OVAL Reference oval:org.opensuse.security:def:59526

Oval Definition:

oval:org.opensuse.security:def:59526

Revision Date:	2021-08-24	Version:	1
Title:	Security update for python-PyYAML (Important)
Description:	This update for python-PyYAML fixes the following issues: - Update to 5.3.1. - CVE-2020-14343: A vulnerability was discovered in the PyYAML library, where it was susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
Family:	unix	Class:	patch
Status:		Reference(s):	1026236 1067841 1067844 1076503 1086825 1090023 1090024 1090025 1090026 1090027 1090028 1090029 1090030 1090032 1090033 1092098 1096745 1114988 1123157 1126140 1126141 1126192 1126195 1126196 1126198 1126201 1127400 1129623 1135902 1140402 1143794 1143797 1144902 1146874 1149813 1152107 1160968 1169511 1171352 1172277 1173798 1173991 1174205 1174284 1174514 1174757 1174771 1175112 1175127 1175228 1175664 1175665 1175671 1175686 1175691 1176069 CVE-2009-0037 CVE-2009-2417 CVE-2009-4012 CVE-2013-0249 CVE-2013-1944 CVE-2013-2174 CVE-2013-4143 CVE-2013-4545 CVE-2014-0015 CVE-2014-0138 CVE-2014-0139 CVE-2014-3613 CVE-2014-3620 CVE-2014-3707 CVE-2014-8150 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153 CVE-2016-0755 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-7141 CVE-2016-7167 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9586 CVE-2017-15098 CVE-2017-15099 CVE-2017-7407 CVE-2018-1000301 CVE-2018-12020 CVE-2018-19967 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-5764 CVE-2019-10218 CVE-2019-12068 CVE-2019-12155 CVE-2019-13164 CVE-2019-14378 CVE-2019-15890 CVE-2019-16746 CVE-2019-17340 CVE-2019-17341 CVE-2019-17342 CVE-2019-17343 CVE-2019-17344 CVE-2019-17346 CVE-2019-17347 CVE-2019-17348 CVE-2019-2949 CVE-2019-6778 CVE-2019-9824 CVE-2020-14314 CVE-2020-14331 CVE-2020-14343 CVE-2020-14386 CVE-2020-15663 CVE-2020-15664 CVE-2020-15670 CVE-2020-15810 CVE-2020-15811 CVE-2020-16166 CVE-2020-24606 CVE-2020-2654 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 SUSE-SU-2017:3391-1 SUSE-SU-2018:0174-1 SUSE-SU-2018:1698-1 SUSE-SU-2019:0921-1 SUSE-SU-2019:2157-1 SUSE-SU-2019:2875-1 SUSE-SU-2020:1685-1 SUSE-SU-2020:2471-1 SUSE-SU-2020:2544-1 SUSE-SU-2020:2582-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libgypsy0-0.9-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information kconf_update5-5.32.0-7 is installed OR kconfig-5.32.0-7 is installed OR kconfig-devel-5.32.0-7 is installed OR kconfig-devel-32bit-5.55.0-lp151.2.5 is installed OR kconfig-devel-64bit-5.32.0-7 is installed OR kdelibs4-4.14.33-7 is installed OR kdelibs4-apidocs-4.14.33-7 is installed OR kdelibs4-branding-upstream-4.14.33-7 is installed OR kdelibs4-core-4.14.33-7 is installed OR kdelibs4-doc-4.14.33-7 is installed OR libKF5ConfigCore5-5.32.0-7 is installed OR libKF5ConfigCore5-32bit-5.55.0-lp151.2.5 is installed OR libKF5ConfigCore5-64bit-5.32.0-7 is installed OR libKF5ConfigCore5-lang-5.32.0-7 is installed OR libKF5ConfigGui5-5.32.0-7 is installed OR libKF5ConfigGui5-32bit-5.55.0-lp151.2.5 is installed OR libKF5ConfigGui5-64bit-5.32.0-7 is installed OR libkde4-4.14.33-7 is installed OR libkde4-32bit-4.14.38-lp151.9.5 is installed OR libkde4-64bit-4.14.33-7 is installed OR