OVAL Reference oval:org.opensuse.security:def:59191

Oval Definition:

oval:org.opensuse.security:def:59191

Revision Date:	2020-12-01	Version:	1
Title:	Security update for sssd (Moderate)
Description:	This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users (bsc#1098377) These non-security issues were fixed: - Fix a segmentation fault in sss_cache command. (bsc#1072728) - Fix a failure in autofs initialisation sequence upon system boot. (bsc#1010700) - Fix race condition on boot between SSSD and autofs. (bsc#1010700) - Fix a bug where file descriptors were not closed (bsc#1080156) - Fix an issue where sssd logs were not rotated properly (bsc#1080156) - Remove whitespaces from netgroup entries (bsc#1087320) - Remove misleading log messages (bsc#1101877) - exit() the forked process if exec()-ing a child process fails (bsc#1110299) - Do not schedule the machine renewal task if adcli is not executable (bsc#1110299)
Family:	unix	Class:	patch
Status:		Reference(s):	1010700 1072728 1080156 1082828 1084362 1087320 1098377 1101877 1102151 1109160 1109663 1109847 1110299 1118277 1118367 1118368 1120767 1137825 1138459 1139083 1160467 1160468 1164860 1165787 1168404 1168407 1169066 1171740 1174117 1178512 CVE-2007-5970 CVE-2008-7247 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 CVE-2010-5298 CVE-2012-5615 CVE-2013-1571 CVE-2013-1976 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-2494 CVE-2014-3470 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6474 CVE-2014-6478 CVE-2014-6484 CVE-2014-6489 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 CVE-2014-6568 CVE-2014-8964 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0391 CVE-2015-0411 CVE-2015-0432 CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-2325 CVE-2015-2326 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-3152 CVE-2015-4792 CVE-2015-4802 CVE-2015-4807 CVE-2015-4815 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4913 CVE-2015-5969 CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597 CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 CVE-2016-0616 CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643 CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648 CVE-2016-0649 CVE-2016-0650 CVE-2016-0651 CVE-2016-0655 CVE-2016-0666 CVE-2016-0668 CVE-2016-2047 CVE-2016-3477 CVE-2016-3492 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440 CVE-2016-5584 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6662 CVE-2016-6663 CVE-2016-6664 CVE-2016-7440 CVE-2016-8283 CVE-2017-15130 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3302 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 CVE-2018-1000802 CVE-2018-1000872 CVE-2018-10852 CVE-2018-14432 CVE-2018-14647 CVE-2018-19788 CVE-2018-5741 CVE-2019-10160 CVE-2019-12387 CVE-2019-12900 CVE-2019-14896 CVE-2019-14897 CVE-2020-10188 CVE-2020-13935 CVE-2020-1927 CVE-2020-1934 CVE-2020-1935 CVE-2020-1938 CVE-2020-28196 CVE-2020-8616 CVE-2020-8617 SUSE-SU-2018:2632-2 SUSE-SU-2018:2761-1 SUSE-SU-2019:0019-1 SUSE-SU-2019:0081-1 SUSE-SU-2019:0391-1 SUSE-SU-2019:2053-2 SUSE-SU-2019:2066-1 SUSE-SU-2020:1272-1 SUSE-SU-2020:1533-1 SUSE-SU-2020:2611-1 SUSE-SU-2020:3379-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libarchive13-3.3.2-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libncurses5-6.1-lp151.6.3 is installed OR libncurses5-32bit-6.1-lp151.6.3 is installed OR