Oval Definition:	oval:org.opensuse.security:def:59137
Revision Date: 2020-12-01 Version: 1 Title: Security update for clamav (Moderate) Description: This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504). - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458). Non-security issues fixed: - Added the --max-scantime clamscan option and MaxScanTime clamd configuration option (bsc#1144504). - Increased the startup timeout of clamd to 5 minutes to cater for the grown virus database as a workaround until clamd has learned to talk to systemd to extend the timeout as long as needed (bsc#1151839). Family: unix Class: patch Status: Reference(s): 1009254 1071853 1072947 1077717 1078662 1080740 1084300 1086774 1086775 1086813 1086814 1086817 1086820 1093536 1094462 1107874 1109845 1112758 1122293 1122299 1131886 1132728 1132729 1132732 1133135 1144504 1145092 1149458 1151839 1154212 1158442 1159646 1160895 1160912 1162388 1170603 1172437 1174633 1174635 1174638 1174955 1176733 1177155 CVE-2014-0011 CVE-2014-8240 CVE-2015-0255 CVE-2017-15710 CVE-2017-15715 CVE-2018-10811 CVE-2018-11212 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-16151 CVE-2018-16152 CVE-2018-16839 CVE-2018-17540 CVE-2018-3639 CVE-2018-5388 CVE-2018-7738 CVE-2019-10208 CVE-2019-12625 CVE-2019-12900 CVE-2019-17571 CVE-2019-18901 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2019-2933 CVE-2019-2945 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2020-10757 CVE-2020-12268 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-15708 CVE-2020-25637 CVE-2020-2574 CVE-2020-26117 SUSE-SU-2018:1161-2 SUSE-SU-2019:0390-1 SUSE-SU-2019:2159-1 SUSE-SU-2019:3066-1 SUSE-SU-2019:3266-1 SUSE-SU-2020:0051-1 SUSE-SU-2020:0054-1 SUSE-SU-2020:0527-1 SUSE-SU-2020:1212-1 SUSE-SU-2020:2331-1 SUSE-SU-2020:2898-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND hardlink-1.0+git.e66999f-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND putty-0.73-lp151.3.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.18 is installed OR apache2-doc-2.4.23-29.18 is installed OR apache2-example-pages-2.4.23-29.18 is installed OR apache2-prefork-2.4.23-29.18 is installed OR apache2-utils-2.4.23-29.18 is installed OR apache2-worker-2.4.23-29.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-openjdk-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-demo-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-devel-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-headless-1.8.0.212-27.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXvnc1-1.6.0-18.11 is installed OR tigervnc-1.6.0-18.11 is installed OR xorg-x11-Xvnc-1.6.0-18.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.10-30.69 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.10-30.69 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.10-30.69 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.10-30.69 is installed
BACK