Oval Definition:oval:org.opensuse.security:def:59207
Revision Date:2020-12-01Version:1
Title:Security update for shibboleth-sp (Moderate)
Description:

This update for shibboleth-sp fixes the following issues:

Security issue fixed:

- CVE-2019-19191: Fixed escalation to root by fixing ownership of log files (bsc#1157471).
Family:unixClass:patch
Status:Reference(s):1043983
1048072
1055265
1056286
1056782
1058754
1058755
1058757
1062452
1069607
1069632
1073002
1078782
1082007
1082008
1082009
1082010
1082011
1082014
1082058
1087433
1087434
1087436
1087437
1087440
1087441
1108308
1111331
1112530
1112532
1117951
1119376
1122706
1129071
1130611
1130617
1130620
1130622
1130623
1130627
1132663
1132900
1142690
1145092
1152990
1152992
1152994
1152995
1157471
1158809
1160163
1162002
1169659
1170313
1170383
1170423
1171189
1171191
1171220
1171517
1171732
1171988
1172049
1172275
1172405
1172453
1172458
1172524
1172775
1172781
1172782
1172783
1172999
1173160
1174115
1174120
1174462
1174543
CVE-2009-0696
CVE-2009-4022
CVE-2010-0750
CVE-2010-3613
CVE-2010-3614
CVE-2010-3615
CVE-2011-0414
CVE-2011-1485
CVE-2011-1907
CVE-2011-1910
CVE-2011-2464
CVE-2011-4313
CVE-2012-1667
CVE-2012-3817
CVE-2012-3868
CVE-2012-4244
CVE-2012-5166
CVE-2012-5688
CVE-2012-5689
CVE-2013-2266
CVE-2013-4288
CVE-2013-4854
CVE-2014-0591
CVE-2014-8500
CVE-2015-1349
CVE-2015-3218
CVE-2015-3255
CVE-2015-3256
CVE-2015-4620
CVE-2015-4625
CVE-2015-5477
CVE-2015-5722
CVE-2015-8000
CVE-2015-8704
CVE-2015-9096
CVE-2016-1285
CVE-2016-1286
CVE-2016-2339
CVE-2016-2775
CVE-2016-2776
CVE-2016-6170
CVE-2016-7798
CVE-2016-8864
CVE-2016-9131
CVE-2016-9147
CVE-2016-9444
CVE-2017-0898
CVE-2017-0899
CVE-2017-0900
CVE-2017-0901
CVE-2017-0902
CVE-2017-0903
CVE-2017-10784
CVE-2017-14033
CVE-2017-14064
CVE-2017-17405
CVE-2017-17742
CVE-2017-17790
CVE-2017-3135
CVE-2017-3136
CVE-2017-3137
CVE-2017-3138
CVE-2017-3142
CVE-2017-3143
CVE-2017-6318
CVE-2017-9228
CVE-2017-9229
CVE-2018-1000073
CVE-2018-1000074
CVE-2018-1000075
CVE-2018-1000076
CVE-2018-1000077
CVE-2018-1000078
CVE-2018-1000079
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-16395
CVE-2018-16396
CVE-2018-20060
CVE-2018-6914
CVE-2018-8777
CVE-2018-8778
CVE-2018-8779
CVE-2018-8780
CVE-2019-10206
CVE-2019-10208
CVE-2019-11091
CVE-2019-11236
CVE-2019-11324
CVE-2019-12519
CVE-2019-12520
CVE-2019-12521
CVE-2019-12524
CVE-2019-1551
CVE-2019-15845
CVE-2019-16201
CVE-2019-16254
CVE-2019-16255
CVE-2019-19191
CVE-2019-20810
CVE-2019-20812
CVE-2019-3813
CVE-2019-8320
CVE-2019-8321
CVE-2019-8322
CVE-2019-8323
CVE-2019-8324
CVE-2019-8325
CVE-2019-9740
CVE-2020-0305
CVE-2020-10135
CVE-2020-10663
CVE-2020-10711
CVE-2020-10732
CVE-2020-10745
CVE-2020-10751
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10773
CVE-2020-11945
CVE-2020-12771
CVE-2020-12861
CVE-2020-12862
CVE-2020-12863
CVE-2020-12864
CVE-2020-12865
CVE-2020-12866
CVE-2020-12867
CVE-2020-13974
CVE-2020-14416
CVE-2020-8022
SUSE-SU-2018:3074-2
SUSE-SU-2019:1954-1
SUSE-SU-2019:2159-1
SUSE-SU-2019:2274-1
SUSE-SU-2019:2300-1
SUSE-SU-2020:0115-1
SUSE-SU-2020:0474-1
SUSE-SU-2020:1227-1
SUSE-SU-2020:1570-1
SUSE-SU-2020:1791-1
SUSE-SU-2020:2312-1
SUSE-SU-2020:3125-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libfreebl3-3.36.1-lp150.1 is installed
  • OR libsoftokn3-3.36.1-lp150.1 is installed
