Oval Definition:	oval:org.opensuse.security:def:58807
Revision Date: 2021-08-24 Version: 1 Title: Security update for python-PyYAML (Important) Description: This update for python-PyYAML fixes the following issues: - Update to 5.3.1. - CVE-2020-14343: A vulnerability was discovered in the PyYAML library, where it was susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747. Family: unix Class: patch Status: Reference(s): 1012382 1023175 1032138 1032230 1040643 1042286 1042948 1043983 1048072 1049373 1050879 1050887 1050888 1050889 1050891 1051184 1051412 1052252 1052771 1055265 1056286 1056782 1058082 1058754 1058755 1058757 1062452 1062604 1064232 1065364 1065600 1065726 1069607 1069632 1070805 1072902 1073002 1074122 1074425 1074610 1078782 1078808 1079869 1080042 1082007 1082008 1082009 1082010 1082011 1082014 1082041 1082058 1082519 1082863 1083625 1084536 1084721 1085042 1086095 1086535 1087433 1087434 1087436 1087437 1087440 1087441 1088810 1089066 1091158 1091171 1091197 1091396 1092903 1094466 1094825 1095344 1096547 1097104 1098996 1099523 1099597 1099811 1099813 1099844 1099845 1099846 1099849 1099863 1099864 1099922 1099993 1099999 1100000 1100001 1100105 1100152 1101555 1102517 1102715 1102870 1103445 1103624 1104319 1104495 1104668 1104731 1105010 1105025 1105292 1105296 1105322 1105348 1105396 1105536 1105931 1106016 1106095 1106293 1106369 1106509 1106511 1106512 1106594 1107256 1107299 1107385 1107689 1107735 1107866 1107966 1108145 1108239 1108399 1108498 1109330 1109333 1110286 1110837 1111062 1112530 1112532 1113192 1113751 1113769 1114190 1114592 1114648 1114763 1115433 1115440 1116027 1116183 1116345 1117186 1117187 1118152 1118319 1119714 1119946 1119947 1120743 1120758 1121621 1122293 1122299 1122706 1123161 1130611 1130617 1130620 1130622 1130623 1130627 1132728 1132729 1132732 1134297 1135254 1141897 1142649 1142654 1144903 1148517 1149145 1152990 1152992 1152994 1152995 1153108 1153158 1153161 1171517 1172275 1174514 964336 CVE-2010-2242 CVE-2011-1146 CVE-2011-2511 CVE-2011-4600 CVE-2012-0037 CVE-2012-3445 CVE-2013-0170 CVE-2013-1962 CVE-2013-2218 CVE-2013-2230 CVE-2013-4153 CVE-2013-4154 CVE-2013-4239 CVE-2013-4296 CVE-2013-4297 CVE-2013-4311 CVE-2013-4399 CVE-2013-4400 CVE-2013-4401 CVE-2013-6436 CVE-2013-6456 CVE-2013-6457 CVE-2013-6458 CVE-2014-0028 CVE-2014-0172 CVE-2014-0179 CVE-2014-1447 CVE-2014-3633 CVE-2014-3657 CVE-2014-7823 CVE-2014-8131 CVE-2014-9447 CVE-2015-0236 CVE-2015-5247 CVE-2015-5313 CVE-2015-9096 CVE-2016-0705 CVE-2016-10163 CVE-2016-10214 CVE-2016-10219 CVE-2016-10317 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-1000445 CVE-2017-1000476 CVE-2017-10784 CVE-2017-11449 CVE-2017-11714 CVE-2017-11751 CVE-2017-12430 CVE-2017-12642 CVE-2017-14033 CVE-2017-14064 CVE-2017-14249 CVE-2017-17405 CVE-2017-17680 CVE-2017-17742 CVE-2017-17790 CVE-2017-17882 CVE-2017-2635 CVE-2017-3732 CVE-2017-3736 CVE-2017-5580 CVE-2017-5715 CVE-2017-5937 CVE-2017-5956 CVE-2017-5957 CVE-2017-5993 CVE-2017-5994 CVE-2017-6209 CVE-2017-6210 CVE-2017-6317 CVE-2017-6355 CVE-2017-6386 CVE-2017-9216 CVE-2017-9228 CVE-2017-9229 CVE-2017-9409 CVE-2017-9612 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9835 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-1064 CVE-2018-10853 CVE-2018-10876 CVE-2018-10877 