OVAL Reference oval:org.opensuse.security:def:60123

Oval Definition:

oval:org.opensuse.security:def:60123

Revision Date:	2020-12-01	Version:	1
Title:	Security update for LibVNCServer (Important)
Description:	This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock() fix CVE-2019-20840 [bsc#1173876], unaligned accesses in hybiReadAndDecode can lead to denial of service fix CVE-2020-14398 [bsc#1173880], improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c fix CVE-2020-14397 [bsc#1173700], NULL pointer dereference in libvncserver/rfbregion.c fix CVE-2020-14399 [bsc#1173743], Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. fix CVE-2020-14400 [bsc#1173691], Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. fix CVE-2020-14401 [bsc#1173694], potential integer overflows in libvncserver/scale.c fix CVE-2020-14402 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2020-14403 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2020-14404 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2017-18922 [bsc#1173477], preauth buffer overwrite
Family:	unix	Class:	patch
Status:		Reference(s):	1070500 1071905 1071906 1091396 1105010 1108818 1118159 1120657 1122053 1122825 1124170 1128382 1128453 1128783 1129729 1132654 1132852 1133719 1134495 1134589 1136569 1137377 1137817 1138124 1138187 1138489 1138967 1139750 1140512 1140663 1142032 1142521 1142686 1143310 1153332 1154212 1158442 1160467 1160468 1160968 1162972 1163102 1163103 1163104 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1174633 1174635 1174638 1176579 964336 CVE-2010-4352 CVE-2012-2150 CVE-2012-2396 CVE-2012-3524 CVE-2013-1986 CVE-2013-2168 CVE-2014-3477 CVE-2014-3532 CVE-2014-3533 CVE-2014-3540 CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 CVE-2014-7824 CVE-2014-8148 CVE-2015-0245 CVE-2015-3448 CVE-2016-7947 CVE-2016-7948 CVE-2017-17051 CVE-2017-18922 CVE-2017-3737 CVE-2017-3738 CVE-2018-15473 CVE-2018-16301 CVE-2018-21247 CVE-2019-14896 CVE-2019-14897 CVE-2019-15165 CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2019-17631 CVE-2019-20839 CVE-2019-20840 CVE-2019-2933 CVE-2019-2945 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2996 CVE-2019-2999 CVE-2019-9735 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-1472 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 SUSE-SU-2017:3343-1 SUSE-SU-2018:3910-1 SUSE-SU-2019:2219-1 SUSE-SU-2019:2669-1 SUSE-SU-2020:0024-1 SUSE-SU-2020:0488-1 SUSE-SU-2020:2331-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND yast2-rmt-1.2.2-lp150.2.19 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information bzip2-1.0.6-lp151.5.3 is installed OR bzip2-doc-1.0.6-lp151.5.3 is installed OR libbz2-1-1.0.6-lp151.5.3 is installed OR libbz2-1-32bit-1.0.6-lp151.5.3 is installed OR libbz2-devel-1.0.6-lp151.5.3 is installed OR libbz2-devel-32bit-1.0.6-lp151.5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.65-38.53 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND binutils-2.32-9.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information gdk-pixbuf-2.34.0-19.17 is installed OR gdk-pixbuf-lang-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-19.17 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-19.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.15 is installed OR crowbar-core-5.0+git.1565280360.01fed6905-3.26 is installed OR crowbar-core-branding-upstream-5.0+git.1565280360.01fed6905-3.26 is installed OR crowbar-ha-5.0+git.1562069707.e2de18c-3.20 is installed OR crowbar-openstack-5.0+git.1565270683.ea6e63d87-4.28 is installed OR crowbar-ui-1.2.0+git.1563181545.65360af5-3.9 is installed OR documentation-suse-openstack-cloud-deployment-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-supplement-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-upstream-admin-8.20190805-1.20 is installed OR documentation-suse-openstack-cloud-upstream-user-8.20190805-1.20 is installed OR galera-python-clustercheck-0.0+git.1562242499.36b8b64-4.6 is installed OR grafana-monasca-ui-drilldown-1.8.1~dev39-3.9 is installed OR openstack-cinder-11.2.3~dev7-3.18 is installed OR openstack-cinder-api-11.2.3~dev7-3.18 is installed OR openstack-cinder-backup-11.2.3~dev7-3.18 is installed OR openstack-cinder-doc-11.2.3~dev7-3.18 is installed OR openstack-cinder-scheduler-11.2.3~dev7-3.18 is installed OR openstack-cinder-volume-11.2.3~dev7-3.18 is installed OR openstack-glance-15.0.3~dev2-3.9 is installed OR openstack-glance-api-15.0.3~dev2-3.9 is installed OR openstack-glance-doc-15.0.3~dev2-3.9 is installed OR openstack-glance-registry-15.0.3~dev2-3.9 is installed OR openstack-heat-9.0.8~dev11-3.21 is installed OR openstack-heat-api-9.0.8~dev11-3.21 is installed OR