Oval Definition:oval:org.opensuse.security:def:59411
Revision Date:2020-12-01Version:1
Title:Security update for clamav (Moderate)
Description:

This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability (bsc#1101410) - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small file (bsc#1101412) - CVE-2018-1000085: Fixed a out-of-bounds heap read in XAR parser (bsc#1082858) - CVE-2018-14679: Libmspack heap buffer over-read in CHM parser (bsc#1103040) - Buffer over-read in unRAR code due to missing max value checks in table initialization - PDF parser bugs

The following other changes were made:

- Disable YARA support for licensing reasons (bsc#1101654). - Add HTTPS support for clamsubmit - Fix for DNS resolution for users on IPv4-only machines where IPv6 is not available or is link-local only
Family:unixClass:patch
Status:Reference(s):1005023
1022805
1023616
1027519
1043055
1048576
1068032
1076696
1082858
1084878
1086039
1089152
1089635
1090820
1090822
1090823
1092497
1094508
1101410
1101412
1101591
1101654
1103040
1103276
1106913
1111014
1114981
1115034
1115518
1117665
1119971
1120323
1123886
1133037
1135966
1135967
1137865
1139550
1140671
1141054
1141619
1142772
1144338
1144903
1145477
1145692
1146285
1146361
1146378
1146391
1146413
1146425
1146512
1146514
1146516
1146519
1146584
1147122
1148394
1148938
1148987
1149376
1149522
1149527
1149555
1149612
1149849
1150025
1150112
1150223
1150452
1150457
1150465
1150466
1151347
1151350
1152107
1152685
1152782
1152788
1153158
1154372
1155671
1155898
1156187
1160398
1160594
1160764
1160968
1161779
1163922
1169511
1173798
1174205
1174757
1175691
1176069
CVE-2009-4012
CVE-2014-8962
CVE-2014-9028
CVE-2016-10906
CVE-2016-2399
CVE-2017-18509
CVE-2017-18595
CVE-2017-5754
CVE-2017-9788
CVE-2018-0360
CVE-2018-0361
CVE-2018-1000085
CVE-2018-10471
CVE-2018-10472
CVE-2018-12207
CVE-2018-14679
CVE-2018-15468
CVE-2018-16864
CVE-2018-16865
CVE-2018-16866
CVE-2018-17963
CVE-2018-20976
CVE-2018-8897
CVE-2019-0154
CVE-2019-0155
CVE-2019-1010006
CVE-2019-1010180
CVE-2019-10220
CVE-2019-11135
CVE-2019-11459
CVE-2019-13272
CVE-2019-13627
CVE-2019-14814
CVE-2019-14815
CVE-2019-14816
CVE-2019-14821
CVE-2019-14835
CVE-2019-15098
CVE-2019-15211
CVE-2019-15212
CVE-2019-15214
CVE-2019-15215
CVE-2019-15216
CVE-2019-15217
CVE-2019-15218
CVE-2019-15219
CVE-2019-15220
CVE-2019-15221
CVE-2019-15290
CVE-2019-15291
CVE-2019-15505
CVE-2019-15666
CVE-2019-15807
CVE-2019-15902
CVE-2019-15924
CVE-2019-15926
CVE-2019-15927
CVE-2019-16231
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16413
CVE-2019-16746
CVE-2019-16995
CVE-2019-17055
CVE-2019-17056
CVE-2019-17133
CVE-2019-17666
CVE-2019-18680
CVE-2019-18805
CVE-2019-9456
CVE-2019-9506
CVE-2020-14314
CVE-2020-14331
CVE-2020-14386
CVE-2020-16166
CVE-2020-2583
CVE-2020-2590
CVE-2020-2593
CVE-2020-2601
CVE-2020-2604
CVE-2020-2654
CVE-2020-2659
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2773
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
CVE-2020-8013
SUSE-SU-2017:1961-1
SUSE-SU-2017:1986-1
SUSE-SU-2018:2323-2
SUSE-SU-2018:3332-1
SUSE-SU-2019:0135-1
SUSE-SU-2019:2080-1
SUSE-SU-2019:2510-1
SUSE-SU-2019:2916-1
SUSE-SU-2019:2984-1
SUSE-SU-2020:0545-1
SUSE-SU-2020:0628-1
SUSE-SU-2020:1686-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • file-5.32-lp150.5 is installed
  • OR file-magic-5.32-lp150.5 is installed
  • OR libmagic1-5.32-lp150.5 is installed
  • OR libmagic1-32bit-5.32-lp150.5 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • httpie-1.0.3-lp151.2.3 is installed
  • OR python3-httpie-1.0.3-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND clamav-0.100.1-33.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.5_02-43.30 is installed
  • OR xen-doc-html-4.7.5_02-43.30 is installed
  • OR xen-libs-4.7.5_02-43.30 is installed
  • OR xen-libs-32bit-4.7.5_02-43.30 is installed
  • OR xen-tools-4.7.5_02-43.30 is installed
  • OR xen-tools-domU-4.7.5_02-43.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libFLAC++6-1.3.0-11 is installed
  • OR libFLAC8-1.3.0-11 is installed
  • OR libFLAC8-32bit-1.3.0-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpolkit0-0.113-5.18 is installed
  • OR polkit-0.113-5.18 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
  • OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
  • OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
  • OR webkit2gtk3-2.24.4-2.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_155-94_50-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_17-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libsystemd0-228-150.53 is installed
  • OR libsystemd0-32bit-228-150.53 is installed
  • OR libudev1-228-150.53 is installed
  • OR libudev1-32bit-228-150.53 is installed
  • OR systemd-228-150.53 is installed
  • OR systemd-32bit-228-150.53 is installed
  • OR systemd-bash-completion-228-150.53 is installed
  • OR systemd-sysvinit-228-150.53 is installed
  • OR udev-228-150.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • coreutils-8.25-13.7 is installed
  • OR coreutils-lang-8.25-13.7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.68 is installed
  • OR libgcrypt20-1.6.1-16.68 is installed
  • OR libgcrypt20-32bit-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Django1-1.11.23-3.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND gdb-8.3.1-2.14 is installed
    • BACK