libncurses6-6.1-lp151.6.3 is installed OR libncurses6-32bit-6.1-lp151.6.3 is installed OR ncurses-6.1-lp151.6.3 is installed OR ncurses-devel-6.1-lp151.6.3 is installed OR ncurses-devel-32bit-6.1-lp151.6.3 is installed OR ncurses-utils-6.1-lp151.6.3 is installed OR ncurses5-devel-6.1-lp151.6.3 is installed OR ncurses5-devel-32bit-6.1-lp151.6.3 is installed OR tack-6.1-lp151.6.3 is installed OR terminfo-6.1-lp151.6.3 is installed OR terminfo-base-6.1-lp151.6.3 is installed OR terminfo-iterm-6.1-lp151.6.3 is installed OR terminfo-screen-6.1-lp151.6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libipa_hbac0-1.13.4-34.23 is installed OR libsss_idmap0-1.13.4-34.23 is installed OR libsss_sudo-1.13.4-34.23 is installed OR python-sssd-config-1.13.4-34.23 is installed OR sssd-1.13.4-34.23 is installed OR sssd-32bit-1.13.4-34.23 is installed OR sssd-ad-1.13.4-34.23 is installed OR sssd-ipa-1.13.4-34.23 is installed OR sssd-krb5-1.13.4-34.23 is installed OR sssd-krb5-common-1.13.4-34.23 is installed OR sssd-ldap-1.13.4-34.23 is installed OR sssd-proxy-1.13.4-34.23 is installed OR sssd-tools-1.13.4-34.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND ant-1.9.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information qemu-2.9.1-6.44 is installed OR qemu-arm-2.9.1-6.44 is installed OR qemu-block-curl-2.9.1-6.44 is installed OR qemu-block-iscsi-2.9.1-6.44 is installed OR qemu-block-rbd-2.9.1-6.44 is installed OR qemu-block-ssh-2.9.1-6.44 is installed OR qemu-guest-agent-2.9.1-6.44 is installed OR qemu-ipxe-1.0.0+-6.44 is installed OR qemu-kvm-2.9.1-6.44 is installed OR qemu-lang-2.9.1-6.44 is installed OR qemu-seabios-1.10.2-6.44 is installed OR qemu-sgabios-8-6.44 is installed OR qemu-tools-2.9.1-6.44 is installed OR qemu-vgabios-1.10.2-6.44 is installed OR qemu-x86-2.9.1-6.44 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_61-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_19-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.27 is installed OR apache2-doc-2.4.23-29.27 is installed OR apache2-example-pages-2.4.23-29.27 is installed OR apache2-prefork-2.4.23-29.27 is installed OR apache2-utils-2.4.23-29.27 is installed OR apache2-worker-2.4.23-29.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information fetchmail-6.3.26-12 is installed OR fetchmailconf-6.3.26-12 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-PyKMIP-0.6.0-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Django1-1.11.20-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information openstack-aodh-5.1.1~dev5-3.5 is installed OR openstack-aodh-api-5.1.1~dev5-3.5 is installed OR openstack-aodh-doc-5.1.1~dev5-3.5 is installed OR openstack-aodh-evaluator-5.1.1~dev5-3.5 is installed OR openstack-aodh-expirer-5.1.1~dev5-3.5 is installed OR openstack-aodh-listener-5.1.1~dev5-3.5 is installed OR openstack-aodh-notifier-5.1.1~dev5-3.5 is installed OR openstack-barbican-5.0.1~dev11-3.8 is installed OR openstack-barbican-api-5.0.1~dev11-3.8 is installed OR openstack-barbican-doc-5.0.1~dev11-3.8 is installed OR openstack-barbican-keystone-listener-5.0.1~dev11-3.8 is installed OR openstack-barbican-retry-5.0.1~dev11-3.8 is installed OR openstack-barbican-worker-5.0.1~dev11-3.8 is installed OR openstack-cinder-11.1.2~dev14-3.6 is installed OR openstack-cinder-api-11.1.2~dev14-3.6 is installed OR openstack-cinder-backup-11.1.2~dev14-3.6 is installed