Oval Definition:	oval:org.opensuse.security:def:59854
Revision Date: 2021-03-01 Version: 1 Title: Security update for perl-XML-Twig (Moderate) Description: This update for perl-XML-Twig fixes the following issues: - Security fix [bsc#1008644, CVE-2016-9180] * Added: the no_xxe option to XML::Twig::new, which causes the parse to fail if external entities are used (to prevent malicious XML to access the filesystem). * Setting expand_external_ents to 0 or -1 currently doesn't work as expected; To completely turn off expanding external entities use no_xxe. * Update documentation for XML::Twig to mention problems with expand_external_ents and add information about new no_xxe argument Family: unix Class: patch Status: Reference(s): 1008644 1012215 1027519 1046853 1046858 1047964 1047965 1049344 1053043 1066223 1070724 1092548 1094555 1104129 1108382 1109137 1111188 1111331 1116380 1119086 1119947 1120902 1121263 1125580 1126068 1126069 1126961 1127155 1129346 1129770 1130680 1130847 1131335 1131336 1131645 1132390 1133140 1133185 1133190 1133191 1133738 1133818 1134395 1135642 1136598 1136889 1136922 1136935 1137004 1137194 1137739 1137749 1137752 1137915 1138291 1138293 1138374 1138681 1139751 1140575 1140577 1140738 1141329 1141332 1144903 1153108 1153158 1153161 1156275 1172265 1172798 1172846 1173972 1174753 1174817 1175168 1178593 CVE-2013-5653 CVE-2015-3228 CVE-2016-10220 CVE-2016-7978 CVE-2016-7979 CVE-2016-8602 CVE-2016-9180 CVE-2016-9601 CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-15108 CVE-2017-18926 CVE-2017-5951 CVE-2017-7207 CVE-2017-8291 CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9106 CVE-2017-9107 CVE-2017-9108 CVE-2017-9109 CVE-2018-12126 CVE-2018-12126 CVE-2018-12127 CVE-2018-12127 CVE-2018-12130 CVE-2018-12130 CVE-2018-16884 CVE-2018-20815 CVE-2018-20836 CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5174 CVE-2018-5178 CVE-2018-5183 CVE-2018-5740 CVE-2018-5743 CVE-2018-5745 CVE-2019-10126 CVE-2019-10220 CVE-2019-10638 CVE-2019-10639 CVE-2019-11091 CVE-2019-11091 CVE-2019-11487 CVE-2019-11599 CVE-2019-12380 CVE-2019-12456 CVE-2019-12525 CVE-2019-12529 CVE-2019-12614 CVE-2019-12818 CVE-2019-12819 CVE-2019-13345 CVE-2019-14869 CVE-2019-17133 CVE-2019-6465 CVE-2019-9636 CVE-2019-9948 CVE-2020-13844 SUSE-SU-2017:2075-1 SUSE-SU-2018:0372-1 SUSE-SU-2019:1243-1 SUSE-SU-2019:1439-1 SUSE-SU-2019:1852-1 SUSE-SU-2019:2983-1 SUSE-SU-2020:2173-2 SUSE-SU-2020:3263-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information krb5-1.15.2-lp150.4 is installed OR krb5-32bit-1.15.2-lp150.4 is installed OR krb5-server-1.15.2-lp150.4 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information gnutls-3.6.7-lp151.2.3 is installed OR gnutls-guile-3.6.7-lp151.2.3 is installed OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed OR libgnutls-dane0-3.6.7-lp151.2.3 is installed OR libgnutls-devel-3.6.7-lp151.2.3 is installed OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed OR libgnutls30-3.6.7-lp151.2.3 is installed OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed OR libgnutlsxx28-3.6.7-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-52.8.0esr-109.31 is installed OR MozillaFirefox-devel-52.8.0esr-109.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information ghostscript-9.15-22 is installed OR ghostscript-x11-9.15-22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.130 is installed OR kernel-default-base-4.4.180-94.130 is installed OR kernel-default-devel-4.4.180-94.130 is installed OR kernel-devel-4.4.180-94.130 is installed OR kernel-macros-4.4.180-94.130 is installed OR kernel-source-4.4.180-94.130 is installed OR kernel-syms-4.4.180-94.130 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_156-94_57-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_18-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_113-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_30-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND shadow-4.2.1-27.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND apache2-mod_perl-2.0.8-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND perl-XML-Twig-3.44-5.3.1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.100 is installed OR kernel-default-base-4.4.180-94.100 is installed OR kernel-default-devel-4.4.180-94.100 is installed OR kernel-devel-4.4.180-94.100 is installed OR kernel-macros-4.4.180-94.100 is installed OR kernel-source-4.4.180-94.100 is installed OR kernel-syms-4.4.180-94.100 is installed OR kgraft-patch-4_4_180-94_100-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_27-1-4.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information MozillaFirefox-78.0.1-112.3 is installed OR MozillaFirefox-branding-SLE-78-35.3 is installed OR MozillaFirefox-devel-78.0.1-112.3 is installed OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
BACK