Oval Definition:	oval:org.opensuse.security:def:59988
Revision Date: 2020-12-01 Version: 1 Title: Security update for clamav (Moderate) Description: This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504). - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458). Non-security issues fixed: - Added the --max-scantime clamscan option and MaxScanTime clamd configuration option (bsc#1144504). - Increased the startup timeout of clamd to 5 minutes to cater for the grown virus database as a workaround until clamd has learned to talk to systemd to extend the timeout as long as needed (bsc#1151839). Family: unix Class: patch Status: Reference(s): 1073748 1083507 1085967 1087020 1101644 1101645 1101651 1101656 1109673 1109847 1112142 1112143 1112144 1112146 1112147 1112152 1112153 1113969 1122191 1144504 1149458 1149792 1151839 1159819 1159913 1165631 1168669 1168930 1169605 1169746 1169786 1169936 1170302 1170741 1170908 1170939 1171978 1172524 1173022 1173100 1173659 1173661 1173869 1173942 1173963 1174247 1174415 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 CVE-2009-3607 CVE-2009-3608 CVE-2013-1788 CVE-2013-1789 CVE-2013-1790 CVE-2013-2124 CVE-2013-4419 CVE-2013-4473 CVE-2013-4474 CVE-2017-18207 CVE-2017-6318 CVE-2018-13785 CVE-2018-14647 CVE-2018-16435 CVE-2018-16468 CVE-2018-17407 CVE-2018-2938 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214 CVE-2018-3639 CVE-2018-8048 CVE-2018-9055 CVE-2019-12625 CVE-2019-12625 CVE-2019-12900 CVE-2019-12900 CVE-2019-14895 CVE-2019-14901 CVE-2019-16746 CVE-2019-17006 CVE-2019-19447 CVE-2019-5010 CVE-2019-5108 CVE-2019-9458 CVE-2020-11008 CVE-2020-11668 CVE-2020-12399 CVE-2020-12402 CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 CVE-2020-14331 CVE-2020-15900 CVE-2020-1749 CVE-2020-5260 SUSE-SU-2018:1424-1 SUSE-SU-2018:2040-1 SUSE-SU-2019:0049-1 SUSE-SU-2019:0394-1 SUSE-SU-2019:0482-1 SUSE-SU-2019:3066-1 SUSE-SU-2020:2097-1 SUSE-SU-2020:3125-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libstaroffice-0_0-0-0.0.5-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information go1.12-1.12.9-lp151.2.21 is installed OR go1.12-doc-1.12.9-lp151.2.21 is installed OR go1.12-race-1.12.9-lp151.2.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information guestfs-data-1.32.4-19 is installed OR guestfs-tools-1.32.4-19 is installed OR guestfsd-1.32.4-19 is installed OR libguestfs0-1.32.4-19 is installed OR perl-Sys-Guestfs-1.32.4-19 is installed OR python-libguestfs-1.32.4-19 is installed OR virt-p2v-1.32.4-19 is installed OR virt-v2v-1.32.4-19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libshibsp-lite6-2.5.5-6.6 is installed OR libshibsp6-2.5.5-6.6 is installed OR shibboleth-sp-2.5.5-6.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ghostscript-9.26-23.16 is installed OR ghostscript-x11-9.26-23.16 is installed OR libspectre-0.2.7-12.4 is installed OR libspectre1-0.2.7-12.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information at-3.1.14-8.6 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information grub2-2.02-12.39 is installed OR grub2-arm64-efi-2.02-12.39 is installed OR grub2-i386-pc-2.02-12.39 is installed OR grub2-powerpc-ieee1275-2.02-12.39 is installed OR grub2-s390x-emu-2.02-12.39 is installed OR grub2-snapper-plugin-2.02-12.39 is installed OR grub2-systemd-sleep-plugin-2.02-12.39 is installed OR grub2-x86_64-efi-2.02-12.39 is installed OR grub2-x86_64-xen-2.02-12.39 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information ghostscript-9.52-23.39 is installed OR ghostscript-x11-9.52-23.39 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-ipaddress-1.0.18-3.13 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-loofah-2.0.2-3.5 is installed OR rubygem-loofah-2.0.2-3.5 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information libxerces-c-3_1-3.1.1-13.3 is installed OR libxerces-c-3_1-32bit-3.1.1-13.3 is installed OR xerces-c-3.1.1-13.3 is installed
BACK