OR openstack-cinder-doc-11.1.2~dev14-3.6 is installed OR openstack-cinder-scheduler-11.1.2~dev14-3.6 is installed OR openstack-cinder-volume-11.1.2~dev14-3.6 is installed OR openstack-dashboard-12.0.4~dev1-3.8 is installed OR openstack-designate-5.0.2~dev5-3.5 is installed OR openstack-designate-agent-5.0.2~dev5-3.5 is installed OR openstack-designate-api-5.0.2~dev5-3.5 is installed OR openstack-designate-central-5.0.2~dev5-3.5 is installed OR openstack-designate-doc-5.0.2~dev5-3.5 is installed OR openstack-designate-producer-5.0.2~dev5-3.5 is installed OR openstack-designate-sink-5.0.2~dev5-3.5 is installed OR openstack-designate-worker-5.0.2~dev5-3.5 is installed OR openstack-glance-15.0.2~dev4-3.3 is installed OR openstack-glance-api-15.0.2~dev4-3.3 is installed OR openstack-glance-doc-15.0.2~dev4-3.3 is installed OR openstack-glance-registry-15.0.2~dev4-3.3 is installed OR openstack-heat-9.0.5~dev11-3.6 is installed OR openstack-heat-api-9.0.5~dev11-3.6 is installed OR openstack-heat-api-cfn-9.0.5~dev11-3.6 is installed OR openstack-heat-api-cloudwatch-9.0.5~dev11-3.6 is installed OR openstack-heat-doc-9.0.5~dev11-3.6 is installed OR openstack-heat-engine-9.0.5~dev11-3.6 is installed OR openstack-heat-plugin-heat_docker-9.0.5~dev11-3.6 is installed OR openstack-heat-templates-0.0.0+git.1525957319.6b5a7cd-3.3 is installed OR openstack-heat-test-9.0.5~dev11-3.6 is installed OR openstack-horizon-plugin-designate-ui-5.0.2~dev5-3.3 is installed OR openstack-horizon-plugin-freezer-ui-5.0.1~dev6-3.3 is installed OR openstack-horizon-plugin-gbp-ui-5.0.1~dev21-4.3 is installed OR openstack-horizon-plugin-manila-ui-2.10.3~dev4-4.5 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-3.0.3~dev2-3.5 is installed OR openstack-horizon-plugin-trove-ui-9.0.1~dev7-3.3 is installed OR openstack-ironic-9.1.5~dev7-3.6 is installed OR openstack-ironic-api-9.1.5~dev7-3.6 is installed OR openstack-ironic-conductor-9.1.5~dev7-3.6 is installed OR openstack-ironic-doc-9.1.5~dev7-3.6 is installed OR openstack-keystone-12.0.1~dev19-5.8 is installed OR openstack-keystone-doc-12.0.1~dev19-5.8 is installed OR openstack-manila-5.0.2~dev55-3.6 is installed OR openstack-manila-api-5.0.2~dev55-3.6 is installed OR openstack-manila-data-5.0.2~dev55-3.6 is installed OR openstack-manila-doc-5.0.2~dev55-3.6 is installed OR openstack-manila-scheduler-5.0.2~dev55-3.6 is installed OR openstack-manila-share-5.0.2~dev55-3.6 is installed OR openstack-neutron-11.0.6~dev63-3.6 is installed OR openstack-neutron-dhcp-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-doc-11.0.6~dev63-3.6 is installed OR openstack-neutron-fwaas-11.0.2~dev7-3.5 is installed OR openstack-neutron-fwaas-doc-11.0.2~dev7-3.5 is installed OR openstack-neutron-ha-tool-11.0.6~dev63-3.6 is installed OR openstack-neutron-l3-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-lbaas-11.0.4~dev4-3.3 is installed OR openstack-neutron-lbaas-agent-11.0.4~dev4-3.3 is installed OR openstack-neutron-lbaas-doc-11.0.4~dev4-3.3 is installed OR openstack-neutron-linuxbridge-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-macvtap-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-metadata-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-metering-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-openvswitch-agent-11.0.6~dev63-3.6 is installed OR openstack-neutron-server-11.0.6~dev63-3.6 is