CVE-2018-10878 CVE-2018-10879 CVE-2018-10880 CVE-2018-10881 CVE-2018-10882 CVE-2018-10883 CVE-2018-10902 CVE-2018-10938 CVE-2018-10940 CVE-2018-11212 CVE-2018-12539 CVE-2018-12896 CVE-2018-13093 CVE-2018-13094 CVE-2018-13095 CVE-2018-14617 CVE-2018-14678 CVE-2018-1517 CVE-2018-15473 CVE-2018-15572 CVE-2018-15594 CVE-2018-16276 CVE-2018-16395 CVE-2018-16396 CVE-2018-1656 CVE-2018-16658 CVE-2018-16862 CVE-2018-16884 CVE-2018-17182 CVE-2018-18281 CVE-2018-18386 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2018-2940 CVE-2018-2952 CVE-2018-2964 CVE-2018-2973 CVE-2018-6554 CVE-2018-6555 CVE-2018-6764 CVE-2018-6914 CVE-2018-7480 CVE-2018-7757 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2018-9363 CVE-2018-9516 CVE-2018-9568 CVE-2019-10220 CVE-2019-14250 CVE-2019-15845 CVE-2019-15847 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-17133 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2019-3459 CVE-2019-3460 CVE-2019-3813 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2020-10663 CVE-2020-14343 SUSE-SU-2018:0055-1 SUSE-SU-2018:0407-1 SUSE-SU-2018:0861-1 SUSE-SU-2018:2839-1 SUSE-SU-2018:3084-1 SUSE-SU-2019:0230-1 SUSE-SU-2019:1392-1 SUSE-SU-2020:0394-1 SUSE-SU-2020:1570-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libcares2-1.14.0-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libgcrypt-1.8.2-lp151.9.7 is installed OR libgcrypt-cavs-1.8.2-lp151.9.7 is installed OR libgcrypt-devel-1.8.2-lp151.9.7 is installed OR libgcrypt-devel-32bit-1.8.2-lp151.9.7 is installed OR libgcrypt20-1.8.2-lp151.9.7 is installed OR libgcrypt20-32bit-1.8.2-lp151.9.7 is installed OR libgcrypt20-hmac-1.8.2-lp151.9.7 is installed OR libgcrypt20-hmac-32bit-1.8.2-lp151.9.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information ghostscript-9.15-23.7 is installed OR ghostscript-x11-9.15-23.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libspice-server1-0.12.7-10.6 is installed OR spice-0.12.7-10.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openssh-7.2p2-74.30 is installed OR openssh-askpass-gnome-7.2p2-74.30 is installed OR openssh-fips-7.2p2-74.30 is installed OR openssh-helpers-7.2p2-74.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information elfutils-0.158-6 is installed OR libasm1-0.158-6 is installed OR libasm1-32bit-0.158-6 is installed OR libdw1-0.158-6 is installed OR libdw1-32bit-0.158-6 is installed OR libebl1-0.158-6 is installed OR libebl1-32bit-0.158-6 is installed OR libelf1-0.158-6 is installed OR libelf1-32bit-0.158-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information bind-9.9.9P1-63.17 is installed OR bind-chrootenv-9.9.9P1-63.17 is installed OR bind-doc-9.9.9P1-63.17 is installed OR bind-libs-9.9.9P1-63.17 is installed OR bind-libs-32bit-9.9.9P1-63.17 is installed OR bind-utils-9.9.9P1-63.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND gdb-8.3.1-2.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ucode-intel-20191112a-13.56 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information python-PyYAML-5.3.1-28.6.1 is installed OR python3-PyYAML-5.3.1-28.6.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Django1-1.11.23-3.9 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information python-PyYAML-5.1.2-26.12 is installed OR python3-PyYAML-5.1.2-26.12 is installed
BACK