Oval Definition:oval:org.opensuse.security:def:59596
Revision Date:2021-03-01Version:1
Title:Security update for perl-XML-Twig (Moderate)
Description:

This update for perl-XML-Twig fixes the following issues:

- Security fix [bsc#1008644, CVE-2016-9180] * Added: the no_xxe option to XML::Twig::new, which causes the parse to fail if external entities are used (to prevent malicious XML to access the filesystem). * Setting expand_external_ents to 0 or -1 currently doesn't work as expected; To completely turn off expanding external entities use no_xxe. * Update documentation for XML::Twig to mention problems with expand_external_ents and add information about new no_xxe argument
Family:unixClass:patch
Status:Reference(s):1008644
1027282
1041090
1041783
1042670
1042802
1042803
1043088
1045719
1045721
1067720
1073269
1073748
1074014
1076861
1078326
1078485
1079150
1081750
1084650
1085970
1086001
1087416
1088004
1088009
1092885
1093697
1094325
1094480
1094725
1095472
1095556
1102379
1102400
1102410
1103098
1107030
1112039
1125401
1127223
1127308
1128525
1128574
1130324
1149792
1153332
1153830
1154609
1155094
1159035
1162224
1162367
1162825
1165894
1170411
1171561
1171924
1174157
1175259
945401
959329
CVE-2009-5155
CVE-2011-3602
CVE-2014-8962
CVE-2014-9028
CVE-2016-9180
CVE-2017-7511
CVE-2017-7515
CVE-2017-9406
CVE-2017-9408
CVE-2017-9775
CVE-2017-9776
CVE-2018-1060
CVE-2018-1061
CVE-2018-1336
CVE-2018-16301
CVE-2018-18386
CVE-2018-3639
CVE-2018-5391
CVE-2018-8014
CVE-2018-8034
CVE-2018-8037
CVE-2018-8088
CVE-2019-15165
CVE-2019-17639
CVE-2019-18197
CVE-2019-18348
CVE-2019-8936
CVE-2019-9169
CVE-2019-9674
CVE-2019-9924
CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-8492
SUSE-SU-2017:1999-1
SUSE-SU-2018:1744-1
SUSE-SU-2018:2304-1
SUSE-SU-2018:2696-1
SUSE-SU-2018:2699-1
SUSE-SU-2019:0838-2
SUSE-SU-2019:2669-1
SUSE-SU-2020:0920-2
SUSE-SU-2020:1524-1
SUSE-SU-2020:2461-1
SUSE-SU-2020:3343-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libsrtp1-1.6.0-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.2-lp151.2.7 is installed
  • OR MozillaThunderbird-buildsymbols-60.7.2-lp151.2.7 is installed
  • OR MozillaThunderbird-translations-common-60.7.2-lp151.2.7 is installed
  • OR MozillaThunderbird-translations-other-60.7.2-lp151.2.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • bash-4.3-83.23 is installed
  • OR bash-doc-4.3-83.23 is installed
  • OR libreadline6-6.3-83.23 is installed
  • OR libreadline6-32bit-6.3-83.23 is installed
  • OR readline-doc-6.3-83.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_53-default-11-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_16-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libFLAC++6-1.3.0-11 is installed
  • OR libFLAC8-1.3.0-11 is installed
  • OR libFLAC8-32bit-1.3.0-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libsolv-0.6.36-2.30 is installed
  • OR libsolv-devel-0.6.36-2.30 is installed
  • OR libsolv-tools-0.6.36-2.30 is installed
  • OR perl-solv-0.6.36-2.30 is installed
  • OR python-solv-0.6.36-2.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.29 is installed
  • OR python3-3.4.6-25.29 is installed
  • OR python3-base-3.4.6-25.29 is installed
  • OR python3-curses-3.4.6-25.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND ucode-intel-20190618-13.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND libcares2-1.9.1-9.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND ctags-5.8-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND perl-XML-Twig-3.44-5.3.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libpcap-1.8.1-10.3 is installed
  • OR libpcap1-1.8.1-10.3 is installed
  • OR tcpdump-4.9.2-14.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND slf4j-1.7.12-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND haproxy-1.6.11-11.3 is installed
    • BACK