openstack-heat-api-cfn-9.0.8~dev11-3.21 is installed OR openstack-heat-api-cloudwatch-9.0.8~dev11-3.21 is installed OR openstack-heat-doc-9.0.8~dev11-3.21 is installed OR openstack-heat-engine-9.0.8~dev11-3.21 is installed OR openstack-heat-plugin-heat_docker-9.0.8~dev11-3.21 is installed OR openstack-heat-test-9.0.8~dev11-3.21 is installed OR openstack-horizon-plugin-monasca-ui-1.8.1~dev39-3.9 is installed OR openstack-horizon-plugin-neutron-fwaas-ui-1.0.1~dev9-4.6 is installed OR openstack-ironic-9.1.8~dev7-3.21 is installed OR openstack-ironic-api-9.1.8~dev7-3.21 is installed OR openstack-ironic-conductor-9.1.8~dev7-3.21 is installed OR openstack-ironic-doc-9.1.8~dev7-3.21 is installed OR openstack-keystone-12.0.4~dev2-5.22 is installed OR openstack-keystone-doc-12.0.4~dev2-5.22 is installed OR openstack-manila-5.1.1~dev2-3.18 is installed OR openstack-manila-api-5.1.1~dev2-3.18 is installed OR openstack-manila-data-5.1.1~dev2-3.18 is installed OR openstack-manila-doc-5.1.1~dev2-3.18 is installed OR openstack-manila-scheduler-5.1.1~dev2-3.18 is installed OR openstack-manila-share-5.1.1~dev2-3.18 is installed OR openstack-monasca-agent-2.2.5~dev5-3.12 is installed OR openstack-monasca-api-2.2.2~dev1-3.15 is installed OR openstack-monasca-persister-1.7.1~dev10-3.9 is installed OR openstack-monasca-persister-java-1.7.1~a0~dev2-3.3 is installed OR openstack-murano-4.0.2~dev2-3.9 is installed OR openstack-murano-api-4.0.2~dev2-3.9 is installed OR openstack-murano-doc-4.0.2~dev2-3.9 is installed OR openstack-murano-engine-4.0.2~dev2-3.9 is installed OR openstack-neutron-11.0.9~dev42-3.21 is installed OR openstack-neutron-dhcp-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-doc-11.0.9~dev42-3.21 is installed OR openstack-neutron-gbp-7.3.1~dev45-3.6 is installed OR openstack-neutron-ha-tool-11.0.9~dev42-3.21 is installed OR openstack-neutron-l3-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-lbaas-11.0.4~dev6-3.12 is installed OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.12 is installed OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.12 is installed OR openstack-neutron-linuxbridge-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-macvtap-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-metadata-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-metering-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-openvswitch-agent-11.0.9~dev42-3.21 is installed OR openstack-neutron-server-11.0.9~dev42-3.21 is installed OR openstack-nova-16.1.9~dev4-3.26 is installed OR openstack-nova-api-16.1.9~dev4-3.26 is installed OR openstack-nova-cells-16.1.9~dev4-3.26 is installed OR openstack-nova-compute-16.1.9~dev4-3.26 is installed OR openstack-nova-conductor-16.1.9~dev4-3.26 is installed OR openstack-nova-console-16.1.9~dev4-3.26 is installed OR openstack-nova-consoleauth-16.1.9~dev4-3.26 is installed OR openstack-nova-doc-16.1.9~dev4-3.26 is installed OR openstack-nova-novncproxy-16.1.9~dev4-3.26 is installed OR openstack-nova-placement-api-16.1.9~dev4-3.26 is installed OR openstack-nova-scheduler-16.1.9~dev4-3.26 is installed OR openstack-nova-serialproxy-16.1.9~dev4-3.26 is installed OR openstack-nova-vncproxy-16.1.9~dev4-3.26 is installed OR openstack-octavia-1.0.6~dev2-4.18 is installed OR openstack-octavia-amphora-agent-1.0.6~dev2-4.18 is installed OR openstack-octavia-api-1.0.6~dev2-4.18 is installed OR openstack-octavia-health-manager-1.0.6~dev2-4.18 is installed OR openstack-octavia-housekeeping-1.0.6~dev2-4.18 is installed OR openstack-octavia-worker-1.0.6~dev2-4.18 is installed OR python-cinder-11.2.3~dev7-3.18 is installed OR python-glance-15.0.3~dev2-3.9 is installed OR python-heat-9.0.8~dev11-3.21 is installed OR python-horizon-plugin-monasca-ui-1.8.1~dev39-3.9 is installed OR python-horizon-plugin-neutron-fwaas-ui-1.0.1~dev9-4.6 is installed OR python-ironic-9.1.8~dev7-3.21 is installed OR python-keystone-12.0.4~dev2-5.22 is installed OR python-manila-5.1.1~dev2-3.18 is installed OR python-monasca-agent-2.2.5~dev5-3.12 is installed OR python-monasca-api-2.2.2~dev1-3.15 is installed OR python-monasca-persister-1.7.1~dev10-3.9 is installed OR python-murano-4.0.2~dev2-3.9 is installed OR python-neutron-11.0.9~dev42-3.21 is installed OR python-neutron-gbp-7.3.1~dev45-3.6 is installed OR python-neutron-lbaas-11.0.4~dev6-3.12 is installed OR python-nova-16.1.9~dev4-3.26 is installed OR python-octavia-1.0.6~dev2-4.18 is installed OR python-oslo.db-4.25.2-3.6 is installed OR python-osprofiler-1.11.1-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information libxerces-c-3_1-3.1.1-13.3 is installed OR libxerces-c-3_1-32bit-3.1.1-13.3 is installed OR xerces-c-3.1.1-13.3 is installed

BACK