Oval Definition:	oval:org.opensuse.security:def:60103
Revision Date: 2020-12-01 Version: 1 Title: Security update for openldap2 (Important) Description: This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND='ldap' was used (bsc#1172698). - Changed DB_CONFIG to root:ldap permissions (bsc#1172704). - Fixed an issue where slapd becomes unresponsive after many failed login/bind attempts(bsc#1170715). Family: unix Class: patch Status: Reference(s): 1023895 1052261 1054429 1055478 1070737 1076958 1101820 1111657 1112758 1113660 1120644 1122191 1138748 1149792 1160467 1160468 1170715 1171924 1172140 1172437 1172698 1172704 1173160 1174120 1177158 980486 981848 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4536 CVE-2009-4538 CVE-2010-0405 CVE-2010-0750 CVE-2010-1146 CVE-2010-1436 CVE-2010-1641 CVE-2010-2066 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2011-0712 CVE-2011-1020 CVE-2011-1485 CVE-2011-1577 CVE-2011-2203 CVE-2011-2483 CVE-2012-0056 CVE-2013-0160 CVE-2013-0231 CVE-2013-0913 CVE-2013-2850 CVE-2013-4288 CVE-2013-4312 CVE-2014-0038 CVE-2014-00691 CVE-2014-0196 CVE-2015-1350 CVE-2015-3218 CVE-2015-3255 CVE-2015-3256 CVE-2015-4625 CVE-2015-7833 CVE-2015-7884 CVE-2015-7885 CVE-2015-8709 CVE-2015-8812 CVE-2015-8964 CVE-2016-0617 CVE-2016-0723 CVE-2016-0728 CVE-2016-0758 CVE-2016-10200 CVE-2016-1237 CVE-2016-1583 CVE-2016-2117 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-2383 CVE-2016-2384 CVE-2016-2847 CVE-2016-3134 CVE-2016-3135 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3140 CVE-2016-3156 CVE-2016-3672 CVE-2016-3689 CVE-2016-3713 CVE-2016-3951 CVE-2016-4470 CVE-2016-4482 CVE-2016-4486 CVE-2016-4557 CVE-2016-4558 CVE-2016-4569 CVE-2016-4578 CVE-2016-4794 CVE-2016-4805 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998 CVE-2016-5195 CVE-2016-5244 CVE-2016-5412 CVE-2016-5696 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197 CVE-2016-6480 CVE-2016-6828 CVE-2016-7039 CVE-2016-7042 CVE-2016-7097 CVE-2016-7117 CVE-2016-7425 CVE-2016-7913 CVE-2016-7917 CVE-2016-8632 CVE-2016-8636 CVE-2016-8645 CVE-2016-8655 CVE-2016-8658 CVE-2016-8666 CVE-2016-9083 CVE-2016-9084 CVE-2016-9191 CVE-2016-9555 CVE-2016-9576 CVE-2016-9793 CVE-2016-9794 CVE-2016-9806 CVE-2016-9919 CVE-2017-1000364 CVE-2017-1000365 CVE-2017-1000380 CVE-2017-12424 CVE-2017-15107 CVE-2017-2583 CVE-2017-2584 CVE-2017-2596 CVE-2017-2636 CVE-2017-2671 CVE-2017-5551 CVE-2017-5576 CVE-2017-5577 CVE-2017-5897 CVE-2017-5970 CVE-2017-5986 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6347 CVE-2017-6353 CVE-2017-7184 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7346 CVE-2017-7374 CVE-2017-7487 CVE-2017-7518 CVE-2017-7616 CVE-2017-7618 CVE-2017-8890 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9150 CVE-2017-9242 CVE-2018-10903 CVE-2018-16840 CVE-2018-16842 CVE-2018-20406 CVE-2019-14896 CVE-2019-14897 CVE-2019-15666 CVE-2019-5010 CVE-2020-10745 CVE-2020-10745 CVE-2020-10757 CVE-2020-14355 CVE-2020-8023 SUSE-SU-2017:2947-1 SUSE-SU-2018:3608-1 SUSE-SU-2019:0243-1 SUSE-SU-2019:1721-1 SUSE-SU-2020:1784-1 SUSE-SU-2020:2066-1 SUSE-SU-2020:3085-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND phpMyAdmin-4.8.4-32 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND squid-4.8-lp151.2.3 is installed Definition Synopsis openSUSE Leap 15.1 NonFree is installed AND opera-65.0.3467.62-lp151.2.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libldap-2_4-2-2.4.41-18.71 is installed OR libldap-2_4-2-32bit-2.4.41-18.71 is installed OR openldap2-2.4.41-18.71 is installed OR openldap2-back-meta-2.4.41-18.71 is installed OR openldap2-client-2.4.41-18.71 is installed OR openldap2-doc-2.4.41-18.71 is installed OR openldap2-ppolicy-check-password-1.2-18.71 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information bzip2-1.0.6-29 is installed OR bzip2-doc-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.116 is installed OR kernel-default-base-4.4.180-94.116 is installed OR kernel-default-devel-4.4.180-94.116 is installed OR kernel-devel-4.4.180-94.116 is installed OR kernel-macros-4.4.180-94.116 is installed OR kernel-source-4.4.180-94.116 is installed OR kernel-syms-4.4.180-94.116 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR libwebkit2gtk3-lang-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information kernel-default-4.12.14-95.57 is installed OR kernel-default-base-4.12.14-95.57 is installed OR kernel-default-devel-4.12.14-95.57 is installed OR kernel-default-man-4.12.14-95.57 is installed OR kernel-devel-4.12.14-95.57 is installed OR kernel-macros-4.12.14-95.57 is installed OR kernel-source-4.12.14-95.57 is installed OR kernel-syms-4.12.14-95.57 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information dnsmasq-2.78-18.6 is installed OR dnsmasq-utils-2.78-18.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information MozillaFirefox-78.0.1-112.3 is installed OR MozillaFirefox-branding-SLE-78-35.3 is installed OR MozillaFirefox-devel-78.0.1-112.3 is installed OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
BACK