libkde4-devel-4.14.33-7 is installed OR libkdecore4-4.14.33-7 is installed OR libkdecore4-32bit-4.14.38-lp151.9.5 is installed OR libkdecore4-64bit-4.14.33-7 is installed OR libkdecore4-devel-4.14.33-7 is installed OR libksuseinstall-devel-4.14.33-7 is installed OR libksuseinstall1-4.14.33-7 is installed OR libksuseinstall1-32bit-4.14.38-lp151.9.5 is installed OR libksuseinstall1-64bit-4.14.33-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information qemu-2.6.2-41.55 is installed OR qemu-block-curl-2.6.2-41.55 is installed OR qemu-block-rbd-2.6.2-41.55 is installed OR qemu-block-ssh-2.6.2-41.55 is installed OR qemu-guest-agent-2.6.2-41.55 is installed OR qemu-ipxe-1.0.0-41.55 is installed OR qemu-kvm-2.6.2-41.55 is installed OR qemu-lang-2.6.2-41.55 is installed OR qemu-seabios-1.9.1-41.55 is installed OR qemu-sgabios-8-41.55 is installed OR qemu-tools-2.6.2-41.55 is installed OR qemu-vgabios-1.9.1-41.55 is installed OR qemu-x86-2.6.2-41.55 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information curl-7.37.0-36 is installed OR libcurl4-7.37.0-36 is installed OR libcurl4-32bit-7.37.0-36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information apache2-2.4.23-29.54 is installed OR apache2-doc-2.4.23-29.54 is installed OR apache2-example-pages-2.4.23-29.54 is installed OR apache2-prefork-2.4.23-29.54 is installed OR apache2-utils-2.4.23-29.54 is installed OR apache2-worker-2.4.23-29.54 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND binutils-2.32-9.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kernel-default-4.4.180-94.116 is installed OR kernel-default-base-4.4.180-94.116 is installed OR kernel-default-devel-4.4.180-94.116 is installed OR kernel-default-kgraft-4.4.180-94.116 is installed OR kernel-default-man-4.4.180-94.116 is installed OR kernel-devel-4.4.180-94.116 is installed OR kernel-macros-4.4.180-94.116 is installed OR kernel-source-4.4.180-94.116 is installed OR kernel-syms-4.4.180-94.116 is installed OR kgraft-patch-4_4_180-94_116-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_31-1-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cpio-2.11-36.3 is installed OR cpio-lang-2.11-36.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information python-PyYAML-5.3.1-28.6.1 is installed OR python3-PyYAML-5.3.1-28.6.1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND squid-3.5.21-26.32 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information ardana-ansible-9.0+git.1566374020.301191f-3.7 is installed OR ardana-barbican-9.0+git.1566251498.be02ca4-3.7 is installed OR ardana-cinder-9.0+git.1565678764.c3a9b9f-3.7 is installed OR ardana-cluster-9.0+git.1559333871.40508f7-3.7 is installed OR ardana-cobbler-9.0+git.1566336494.93967dd-3.7 is installed OR ardana-db-9.0+git.1564409964.b7e4fc3-3.7 is installed OR ardana-designate-9.0+git.1565680593.df7a432-3.7 is installed OR ardana-extensions-nsx-9.0+git.1566213657.69862ab-8 is installed OR ardana-glance-9.0+git.1566375806.f0b2333-3.7 is installed OR ardana-heat-9.0+git.1565721273.f44b8d7-3.7 is installed OR ardana-horizon-9.0+git.1565891518.2a545a1-3.7 is installed OR ardana-input-model-9.0+git.1562848565.91e75b2-3.7 is installed OR ardana-installer-ui-9.0+git.1566255088.3443670-3.7 