Oval Definition:	oval:org.opensuse.security:def:59011
Revision Date: 2020-12-01 Version: 1 Title: Security update for hostinfo, supportutils (Important) Description: This update for hostinfo, supportutils fixes the following issues: Security issues fixed for supportutils: - CVE-2018-19640: Fixed an issue where users could kill arbitrary processes (bsc#1118463). - CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files (bsc#1118460). - CVE-2018-19639: Fixed a code execution if run with -v (bsc#1118462). - CVE-2018-19637: Fixed an issue where static temporary filename could allow overwriting of files (bsc#1117776). - CVE-2018-19636: Fixed a local root exploit via inclusion of attacker controlled shell script (bsc#1117751). Other issues fixed for supportutils: - Fixed invalid exit code commands (bsc#1125666) - SUSE separation in supportconfig (bsc#1125623) - Clarified supportconfig(8) -x option (bsc#1115245) - supportconfig: 3.0.127 - btrfs filesystem usage - List products.d - Dump lsof errors - Added ha commands for corosync - Dumped find errors in ib_info Issues fixed in hostinfo: - Removed extra kernel install dates (bsc#1099498) - Resolved network bond issue (bsc#1054979) Family: unix Class: patch Status: Reference(s): 1010399 1010405 1010406 1010408 1010409 1010421 1010423 1010424 1010425 1010426 1025108 1043008 1047281 1054979 1074235 1091041 1092611 1099498 1102682 1107832 1112852 1114674 1115245 1117751 1117776 1118460 1118462 1118463 1118987 1119461 1119465 1119947 1120374 1124729 1124734 1125623 1125666 1128378 1131107 1137443 1137990 1138190 1139083 1144903 1146544 1146612 1149429 1150466 1150483 1152631 1153108 1153158 1153161 1153811 1154738 1154905 1155689 1155897 1155898 1156187 1157038 1157042 1157070 1157143 1157158 1157191 1157324 1157333 1157464 1158132 1158328 1158394 1158398 1158410 1158413 1158417 1158445 1158823 1158824 1158827 1158834 1158900 1158903 1158904 1158954 1162197 1162200 1169511 1172798 1172846 1173972 1174753 1174817 1175168 959933 983922 CVE-2014-2653 CVE-2014-3540 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2015-8325 CVE-2016-0777 CVE-2016-0778 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-1908 CVE-2016-2830 CVE-2016-3115 CVE-2016-5289 CVE-2016-5292 CVE-2016-6210 CVE-2016-6515 CVE-2016-8858 CVE-2016-9063 CVE-2016-9067 CVE-2016-9068 CVE-2016-9069 CVE-2016-9071 CVE-2016-9073 CVE-2016-9075 CVE-2016-9076 CVE-2016-9077 CVE-2017-7789 CVE-2018-11805 CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 CVE-2018-14633 CVE-2018-16884 CVE-2018-18311 CVE-2018-19636 CVE-2018-19637 CVE-2018-19638 CVE-2018-19639 CVE-2018-19640 CVE-2018-5150 CVE-2018-5151 CVE-2018-5152 CVE-2018-5153 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5160 CVE-2018-5163 CVE-2018-5164 CVE-2018-5165 CVE-2018-5166 CVE-2018-5167 CVE-2018-5168 CVE-2018-5169 CVE-2018-5172 CVE-2018-5173 CVE-2018-5174 CVE-2018-5175 CVE-2018-5176 CVE-2018-5177 CVE-2018-5178 CVE-2018-5179 CVE-2018-5180 CVE-2018-5181 CVE-2018-5182 CVE-2018-5183 CVE-2018-5390 CVE-2019-10220 CVE-2019-11745 CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-12735 CVE-2019-12900 CVE-2019-13722 CVE-2019-14895 CVE-2019-15213 CVE-2019-15903 CVE-2019-16231 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-17133 CVE-2019-18660 CVE-2019-18680 CVE-2019-18683 CVE-2019-18805 CVE-2019-19052 CVE-2019-19062 CVE-2019-19065 CVE-2019-19073 CVE-2019-19074 CVE-2019-19332 CVE-2019-19338 CVE-2019-19523 CVE-2019-19524 CVE-2019-19525 CVE-2019-19527 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19535 CVE-2019-19536 CVE-2019-19537 CVE-2019-6974 CVE-2019-7221 CVE-2019-9213 CVE-2020-13844 CVE-2020-1930 CVE-2020-1931 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 SUSE-SU-2018:3749-1 SUSE-SU-2019:1122-1 SUSE-SU-2019:1456-1 SUSE-SU-2019:2264-1 SUSE-SU-2019:2872-1 SUSE-SU-2019:3347-1 SUSE-SU-2019:3379-1 SUSE-SU-2020:0810-1 SUSE-SU-2020:1571-1 SUSE-SU-2020:3263-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information qemu-2.11.2-lp150.7.15 is installed OR qemu-arm-2.11.2-lp150.7.15 is installed OR qemu-block-curl-2.11.2-lp150.7.15 is installed OR qemu-block-dmg-2.11.2-lp150.7.15 is installed OR qemu-block-gluster-2.11.2-lp150.7.15 is installed OR qemu-block-iscsi-2.11.2-lp150.7.15 is installed OR qemu-block-rbd-2.11.2-lp150.7.15 is installed OR qemu-block-ssh-2.11.2-lp150.7.15 is installed OR qemu-extra-2.11.2-lp150.7.15 is installed OR qemu-guest-agent-2.11.2-lp150.7.15 is installed OR qemu-ipxe-1.0.0+-lp150.7.15 is installed OR qemu-ksm-2.11.2-lp150.7.15 is installed OR qemu-kvm-2.11.2-lp150.7.15 is installed OR qemu-lang-2.11.2-lp150.7.15 is installed OR qemu-linux-user-2.11.2-lp150.7.15 is installed OR qemu-ppc-2.11.2-lp150.7.15 is installed OR qemu-s390-2.11.2-lp150.7.15 is installed OR qemu-seabios-1.11.0-lp150.7.15 is installed OR qemu-sgabios-8-lp150.7.15 is installed OR qemu-testsuite-2.11.2-lp150.7.15 is installed OR qemu-tools-2.11.2-lp150.7.15 is installed OR qemu-vgabios-1.11.0-lp150.7.15 is installed OR qemu-x86-2.11.2-lp150.7.15 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libzmq5-4.2.3-lp151.5.3 is installed OR zeromq-4.2.3-lp151.5.3 is installed OR zeromq-devel-4.2.3-lp151.5.3 is installed OR zeromq-tools-4.2.3-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.3.0-109.50 is installed OR MozillaFirefox-devel-60.3.0-109.50 is installed OR MozillaFirefox-translations-common-60.3.0-109.50 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information hostinfo-1.0.1-19.5 is installed OR supportutils-3.0-95.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpython3_4m1_0-3.4.6-25.16 is installed OR python3-3.4.6-25.16 is installed OR python3-base-3.4.6-25.16 is installed OR python3-curses-3.4.6-25.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-cryptography-2.0.3-3.3 is installed
BACK