Oval Definition:	oval:org.opensuse.security:def:59993
Revision Date: 2020-12-01 Version: 1 Title: Security update for permissions (Moderate) Description: This update for permissions fixes the following issues: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary (bsc#1093414). - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links (bsc#1150734). - Fixed a regression which caused segmentation fault (bsc#1157198). Family: unix Class: patch Status: Reference(s): 1012382 1015336 1015337 1015340 1019683 1019695 1020413 1020645 1023175 1027260 1027457 1031492 1042286 1043083 1046264 1047487 1048916 1050549 1065600 1066223 1068032 1070805 1072947 1078355 1078662 1079935 1080740 1084300 1086095 1086423 1086652 1091405 1093158 1093414 1094244 1094823 1094973 1096242 1096281 1099523 1099810 1100105 1101557 1102439 1102660 1102875 1102877 1102879 1102882 1102896 1103097 1103156 1103257 1103624 1104098 1104731 1105428 1106061 1106105 1106237 1106240 1106383 1106929 1106989 1106996 1107385 1107609 1107866 1108145 1108240 1109272 1109330 1109695 1109806 1110286 1111062 1111174 1111809 1112142 1112143 1112144 1112146 1112147 1112148 1112152 1112153 1112246 1112963 1113412 1113766 1114190 1114417 1114475 1114648 1114763 1114839 1114871 1114893 1115431 1115433 1115440 1115482 1115709 1116027 1116183 1116285 1116336 1116345 1116497 1116653 1116841 1116924 1116950 1116962 1117108 1117162 1117165 1117186 1117562 1117645 1117744 1118152 1118316 1118319 1118505 1118790 1118798 1118915 1118922 1118926 1118930 1118936 1119204 1119680 1119714 1119877 1119946 1119967 1119970 1120017 1120046 1120381 1120722 1120743 1120758 1120902 1120950 1121239 1121240 1121241 1121242 1121275 1121621 1121726 1122033 1122650 1122651 1122779 1122885 1123321 1123323 1123357 1123933 1124166 1124365 1124366 1124368 1124728 1124732 1124735 1124775 1124777 1124780 1124811 1124937 1125000 1125014 1125446 1125794 1125796 1125808 1125809 1125810 1125892 1128649 1129271 1129272 1130330 1131317 1132053 1132054 1132060 1133495 1139459 1150734 1151377 1151506 1152107 1154043 1154609 1155574 1156482 1157198 1159814 1160467 1160468 1162108 1171252 1171254 1173477 1173691 1173694 1173700 1173701 1173743 1173798 1173874 1173875 1173876 1173880 1174205 1174757 1175691 1176069 985031 CVE-2009-0945 CVE-2011-3193 CVE-2011-3630 CVE-2011-3631 CVE-2011-3632 CVE-2011-3922 CVE-2012-4929 CVE-2012-6093 CVE-2013-0254 CVE-2013-4549 CVE-2014-0190 CVE-2015-0295 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2017-18922 CVE-2018-1120 CVE-2018-13785 CVE-2018-16412 CVE-2018-16413 CVE-2018-16435 CVE-2018-16644 CVE-2018-16862 CVE-2018-16884 CVE-2018-19407 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2018-20467 CVE-2018-21247 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 CVE-2018-5391 CVE-2018-7738 CVE-2018-9568 CVE-2019-10650 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-14896 CVE-2019-14897 CVE-2019-16746 CVE-2019-18197 CVE-2019-20839 CVE-2019-20840 CVE-2019-3459 CVE-2019-3460 CVE-2019-3688 CVE-2019-3688 CVE-2019-3690 CVE-2019-3690 CVE-2019-5418 CVE-2019-5419 CVE-2019-6212 CVE-2019-6215 CVE-2019-6216 CVE-2019-6217 CVE-2019-6226 CVE-2019-6227 CVE-2019-6229 CVE-2019-6233 CVE-2019-6234 CVE-2019-6974 CVE-2019-7175 CVE-2019-7221 CVE-2019-7222 CVE-2019-7395 CVE-2019-7397 CVE-2019-7398 CVE-2019-9956 CVE-2020-12653 CVE-2020-12654 CVE-2020-14314 CVE-2020-14331 CVE-2020-14386 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-16166 CVE-2020-1712 SUSE-SU-2018:2071-1 SUSE-SU-2019:0057-1 SUSE-SU-2019:0541-1 SUSE-SU-2019:0915-1 SUSE-SU-2019:1033-1 SUSE-SU-2019:3180-1 SUSE-SU-2020:0331-1 SUSE-SU-2020:2167-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libthunarx-2-0-1.6.14-lp150.1 is installed OR thunar-1.6.14-lp150.1 is installed OR thunar-lang-1.6.14-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information update-test-32bit-pkg-5.1-lp151.12 is installed OR update-test-affects-package-manager-5.1-lp151.12 is installed OR update-test-broken-5.1-lp151.12 is installed OR update-test-feature-5.1-lp151.12 is installed OR update-test-interactive-5.1-lp151.12 is installed OR update-test-optional-5.1-lp151.12 is installed OR update-test-reboot-needed-5.1-lp151.12 is installed OR update-test-relogin-suggested-5.1-lp151.12 is installed OR update-test-security-5.1-lp151.12 is installed OR update-test-trivial-5.1-lp151.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND permissions-2015.09.28.1626-17.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND hardlink-1.0-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.2-2.53 is installed OR libwebkit2gtk-4_0-37-2.28.2-2.53 is installed OR libwebkit2gtk3-lang-2.28.2-2.53 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.2-2.53 is installed OR typelib-1_0-WebKit2-4_0-2.28.2-2.53 is installed OR webkit2gtk-4_0-injected-bundles-2.28.2-2.53 is installed OR webkit2gtk3-2.28.2-2.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND permissions-2015.09.28.1626-17.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND tcpdump-4.9.2-14.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR avahi-utils-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information dovecot22-2.2.31-19.22 is installed OR dovecot22-backend-mysql-2.2.31-19.22 is installed OR dovecot22-backend-pgsql-2.2.31-19.22 is installed OR dovecot22-backend-sqlite-2.2.31-19.22 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-actionpack-4_2-4.2.9-7.6 is installed OR rubygem-actionpack-4_2-4.2.9-7.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information xorg-x11-server-1.19.6-4.11 is installed OR xorg-x11-server-extra-1.19.6-4.11 is installed
BACK