14 is installed OR venv-openstack-monasca-x86_64-2.2.2~dev1-11.16 is installed OR venv-openstack-murano-4.0.2~dev2-12.14 is installed OR venv-openstack-murano-x86_64-4.0.2~dev2-12.14 is installed OR venv-openstack-neutron-11.0.9~dev42-13.22 is installed OR venv-openstack-neutron-x86_64-11.0.9~dev42-13.22 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-requests-2.20.1-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-68.8.0-109.119 is installed OR MozillaFirefox-translations-common-68.8.0-109.119 is installed

BACK