Oval Definition:	oval:org.opensuse.security:def:60305
Revision Date: 2021-07-09 Version: 1 Title: Security update for permissions (Moderate) Description: This update for permissions fixes the following issues: * - Fork package for 12-SP5 (bsc#1155939) - make btmp root:utmp (bsc#1050467, bsc#1182899) - pcp: remove no longer needed / conflicting entries (bsc#1171883). Fixes a potential security issue. - do not follow symlinks that are the final path element (CVE-2020-8013, bsc#1163922) - fix handling of relative directory symlinks in chkstat - whitelist postgres sticky directories (bsc#1123886) - fix regression where chkstat breaks without /proc available (bsc#1160764, bsc#1160594) - fix capability handling when doing multiple permission changes at once (bsc#1161779, - fix invalid free() when permfiles points to argv (bsc#1157198) - the eror should be reported for permfiles[i], not argv[i], as these are not the same files. (bsc#1047247, bsc#1097665) - fix /usr/sbin/pinger ownership to root:squid (bsc#1093414, CVE-2019-3688) - fix privilege escalation through untrusted symlinks (bsc#1150734, CVE-2019-3690) Family: unix Class: patch Status: Reference(s): 1032138 1032230 1040643 1043983 1047247 1048072 1050467 1050879 1050887 1050888 1050889 1050891 1051184 1055265 1056286 1056782 1058754 1058755 1058757 1062452 1069607 1069632 1073002 1078782 1082007 1082008 1082009 1082010 1082011 1082014 1082058 1087433 1087434 1087436 1087437 1087440 1087441 1093414 1097665 1100365 1112530 1112532 1123886 1127027 1128481 1130611 1130617 1130620 1130622 1130623 1130627 1132826 1136570 1141798 1142058 1143215 1150734 1152990 1152992 1152994 1152995 1155939 1157198 1160594 1160764 1161779 1163922 1167231 1171517 1171883 1171924 1172275 1173377 1173378 1173380 1173576 1173613 1174157 1174633 1174635 1174638 1175259 1182899 CVE-2009-2285 CVE-2009-2347 CVE-2010-2065 CVE-2010-2067 CVE-2010-2233 CVE-2010-3170 CVE-2010-4665 CVE-2011-0192 CVE-2011-1167 CVE-2011-2186 CVE-2011-3389 CVE-2011-3640 CVE-2012-1173 CVE-2012-2113 CVE-2012-3401 CVE-2012-4024 CVE-2012-4025 CVE-2012-4564 CVE-2013-0743 CVE-2013-0791 CVE-2013-1620 CVE-2013-1739 CVE-2013-1740 CVE-2013-1960 CVE-2013-1961 CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2013-5605 CVE-2014-1492 CVE-2014-1568 CVE-2014-1569 CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9390 CVE-2014-9655 CVE-2015-0254 CVE-2015-1547 CVE-2015-4000 CVE-2015-7181 CVE-2015-7182 CVE-2015-7554 CVE-2015-7575 CVE-2015-8665 CVE-2015-8683 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-9096 CVE-2016-10219 CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 CVE-2016-10270 CVE-2016-10271 CVE-2016-10272 CVE-2016-10317 CVE-2016-1938 CVE-2016-1950 CVE-2016-1978 CVE-2016-1979 CVE-2016-2315 CVE-2016-2324 CVE-2016-2339 CVE-2016-2834 CVE-2016-3186 CVE-2016-3622 CVE-2016-3623 CVE-2016-3658 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5285 CVE-2016-5314 CVE-2016-5316 CVE-2016-5317 CVE-2016-5320 CVE-2016-5321 CVE-2016-5323 CVE-2016-5652 CVE-2016-5875 CVE-2016-6354 CVE-2016-7798 CVE-2016-8635 CVE-2016-9074 CVE-2016-9273 CVE-2016-9297 CVE-2016-9448 CVE-2016-9453 CVE-2016-9574 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-11714 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2017-2581 CVE-2017-2586 CVE-2017-2587 CVE-2017-5225 CVE-2017-8386 CVE-2017-9216 CVE-2017-9228 CVE-2017-9229 CVE-2017-9612 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9835 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-14348 CVE-2018-16395 CVE-2018-16396 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-17639 CVE-2019-2614 CVE-2019-2627 CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2805 CVE-2019-3688 CVE-2019-3690 CVE-2019-3860 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2020-10663 