Oval Definition:	oval:org.opensuse.security:def:58914
Revision Date: 2021-03-03 Version: 1 Title: Security update for openldap2 (Important) Description: This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. Family: unix Class: patch Status: Reference(s): 1040107 1040114 1045315 1049423 1052449 1052522 1055857 1059893 1069222 1069226 1082858 1083915 1103098 1111331 1112039 1120943 1122706 1140868 1146358 1146359 1160770 1171475 1171847 1172105 1172116 1172121 1173027 1174628 1177513 1182279 1182408 1182411 1182412 1182413 1182415 1182416 1182417 1182418 1182419 1182420 CVE-2009-2911 CVE-2009-4273 CVE-2010-0411 CVE-2010-0412 CVE-2012-0862 CVE-2012-6706 CVE-2013-4143 CVE-2013-4342 CVE-2014-9654 CVE-2016-6328 CVE-2017-11423 CVE-2017-12596 CVE-2017-6419 CVE-2017-7544 CVE-2017-8816 CVE-2017-8817 CVE-2017-9110 CVE-2017-9114 CVE-2018-0202 CVE-2018-1000085 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-18386 CVE-2018-20030 CVE-2018-5391 CVE-2019-11091 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-3813 CVE-2019-8675 CVE-2019-8696 CVE-2019-9278 CVE-2019-9811 CVE-2020-0093 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 CVE-2020-14344 CVE-2020-25645 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2020-8177 CVE-2021-27212 SUSE-SU-2018:0122-1 SUSE-SU-2018:0585-1 SUSE-SU-2018:0809-1 SUSE-SU-2019:1296-1 SUSE-SU-2019:1861-1 SUSE-SU-2019:3057-1 SUSE-SU-2020:1534-1 SUSE-SU-2020:1732-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libvirt-client-4.0.0-lp150.6 is installed OR libvirt-daemon-4.0.0-lp150.6 is installed OR libvirt-daemon-config-network-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-interface-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-network-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-nodedev-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-nwfilter-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-qemu-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-secret-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-core-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-disk-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-iscsi-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-logical-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-mpath-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-rbd-4.0.0-lp150.6 is installed OR libvirt-daemon-driver-storage-scsi-4.0.0-lp150.6 is installed OR libvirt-daemon-qemu-4.0.0-lp150.6 is installed OR libvirt-libs-4.0.0-lp150.6 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libvirglrenderer0-0.6.0-lp151.4.3 is installed OR virglrenderer-0.6.0-lp151.4.3 is installed OR virglrenderer-devel-0.6.0-lp151.4.3 is installed OR virglrenderer-test-server-0.6.0-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libIlmImf-Imf_2_1-21-2.1.0-6.3 is installed OR openexr-2.1.0-6.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information curl-7.37.0-37.47 is installed OR libcurl4-7.37.0-37.47 is installed OR libcurl4-32bit-7.37.0-37.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND ucode-intel-20190514-13.44 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libicu-doc-52.1-7 is installed OR libicu52_1-52.1-7 is installed OR libicu52_1-32bit-52.1-7 is installed OR libicu52_1-data-52.1-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libldap-2_4-2-2.4.41-18.83.1 is installed OR libldap-2_4-2-32bit-2.4.41-18.83.1 is installed OR openldap2-2.4.41-18.83.1 is installed OR openldap2-back-meta-2.4.41-18.83.1 is installed OR openldap2-client-2.4.41-18.83.1 is installed OR openldap2-doc-2.4.41-18.83.1 is installed OR openldap2-ppolicy-check-password-1.2-18.83.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND davfs2-1.5.2-2 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND cobbler-2.6.6-49.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed
BACK