Oval Definition:oval:org.opensuse.security:def:60296
Revision Date:2021-06-23Version:1
Title:Security update for cryptctl (Important)
Description:

This update for cryptctl fixes the following issues:

Update to version 2.4:

- CVE-2019-18906: Client side password hashing was equivalent to clear text password storage (bsc#1186226) - First step to use plain text password instead of hashed password. - Move repository into the SUSE github organization - in RPC server, if client comes from localhost, remember its ipv4 localhost address instead of ipv6 address - tell a record to clear expired pending commands upon saving a command result; introduce pending commands RPC test case - avoid hard coding 127.0.0.1 in host ID of alive message test; let system administrator mount and unmount disks by issuing these two commands on key server.
Family:unixClass:patch
Status:Reference(s):1060031
1083630
1112852
1124194
1126230
1132879
1136082
1149496
1149792
1157607
1161096
1162553
1168930
1169605
1169786
1169936
1170302
1170741
1170939
1171670
1171921
1171960
1171961
1171963
1173027
1173477
1173691
1173694
1173700
1173701
1173743
1173874
1173875
1173876
1173880
1178171
1186226
945190
CVE-2009-0316
CVE-2012-3547
CVE-2013-0157
CVE-2013-2131
CVE-2013-4282
CVE-2014-2015
CVE-2014-3577
CVE-2014-4607
CVE-2014-9114
CVE-2015-3247
CVE-2015-4680
CVE-2015-5218
CVE-2015-5260
CVE-2015-5261
CVE-2015-5262
CVE-2015-8763
CVE-2016-0749
CVE-2016-1248
CVE-2016-2150
CVE-2016-5011
CVE-2016-9577
CVE-2016-9578
CVE-2017-12627
CVE-2017-14604
CVE-2017-18922
CVE-2017-2616
CVE-2017-5953
CVE-2017-6349
CVE-2017-6350
CVE-2017-9148
CVE-2018-12389
CVE-2018-12390
CVE-2018-12392
CVE-2018-12393
CVE-2018-12395
CVE-2018-12396
CVE-2018-12397
CVE-2018-16838
CVE-2018-21247
CVE-2019-18906
CVE-2019-20839
CVE-2019-20840
CVE-2019-5482
CVE-2020-10753
CVE-2020-11008
CVE-2020-14397
CVE-2020-14398
CVE-2020-14399
CVE-2020-14400
CVE-2020-14401
CVE-2020-14402
CVE-2020-14403
CVE-2020-14404
CVE-2020-5260
CVE-2020-8177
SUSE-SU-2018:2058-1
SUSE-SU-2018:3749-1
SUSE-SU-2019:1477-1
SUSE-SU-2019:2339-2
SUSE-SU-2020:1295-1
SUSE-SU-2020:1732-1
SUSE-SU-2020:1748-1
SUSE-SU-2020:2167-1
SUSE-SU-2020:2225-1
SUSE-SU-2020:3149-1
SUSE-SU-2021:2137-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • curl-7.60.0-lp150.2.18 is installed
  • OR curl-mini-7.60.0-lp150.2.18 is installed
  • OR libcurl-devel-7.60.0-lp150.2.18 is installed
  • OR libcurl-devel-32bit-7.60.0-lp150.2.18 is installed
  • OR libcurl-mini-devel-7.60.0-lp150.2.18 is installed
  • OR libcurl4-7.60.0-lp150.2.18 is installed
  • OR libcurl4-32bit-7.60.0-lp150.2.18 is installed
  • OR libcurl4-mini-7.60.0-lp150.2.18 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libnghttp2-14-1.39.2-lp151.3.3 is installed
  • OR libnghttp2-14-32bit-1.39.2-lp151.3.3 is installed
  • OR libnghttp2-devel-1.39.2-lp151.3.3 is installed
  • OR libnghttp2_asio-devel-1.39.2-lp151.3.3 is installed
  • OR libnghttp2_asio1-1.39.2-lp151.3.3 is installed
  • OR libnghttp2_asio1-32bit-1.39.2-lp151.3.3 is installed
  • OR nghttp2-1.39.2-lp151.3.3 is installed
  • OR nghttp2-python-1.39.2-lp151.3.3 is installed
  • OR python3-nghttp2-1.39.2-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • freeradius-server-3.0.14-1 is installed
  • OR freeradius-server-doc-3.0.14-1 is installed
  • OR freeradius-server-krb5-3.0.14-1 is installed
  • OR freeradius-server-ldap-3.0.14-1 is installed
  • OR freeradius-server-libs-3.0.14-1 is installed
  • OR freeradius-server-mysql-3.0.14-1 is installed
  • OR freeradius-server-perl-3.0.14-1 is installed
  • OR freeradius-server-postgresql-3.0.14-1 is installed
  • OR freeradius-server-python-3.0.14-1 is installed
  • OR freeradius-server-sqlite-3.0.14-1 is installed
  • OR freeradius-server-utils-3.0.14-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • git-2.26.2-27.36 is installed
  • OR git-core-2.26.2-27.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_176-94_88-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_24-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.31 is installed
  • OR libvncclient0-0.9.9-17.31 is installed
  • OR libvncserver0-0.9.9-17.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libsoup-2.62.2-5.7 is installed
  • OR libsoup-2_4-1-2.62.2-5.7 is installed
  • OR libsoup-2_4-1-32bit-2.62.2-5.7 is installed
  • OR libsoup-lang-2.62.2-5.7 is installed
  • OR typelib-1_0-Soup-2_4-2.62.2-5.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cups-1.7.5-20.17 is installed
  • OR cups-client-1.7.5-20.17 is installed
  • OR cups-libs-1.7.5-20.17 is installed
  • OR cups-libs-32bit-1.7.5-20.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • libX11-1.6.2-12.12 is installed
  • OR libX11-6-1.6.2-12.12 is installed
  • OR libX11-6-32bit-1.6.2-12.12 is installed
  • OR libX11-data-1.6.2-12.12 is installed
  • OR libX11-xcb1-1.6.2-12.12 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed
  • OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed
  • OR libwebkit2gtk3-lang-2.28.3-2.56 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed
  • OR webkit2gtk3-2.28.3-2.56 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND cryptctl-2.4-2.10.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND cryptctl-2.4-2.10.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND apache-commons-httpclient-3.1-6.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Django1-1.11.20-3.3 is installed
    • BACK