Oval Definition:oval:org.opensuse.security:def:60238
Revision Date:2021-04-26Version:1
Title:Security update for apache-commons-io (Moderate)
Description:

This update for apache-commons-io fixes the following issues:

- CVE-2021-29425: Limited path traversal when invoking the method FileNameUtils.normalize with an improper input string (bsc#1184755).
Family:unixClass:patch
Status:Reference(s):1047044
1047898
1050120
1050606
1051446
1052468
1052550
1052710
1052720
1052731
1052732
1055065
1055323
1055434
1055855
1058640
1059751
1068689
1074123
1074969
1074973
1074975
1089039
1101246
1101470
1104789
1106197
1115034
1133719
1136085
1138301
1138303
1138734
1142772
1145692
1154862
1159723
1159729
1164825
1171186
1171928
1173455
1184755
997043
CVE-2008-4225
CVE-2008-4226
CVE-2008-4409
CVE-2009-0035
CVE-2010-4494
CVE-2011-1944
CVE-2011-2895
CVE-2012-5134
CVE-2013-0338
CVE-2013-1969
CVE-2013-6462
CVE-2014-0191
CVE-2014-0209
CVE-2014-0210
CVE-2014-0211
CVE-2014-3660
CVE-2014-4910
CVE-2014-5044
CVE-2014-9273
CVE-2015-1802
CVE-2015-1803
CVE-2015-1804
CVE-2015-1819
CVE-2015-5276
CVE-2015-5312
CVE-2015-7497
CVE-2015-7498
CVE-2015-7499
CVE-2015-7500
CVE-2015-7941
CVE-2015-7942
CVE-2015-8035
CVE-2015-8241
CVE-2015-8242
CVE-2015-8317
CVE-2015-8710
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
CVE-2016-1837
CVE-2016-1838
CVE-2016-1839
CVE-2016-1840
CVE-2016-3627
CVE-2016-3705
CVE-2016-4483
CVE-2016-4658
CVE-2016-9318
CVE-2016-9597
CVE-2017-0663
CVE-2017-10800
CVE-2017-11141
CVE-2017-11529
CVE-2017-11644
CVE-2017-11724
CVE-2017-12434
CVE-2017-12564
CVE-2017-12667
CVE-2017-12670
CVE-2017-12672
CVE-2017-12675
CVE-2017-13060
CVE-2017-13146
CVE-2017-13648
CVE-2017-13658
CVE-2017-14326
CVE-2017-14533
CVE-2017-16852
CVE-2017-17881
CVE-2017-18022
CVE-2017-5838
CVE-2017-5969
CVE-2017-7375
CVE-2017-7376
CVE-2017-9047
CVE-2017-9048
CVE-2017-9049
CVE-2017-9050
CVE-2018-0737
CVE-2018-5246
CVE-2018-5247
CVE-2019-0221
CVE-2019-1010180
CVE-2019-10161
CVE-2019-10167
CVE-2019-12418
CVE-2019-17498
CVE-2019-17563
CVE-2019-17569
CVE-2020-12387
CVE-2020-12388
CVE-2020-12389
CVE-2020-12392
CVE-2020-12393
CVE-2020-12395
CVE-2020-15049
CVE-2020-6831
CVE-2020-9484
CVE-2021-29425
SUSE-SU-2017:3215-1
SUSE-SU-2018:0130-1
SUSE-SU-2018:2928-1
SUSE-SU-2019:2227-2
SUSE-SU-2019:2916-1
SUSE-SU-2019:2936-1
SUSE-SU-2020:1218-1
SUSE-SU-2020:1498-1
SUSE-SU-2020:1946-1
SUSE-SU-2021:1315-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libtasn1-4.13-lp151.4.3 is installed
  • OR libtasn1-6-4.13-lp151.4.3 is installed
  • OR libtasn1-6-32bit-4.13-lp151.4.3 is installed
  • OR libtasn1-devel-4.13-lp151.4.3 is installed
  • OR libtasn1-devel-32bit-4.13-lp151.4.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • containerd-1.2.6-lp151.2.6 is installed
  • OR containerd-ctr-1.2.6-lp151.2.6 is installed
  • OR docker-19.03.1_ce-lp151.2.12 is installed
  • OR docker-bash-completion-19.03.1_ce-lp151.2.12 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6 is installed
  • OR docker-runc-1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6 is installed
  • OR docker-test-19.03.1_ce-lp151.2.12 is installed
  • OR docker-zsh-completion-19.03.1_ce-lp151.2.12 is installed
  • OR golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR alsa-docs-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libvirt-3.3.0-5.40 is installed
  • OR libvirt-admin-3.3.0-5.40 is installed
  • OR libvirt-client-3.3.0-5.40 is installed
  • OR libvirt-daemon-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-hooks-3.3.0-5.40 is installed
  • OR libvirt-daemon-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-xen-3.3.0-5.40 is installed
  • OR libvirt-doc-3.3.0-5.40 is installed
  • OR libvirt-libs-3.3.0-5.40 is installed
  • OR libvirt-lock-sanlock-3.3.0-5.40 is installed
  • OR libvirt-nss-3.3.0-5.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libsolv-0.6.36-2.27.19 is installed
  • OR libsolv-tools-0.6.36-2.27.19 is installed
  • OR libzypp-16.20.2-27.60 is installed
  • OR perl-solv-0.6.36-2.27.19 is installed
  • OR python-solv-0.6.36-2.27.19 is installed
  • OR zypper-1.13.54-18.40 is installed
  • OR zypper-log-1.13.54-18.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • tomcat-8.0.53-29.27 is installed
  • OR tomcat-admin-webapps-8.0.53-29.27 is installed
  • OR tomcat-docs-webapp-8.0.53-29.27 is installed
  • OR tomcat-el-3_0-api-8.0.53-29.27 is installed
  • OR tomcat-javadoc-8.0.53-29.27 is installed
  • OR tomcat-jsp-2_3-api-8.0.53-29.27 is installed
  • OR tomcat-lib-8.0.53-29.27 is installed
  • OR tomcat-servlet-3_1-api-8.0.53-29.27 is installed
  • OR tomcat-webapps-8.0.53-29.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • MozillaFirefox-60.3.0-109.50 is installed
  • OR MozillaFirefox-translations-common-60.3.0-109.50 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-38.8 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND apache-commons-io-2.4-9.3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND apache-commons-io-2.4-9.3.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • MozillaFirefox-68.8.0-109.119 is installed
  • OR MozillaFirefox-translations-common-68.8.0-109.119 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Twisted-15.2.1-9.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND squid-3.5.21-26.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • libfreebl3-3.53.1-58.48 is installed
  • OR libfreebl3-32bit-3.53.1-58.48 is installed
  • OR libfreebl3-hmac-3.53.1-58.48 is installed
  • OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed
  • OR libsoftokn3-3.53.1-58.48 is installed
  • OR libsoftokn3-32bit-3.53.1-58.48 is installed
  • OR libsoftokn3-hmac-3.53.1-58.48 is installed
  • OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed
  • OR mozilla-nspr-4.25-19.15 is installed
  • OR mozilla-nspr-32bit-4.25-19.15 is installed
  • OR mozilla-nspr-devel-4.25-19.15 is installed
  • OR mozilla-nss-3.53.1-58.48 is installed
  • OR mozilla-nss-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-certs-3.53.1-58.48 is installed
  • OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-devel-3.53.1-58.48 is installed
  • OR mozilla-nss-sysinit-3.53.1-58.48 is installed
  • OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed
  • OR mozilla-nss-tools-3.53.1-58.48 is installed
    • BACK