installed OR openstack-neutron-vpn-agent-11.0.1~dev1-3.3 is installed OR openstack-neutron-vpnaas-11.0.1~dev1-3.3 is installed OR openstack-neutron-vpnaas-doc-11.0.1~dev1-3.3 is installed OR openstack-neutron-vyatta-agent-11.0.1~dev1-3.3 is installed OR openstack-neutron-zvm-agent-8.0.1~dev12-4.3 is installed OR openstack-nova-16.1.5~dev49-3.8 is installed OR openstack-nova-api-16.1.5~dev49-3.8 is installed OR openstack-nova-cells-16.1.5~dev49-3.8 is installed OR openstack-nova-compute-16.1.5~dev49-3.8 is installed OR openstack-nova-conductor-16.1.5~dev49-3.8 is installed OR openstack-nova-console-16.1.5~dev49-3.8 is installed OR openstack-nova-consoleauth-16.1.5~dev49-3.8 is installed OR openstack-nova-doc-16.1.5~dev49-3.8 is installed OR openstack-nova-novncproxy-16.1.5~dev49-3.8 is installed OR openstack-nova-placement-api-16.1.5~dev49-3.8 is installed OR openstack-nova-scheduler-16.1.5~dev49-3.8 is installed OR openstack-nova-serialproxy-16.1.5~dev49-3.8 is installed OR openstack-nova-virt-zvm-8.0.1~dev56-3.3 is installed OR openstack-nova-vncproxy-16.1.5~dev49-3.8 is installed OR openstack-octavia-1.0.3~dev21-4.6 is installed OR openstack-octavia-amphora-agent-1.0.3~dev21-4.6 is installed OR openstack-octavia-api-1.0.3~dev21-4.6 is installed OR openstack-octavia-health-manager-1.0.3~dev21-4.6 is installed OR openstack-octavia-housekeeping-1.0.3~dev21-4.6 is installed OR openstack-octavia-worker-1.0.3~dev21-4.6 is installed OR openstack-trove-8.0.1~dev11-3.3 is installed OR openstack-trove-api-8.0.1~dev11-3.3 is installed OR openstack-trove-conductor-8.0.1~dev11-3.3 is installed OR openstack-trove-doc-8.0.1~dev11-3.3 is installed OR openstack-trove-guestagent-8.0.1~dev11-3.3 is installed OR openstack-trove-taskmanager-8.0.1~dev11-3.3 is installed OR python-aodh-5.1.1~dev5-3.5 is installed OR python-barbican-5.0.1~dev11-3.8 is installed OR python-barbicanclient-4.5.2-4.3 is installed OR python-barbicanclient-doc-4.5.2-4.3 is installed OR python-cinder-11.1.2~dev14-3.6 is installed OR python-designate-5.0.2~dev5-3.5 is installed OR python-glance-15.0.2~dev4-3.3 is installed OR python-heat-9.0.5~dev11-3.6 is installed OR python-horizon-12.0.4~dev1-3.8 is installed OR python-horizon-plugin-designate-ui-5.0.2~dev5-3.3 is installed OR python-horizon-plugin-freezer-ui-5.0.1~dev6-3.3 is installed OR python-horizon-plugin-gbp-ui-5.0.1~dev21-4.3 is installed OR python-horizon-plugin-manila-ui-2.10.3~dev4-4.5 is installed OR python-horizon-plugin-neutron-lbaas-ui-3.0.3~dev2-3.5 is installed OR python-horizon-plugin-trove-ui-9.0.1~dev7-3.3 is installed OR python-ironic-9.1.5~dev7-3.6 is installed OR python-keystone-12.0.1~dev19-5.8 is installed OR python-keystone-json-assignment-0.0.2-3.3 is installed OR python-manila-5.0.2~dev55-3.6 is installed OR python-manilaclient-1.17.3-3.3 is installed OR python-manilaclient-doc-1.17.3-3.3 is installed OR python-neutron-11.0.6~dev63-3.6 is installed OR python-neutron-fwaas-11.0.2~dev7-3.5 is installed OR python-neutron-lbaas-11.0.4~dev4-3.3 is installed OR python-neutron-vpnaas-11.0.1~dev1-3.3 is installed OR python-nova-16.1.5~dev49-3.8 is installed OR python-octavia-1.0.3~dev21-4.6 is installed OR python-trove-8.0.1~dev11-3.3 is installed OR python-vmware-nsx-11.0.3~dev16-3.3 is installed OR python-vmware-nsxlib-11.0.4~dev7-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.3 is installed

BACK