is installed OR ardana-ironic-9.0+git.1565721987.ddc59c8-3.7 is installed OR ardana-keystone-9.0+git.1565891593.cad6d1a-3.7 is installed OR ardana-logging-9.0+git.1565761582.2dc823a-3.7 is installed OR ardana-magnum-9.0+git.1565762005.016032a-3.7 is installed OR ardana-monasca-9.0+git.1566332665.ad894c0-3.7 is installed OR ardana-mq-9.0+git.1565115025.148d092-3.7 is installed OR ardana-neutron-9.0+git.1566251310.3a1e8f9-3.7 is installed OR ardana-nova-9.0+git.1566332515.e232568-3.7 is installed OR ardana-octavia-9.0+git.1566206502.6c87b41-3.7 is installed OR ardana-opsconsole-9.0+git.1566251377.b1caeaa-3.7 is installed OR ardana-opsconsole-ui-9.0+git.1555530925.206f1a8-4.7 is installed OR ardana-osconfig-9.0+git.1565764394.545b573-3.7 is installed OR ardana-service-9.0+git.1564706915.edd44c4-3.7 is installed OR ardana-ses-9.0+git.1565962617.523149b-3.7 is installed OR ardana-swift-9.0+git.1565891872.73fc3c7-3.7 is installed OR ardana-swiftlm-drive-provision-9.0+git.1541434883.e0ebe69-8 is installed OR ardana-swiftlm-log-tailer-9.0+git.1541434883.e0ebe69-8 is installed OR ardana-swiftlm-uptime-mon-9.0+git.1541434883.e0ebe69-8 is installed OR ardana-tempest-9.0+git.1566471752.a3c5c9c-3.7 is installed OR openstack-ceilometer-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-central-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-compute-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-ipmi-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-notification-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-polling-11.0.2~dev14-3.7 is installed OR openstack-cinder-13.0.7~dev3-3.7 is installed OR openstack-cinder-api-13.0.7~dev3-3.7 is installed OR openstack-cinder-backup-13.0.7~dev3-3.7 is installed OR openstack-cinder-scheduler-13.0.7~dev3-3.7 is installed OR openstack-cinder-volume-13.0.7~dev3-3.7 is installed OR openstack-designate-7.0.1~dev21-3.7 is installed OR openstack-designate-agent-7.0.1~dev21-3.7 is installed OR openstack-designate-api-7.0.1~dev21-3.7 is installed OR openstack-designate-central-7.0.1~dev21-3.7 is installed OR openstack-designate-producer-7.0.1~dev21-3.7 is installed OR openstack-designate-sink-7.0.1~dev21-3.7 is installed OR openstack-designate-worker-7.0.1~dev21-3.7 is installed OR openstack-heat-11.0.3~dev19-3.7 is installed OR openstack-heat-api-11.0.3~dev19-3.7 is installed OR openstack-heat-api-cfn-11.0.3~dev19-3.7 is installed OR openstack-heat-engine-11.0.3~dev19-3.7 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev19-3.7 is installed OR openstack-horizon-plugin-neutron-fwaas-ui-1.5.1~dev6-8 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev7-8 is installed OR openstack-horizon-plugin-neutron-vpnaas-ui-1.4.1~dev7-8 is installed OR openstack-ironic-11.1.4~dev9-3.7 is installed OR openstack-ironic-api-11.1.4~dev9-3.7 is installed OR openstack-ironic-conductor-11.1.4~dev9-3.7 is installed OR openstack-ironic-python-agent-3.3.3~dev4-3.7 is installed OR openstack-keystone-14.1.1~dev8-3.7 is installed OR openstack-magnum-7.1.1~dev28-3.7 is installed OR openstack-magnum-api-7.1.1~dev28-3.7 is installed OR openstack-magnum-conductor-7.1.1~dev28-3.7 is installed OR openstack-manila-7.3.1~dev3-4.7 