  • OR mozilla-nss-3.36.1-lp150.1 is installed
  • OR mozilla-nss-certs-3.36.1-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND ucode-intel-20191115-lp151.2.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libecpg6-10.5-1.3 is installed
  • OR libpq5-10.5-1.3 is installed
  • OR libpq5-32bit-10.5-1.3 is installed
  • OR postgresql-init-10-17.20 is installed
  • OR postgresql10-10.5-1.3 is installed
  • OR postgresql10-contrib-10.5-1.3 is installed
  • OR postgresql10-docs-10.5-1.3 is installed
  • OR postgresql10-libs-10.5-1.3 is installed
  • OR postgresql10-server-10.5-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libspice-server1-0.12.7-10.6 is installed
  • OR spice-0.12.7-10.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libshibsp-lite6-2.5.5-6.6 is installed
  • OR libshibsp6-2.5.5-6.6 is installed
  • OR shibboleth-sp-2.5.5-6.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • bind-9.9.9P1-62 is installed
  • OR bind-chrootenv-9.9.9P1-62 is installed
  • OR bind-doc-9.9.9P1-62 is installed
  • OR bind-libs-9.9.9P1-62 is installed
  • OR bind-libs-32bit-9.9.9P1-62 is installed
  • OR bind-utils-9.9.9P1-62 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND permissions-2015.09.28.1626-17.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • curl-7.37.0-37.47 is installed
  • OR libcurl4-7.37.0-37.47 is installed
  • OR libcurl4-32bit-7.37.0-37.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • nfs-client-1.3.0-34.22 is installed
  • OR nfs-doc-1.3.0-34.22 is installed
  • OR nfs-kernel-server-1.3.0-34.22 is installed
  • OR nfs-utils-1.3.0-34.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • openssh-7.2p2-74.30 is installed
  • OR openssh-askpass-gnome-7.2p2-74.30 is installed
  • OR openssh-fips-7.2p2-74.30 is installed
  • OR openssh-helpers-7.2p2-74.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • gnome-keyring-3.20.0-28.3 is installed
  • OR gnome-keyring-32bit-3.20.0-28.3 is installed
  • OR gnome-keyring-lang-3.20.0-28.3 is installed
  • OR gnome-keyring-pam-3.20.0-28.3 is installed
  • OR gnome-keyring-pam-32bit-3.20.0-28.3 is installed
  • OR libgck-modules-gnome-keyring-3.20.0-28.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND squid-3.5.21-26.23 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • mariadb-10.2.29-3.22 is installed
  • OR mariadb-galera-10.2.29-3.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ucode-intel-20190618-13.47 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • crowbar-core-6.0+git.1571412352.8da4d261f-3.13 is installed
  • OR crowbar-core-branding-upstream-6.0+git.1571412352.8da4d261f-3.13 is installed
  • OR crowbar-openstack-6.0+git.1572264221.3826a58b8-3.13 is installed
  • OR grafana-6.2.5-3.9 is installed
  • OR openstack-cinder-13.0.8~dev8-3.13 is installed
  • OR openstack-cinder-api-13.0.8~dev8-3.13 is installed
  • OR openstack-cinder-backup-13.0.8~dev8-3.13 is installed
  • OR openstack-cinder-scheduler-13.0.8~dev8-3.13 is installed
  • OR openstack-cinder-volume-13.0.8~dev8-3.13 is installed
  • OR openstack-dashboard-14.0.5~dev1-3.9 is installed
  • OR openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed
  • OR openstack-keystone-14.1.1~dev26-3.13 is installed
  • OR openstack-manila-7.3.1~dev15-4.13 is installed