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-15563 CVE-2020-15565 CVE-2020-15567 CVE-2020-8013 SUSE-SU-2018:0407-1 SUSE-SU-2018:2143-1 SUSE-SU-2019:1606-2 SUSE-SU-2019:2461-1 SUSE-SU-2020:1570-1 SUSE-SU-2020:1886-1 SUSE-SU-2020:1899-1 SUSE-SU-2020:2331-1 SUSE-SU-2020:2461-1 SUSE-SU-2020:3343-1 SUSE-SU-2021:2280-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libruby2_5-2_5-2.5.5-lp151.4.3 is installed OR ruby-bundled-gems-rpmhelper-0.0.2-lp151.2 is installed OR ruby2.5-2.5.5-lp151.4.3 is installed OR ruby2.5-devel-2.5.5-lp151.4.3 is installed OR ruby2.5-devel-extra-2.5.5-lp151.4.3 is installed OR ruby2.5-doc-2.5.5-lp151.4.3 is installed OR ruby2.5-doc-ri-2.5.5-lp151.4.3 is installed OR ruby2.5-stdlib-2.5.5-lp151.4.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND putty-0.73-lp151.3.6 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND git-core-2.12.3-26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libruby2_1-2_1-2.1.9-19.3 is installed OR ruby2.1-2.1.9-19.3 is installed OR ruby2.1-stdlib-2.1.9-19.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libshibsp-lite6-2.5.5-6.6 is installed OR libshibsp6-2.5.5-6.6 is installed OR shibboleth-sp-2.5.5-6.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information xorg-x11-server-7.6_1.18.3-76.26 is installed OR xorg-x11-server-extra-7.6_1.18.3-76.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libgcrypt-1.6.1-16.58 is installed OR libgcrypt20-1.6.1-16.58 is installed OR libgcrypt20-32bit-1.6.1-16.58 is installed OR libgcrypt20-hmac-1.6.1-16.58 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.58 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dhcp-4.3.3-10.14 is installed OR dhcp-client-4.3.3-10.14 is installed OR dhcp-relay-4.3.3-10.14 is installed OR dhcp-server-4.3.3-10.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND squid-3.5.21-26.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information libX11-1.6.2-12.12 is installed OR libX11-6-1.6.2-12.12 is installed OR libX11-6-32bit-1.6.2-12.12 is installed OR libX11-data-1.6.2-12.12 is installed OR libX11-xcb1-1.6.2-12.12 is installed OR libX11-xcb1-32bit-1.6.2-12.12 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND permissions-20170707-6.4.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND permissions-20170707-6.4.1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libmysqlclient18-10.0.40.1-29.32 is installed OR mariadb-10.0.40.1-29.32 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libecpg6-12.4-3.5 is installed OR libpq5-12.4-3.5 is installed OR libpq5-32bit-12.4-3.5 is installed OR postgresql-12.0.1-4.4 is installed OR postgresql-contrib-12.0.1-4.4 is installed OR postgresql-docs-12.0.1-4.4 is installed OR postgresql-plperl-12.0.1-4.4 is installed OR postgresql-plpython-12.0.1-4.4 is installed OR postgresql-pltcl-12.0.1-4.4 is installed OR postgresql-server-12.0.1-4.4 is installed OR postgresql10-10.14-4.4 is installed OR postgresql10-contrib-10.14-4.4 is installed OR postgresql10-docs-10.14-4.4 is installed OR postgresql10-plperl-10.14-4.4 is installed OR postgresql10-plpython-10.14-4.4 is installed OR postgresql10-pltcl-10.14-4.4 is installed OR postgresql10-server-10.14-4.4 is installed OR postgresql12-12.4-3.5 is installed OR postgresql96-9.6.19-6.4 is installed OR postgresql96-contrib-9.6.19-6.4 is installed OR postgresql96-docs-9.6.19-6.4 is installed OR postgresql96-plperl-9.6.19-6.4 is installed OR postgresql96-plpython-9.6.19-6.4 is installed OR postgresql96-pltcl-9.6.19-6.4 is installed OR postgresql96-server-9.6.19-6.4 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information mariadb-10.2.25-3.19 is installed OR mariadb-galera-10.2.25-3.19 is installed
BACK