is installed OR openstack-manila-api-7.3.1~dev3-4.7 is installed OR openstack-manila-data-7.3.1~dev3-4.7 is installed OR openstack-manila-scheduler-7.3.1~dev3-4.7 is installed OR openstack-manila-share-7.3.1~dev3-4.7 is installed OR openstack-monasca-notification-1.14.2~dev1-6.7 is installed OR openstack-monasca-persister-1.12.1~dev9-9 is installed OR openstack-monasca-persister-java-1.12.1~dev9-9 is installed OR openstack-neutron-13.0.5~dev22-3.7 is installed OR openstack-neutron-dhcp-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-gbp-5.0.1~dev459-3.7 is installed OR openstack-neutron-ha-tool-13.0.5~dev22-3.7 is installed OR openstack-neutron-l3-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-lbaas-13.0.1~dev14-3.7 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev14-3.7 is installed OR openstack-neutron-linuxbridge-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-macvtap-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-metadata-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-metering-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-openvswitch-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-server-13.0.5~dev22-3.7 is installed OR openstack-nova-18.2.2~dev9-3.7 is installed OR openstack-nova-api-18.2.2~dev9-3.7 is installed OR openstack-nova-cells-18.2.2~dev9-3.7 is installed OR openstack-nova-compute-18.2.2~dev9-3.7 is installed OR openstack-nova-conductor-18.2.2~dev9-3.7 is installed OR openstack-nova-console-18.2.2~dev9-3.7 is installed OR openstack-nova-novncproxy-18.2.2~dev9-3.7 is installed OR openstack-nova-placement-api-18.2.2~dev9-3.7 is installed OR openstack-nova-scheduler-18.2.2~dev9-3.7 is installed OR openstack-nova-serialproxy-18.2.2~dev9-3.7 is installed OR openstack-nova-vncproxy-18.2.2~dev9-3.7 is installed OR openstack-octavia-3.1.2~dev8-3.7 is installed OR openstack-octavia-amphora-agent-3.1.2~dev8-3.7 is installed OR openstack-octavia-api-3.1.2~dev8-3.7 is installed OR openstack-octavia-health-manager-3.1.2~dev8-3.7 is installed OR openstack-octavia-housekeeping-3.1.2~dev8-3.7 is installed OR openstack-octavia-worker-3.1.2~dev8-3.7 is installed OR openstack-tempest-19.0.0-12 is installed OR openstack-tempest-test-19.0.0-12 is installed OR python-ardana-configurationprocessor-9.0+git.1566405927.c5c03d4-3.8 is installed OR python-ceilometer-11.0.2~dev14-3.7 is installed OR python-cinder-13.0.7~dev3-3.7 is installed OR python-cinder-tempest-plugin-0.1.0-8 is installed OR python-designate-7.0.1~dev21-3.7 is installed OR python-heat-11.0.3~dev19-3.7 is installed OR python-horizon-plugin-neutron-fwaas-ui-1.5.1~dev6-8 is installed OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev7-8 is installed OR python-horizon-plugin-neutron-vpnaas-ui-1.4.1~dev7-8 is installed OR python-ironic-11.1.4~dev9-3.7 is installed OR python-ironicclient-2.5.3-4.7 is installed OR python-ironicclient-doc-2.5.3-4.7 is installed OR python-keystone-14.1.1~dev8-3.7 is installed OR python-keystonemiddleware-5.2.0-8 is installed OR python-magnum-7.1.1~dev28-3.7 is installed OR python-manila-7.3.1~dev3-4.7 is installed OR python-monasca-notification-1.14.2~dev1-6.7 is installed OR python-monasca-persister-1.12.1~dev9-9 