  • OR openstack-manila-api-7.3.1~dev15-4.13 is installed
  • OR openstack-manila-data-7.3.1~dev15-4.13 is installed
  • OR openstack-manila-scheduler-7.3.1~dev15-4.13 is installed
  • OR openstack-manila-share-7.3.1~dev15-4.13 is installed
  • OR openstack-neutron-13.0.6~dev3-3.13 is installed
  • OR openstack-neutron-dhcp-agent-13.0.6~dev3-3.13 is installed
  • OR openstack-neutron-fwaas-13.0.3~dev2-3.6 is installed
  • OR openstack-neutron-ha-tool-13.0.6~dev3-3.13 is installed
  • OR openstack-neutron-l3-agent-13.0.6~dev3-3.13 is installed
  • OR openstack-neutron-lbaas-13.0.1~dev15-3.10 is installed
  • OR openstack-neutron-lbaas-agent-13.0.1~dev15-3.10 is installed
  • OR openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13 is installed
  • OR openstack-neutron-macvtap-agent-13.0.6~dev3-3.13 is installed
  • OR openstack-neutron-metadata-agent-13.0.6~dev3-3.13 is installed
  • OR openstack-neutron-metering-agent-13.0.6~dev3-3.13 is installed
  • OR openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13 is installed
  • OR openstack-neutron-server-13.0.6~dev3-3.13 is installed
  • OR openstack-nova-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-api-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-cells-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-compute-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-conductor-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-console-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-novncproxy-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-placement-api-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-scheduler-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-serialproxy-18.2.4~dev18-3.13 is installed
  • OR openstack-nova-vncproxy-18.2.4~dev18-3.13 is installed
  • OR openstack-octavia-3.2.1~dev1-3.13 is installed
  • OR openstack-octavia-amphora-agent-3.2.1~dev1-3.13 is installed
  • OR openstack-octavia-amphora-image-0.1.1-7.3 is installed
  • OR openstack-octavia-amphora-image-x86_64-0.1.1-7.3 is installed
  • OR openstack-octavia-api-3.2.1~dev1-3.13 is installed
  • OR openstack-octavia-health-manager-3.2.1~dev1-3.13 is installed
  • OR openstack-octavia-housekeeping-3.2.1~dev1-3.13 is installed
  • OR openstack-octavia-worker-3.2.1~dev1-3.13 is installed
  • OR python-Django1-1.11.24-3.12 is installed
  • OR python-cinder-13.0.8~dev8-3.13 is installed
  • OR python-horizon-14.0.5~dev1-3.9 is installed
  • OR python-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed
  • OR python-keystone-14.1.1~dev26-3.13 is installed
  • OR python-keystonemiddleware-5.2.1-11 is installed
  • OR python-manila-7.3.1~dev15-4.13 is installed
  • OR python-neutron-13.0.6~dev3-3.13 is installed
  • OR python-neutron-fwaas-13.0.3~dev2-3.6 is installed
  • OR python-neutron-lbaas-13.0.1~dev15-3.10 is installed
  • OR python-nova-18.2.4~dev18-3.13 is installed
  • OR python-octavia-3.2.1~dev1-3.13 is installed
  • OR python-octaviaclient-1.6.1-3.3 is installed
  • OR python-openstack_auth-14.0.5~dev1-3.9 is installed
  • OR python-os-brick-2.5.8-3.6 is installed
  • OR python-os-brick-common-2.5.8-3.6 is installed
  • OR python-oslo.cache-1.30.4-3.3 is installed
  • OR python-oslo.messaging-8.1.4-3.3 is installed
    • BACK