is installed OR python-monasca-tempest-plugin-0.3.0-8 is installed OR python-neutron-13.0.5~dev22-3.7 is installed OR python-neutron-gbp-5.0.1~dev459-3.7 is installed OR python-neutron-lbaas-13.0.1~dev14-3.7 is installed OR python-nova-18.2.2~dev9-3.7 is installed OR python-octavia-3.1.2~dev8-3.7 is installed OR python-openstackclient-3.16.2-8 is installed OR python-openstacksdk-0.17.3-8 is installed OR python-proliantutils-2.8.4-8 is installed OR python-python-engineio-2.0.2-9 is installed OR python-swiftlm-9.0+git.1541434883.e0ebe69-8 is installed OR python-tempest-19.0.0-12 is installed OR python-vmware-nsx-13.0.1~dev146-9 is installed OR python-vmware-nsxlib-13.0.1~dev24-8 is installed OR venv-openstack-barbican-7.0.1~dev18-3.7 is installed OR venv-openstack-barbican-x86_64-7.0.1~dev18-3.7 is installed OR venv-openstack-cinder-13.0.7~dev3-3.7 is installed OR venv-openstack-cinder-x86_64-13.0.7~dev3-3.7 is installed OR venv-openstack-designate-7.0.1~dev21-3.7 is installed OR venv-openstack-designate-x86_64-7.0.1~dev21-3.7 is installed OR venv-openstack-glance-17.0.1~dev16-3.7 is installed OR venv-openstack-glance-x86_64-17.0.1~dev16-3.7 is installed OR venv-openstack-heat-11.0.3~dev19-3.7 is installed OR venv-openstack-heat-x86_64-11.0.3~dev19-3.7 is installed OR venv-openstack-horizon-14.0.4~dev4-4.7 is installed OR venv-openstack-horizon-x86_64-14.0.4~dev4-4.7 is installed OR venv-openstack-ironic-11.1.4~dev9-4.7 is installed OR venv-openstack-ironic-x86_64-11.1.4~dev9-4.7 is installed OR venv-openstack-keystone-14.1.1~dev8-3.7 is installed OR venv-openstack-keystone-x86_64-14.1.1~dev8-3.7 is installed OR venv-openstack-magnum-7.1.1~dev28-4.7 is installed OR venv-openstack-magnum-x86_64-7.1.1~dev28-4.7 is installed OR venv-openstack-manila-7.3.1~dev3-3.7 is installed OR venv-openstack-manila-x86_64-7.3.1~dev3-3.7 is installed OR venv-openstack-monasca-2.7.1~dev10-3.7 is installed OR venv-openstack-monasca-ceilometer-1.8.2~dev3-3.7 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.7 is installed OR venv-openstack-monasca-x86_64-2.7.1~dev10-3.7 is installed OR venv-openstack-neutron-13.0.5~dev22-6.7 is installed OR venv-openstack-neutron-x86_64-13.0.5~dev22-6.7 is installed OR venv-openstack-nova-18.2.2~dev9-3.7 is installed OR venv-openstack-nova-x86_64-18.2.2~dev9-3.7 is installed OR venv-openstack-octavia-3.1.2~dev8-4.7 is installed OR venv-openstack-octavia-x86_64-3.1.2~dev8-4.7 is installed OR venv-openstack-sahara-9.0.2~dev9-3.7 is installed OR venv-openstack-sahara-x86_64-9.0.2~dev9-3.7 is installed OR venv-openstack-swift-2.19.2~dev1-2.4 is installed OR venv-openstack-swift-x86_64-2.19.2~dev1-2.4 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information kernel-default-4.4.180-94.130 is installed OR kernel-default-base-4.4.180-94.130 is installed OR kernel-default-devel-4.4.180-94.130 is installed OR kernel-default-kgraft-4.4.180-94.130 is installed OR kernel-devel-4.4.180-94.130 is installed OR kernel-macros-4.4.180-94.130 is installed OR kernel-source-4.4.180-94.130 is installed OR kernel-syms-4.4.180-94.130 is installed OR kgraft-patch-4_4_180-94_130-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_35-1-4.3 is installed

BACK