Oval Definition:	oval:org.opensuse.security:def:60338
Revision Date: 2021-08-24 Version: 1 Title: Security update for python-PyYAML (Important) Description: This update for python-PyYAML fixes the following issues: - Update to 5.3.1. - CVE-2020-14343: A vulnerability was discovered in the PyYAML library, where it was susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747. Family: unix Class: patch Status: Reference(s): 1043886 1086001 1088004 1088009 1091041 1107030 1118987 1119461 1119465 1121826 1131107 1138190 1146544 1146612 1150466 1150483 1152631 1153811 1154905 1155689 1155897 1155898 1156187 1157038 1157042 1157070 1157143 1157158 1157191 1157324 1157333 1157464 1158132 1158394 1158398 1158410 1158413 1158417 1158445 1158823 1158824 1158827 1158834 1158900 1158903 1158904 1158954 1160968 1162197 1162200 1164860 1172798 1172846 1173948 1173972 1174117 1174514 1174538 1174753 1174817 1175168 1177158 CVE-2011-0460 CVE-2011-0465 CVE-2011-1761 CVE-2012-1174 CVE-2013-4233 CVE-2013-4234 CVE-2013-4288 CVE-2014-0011 CVE-2014-8104 CVE-2014-8240 CVE-2015-0255 CVE-2016-10156 CVE-2016-6329 CVE-2016-7795 CVE-2017-7478 CVE-2017-7479 CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 CVE-2018-1060 CVE-2018-1061 CVE-2018-11805 CVE-2019-14895 CVE-2019-15213 CVE-2019-16231 CVE-2019-18660 CVE-2019-18680 CVE-2019-18683 CVE-2019-18805 CVE-2019-19052 CVE-2019-19062 CVE-2019-19065 CVE-2019-19073 CVE-2019-19074 CVE-2019-19332 CVE-2019-19338 CVE-2019-19523 CVE-2019-19524 CVE-2019-19525 CVE-2019-19527 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19535 CVE-2019-19536 CVE-2019-19537 CVE-2019-6133 CVE-2020-13844 CVE-2020-13935 CVE-2020-14343 CVE-2020-14355 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-1930 CVE-2020-1931 CVE-2020-1935 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-6463 CVE-2020-6514 SUSE-SU-2018:0510-1 SUSE-SU-2018:2696-1 SUSE-SU-2019:2035-1 SUSE-SU-2019:3379-1 SUSE-SU-2020:0261-1 SUSE-SU-2020:0810-1 SUSE-SU-2020:2100-1 SUSE-SU-2020:2611-1 SUSE-SU-2020:3084-1 SUSE-SU-2020:3263-1 SUSE-SU-2021:2818-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND dosbox-0.74.3-lp151.3.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information bind-9.11.2-lp151.11.3 is installed OR bind-chrootenv-9.11.2-lp151.11.3 is installed OR bind-devel-9.11.2-lp151.11.3 is installed OR bind-devel-32bit-9.11.2-lp151.11.3 is installed OR bind-doc-9.11.2-lp151.11.3 is installed OR bind-lwresd-9.11.2-lp151.11.3 is installed OR bind-utils-9.11.2-lp151.11.3 is installed OR libbind9-160-9.11.2-lp151.11.3 is installed OR libbind9-160-32bit-9.11.2-lp151.11.3 is installed OR libdns169-9.11.2-lp151.11.3 is installed OR libdns169-32bit-9.11.2-lp151.11.3 is installed OR libirs-devel-9.11.2-lp151.11.3 is installed OR libirs160-9.11.2-lp151.11.3 is installed OR libirs160-32bit-9.11.2-lp151.11.3 is installed OR libisc166-9.11.2-lp151.11.3 is installed OR libisc166-32bit-9.11.2-lp151.11.3 is installed OR libisccc160-9.11.2-lp151.11.3 is installed OR libisccc160-32bit-9.11.2-lp151.11.3 is installed OR libisccfg160-9.11.2-lp151.11.3 is installed OR libisccfg160-32bit-9.11.2-lp151.11.3 is installed OR liblwres160-9.11.2-lp151.11.3 is installed OR liblwres160-32bit-9.11.2-lp151.11.3 is installed OR python3-bind-9.11.2-lp151.11.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND kbd-1.15.5-8.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-78.1.0-112.8 is installed OR MozillaFirefox-devel-78.1.0-112.8 is installed OR MozillaFirefox-translations-common-78.1.0-112.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information adns-1.4-103.3 is installed OR libadns1-1.4-103.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information rsyslog-8.24.0-3.7 is installed OR rsyslog-diag-tools-8.24.0-3.7 is installed OR rsyslog-doc-8.24.0-3.7 is installed OR rsyslog-module-gssapi-8.24.0-3.7 is installed OR rsyslog-module-gtls-8.24.0-3.7 is installed OR rsyslog-module-mysql-8.24.0-3.7 is installed OR rsyslog-module-pgsql-8.24.0-3.7 is installed OR rsyslog-module-relp-8.24.0-3.7 is installed OR rsyslog-module-snmp-8.24.0-3.7 is installed OR rsyslog-module-udpspoof-8.24.0-3.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gnome-shell-search-provider-nautilus-3.20.3-23.6 is installed OR libnautilus-extension1-3.20.3-23.6 is installed OR nautilus-3.20.3-23.6 is installed OR nautilus-lang-3.20.3-23.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND squid-3.5.21-26.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information MozillaFirefox-78.2.0-112.19 is installed OR MozillaFirefox-devel-78.2.0-112.19 is installed OR MozillaFirefox-translations-common-78.2.0-112.19 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND python-PyYAML-5.3.1-28.6.1 is installed OR python3-PyYAML-5.3.1-28.6.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND python-PyYAML-5.3.1-28.6.1 is installed OR python3-PyYAML-5.3.1-28.6.1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.113 is installed OR kernel-default-base-4.4.180-94.113 is installed OR kernel-default-devel-4.4.180-94.113 is installed OR kernel-default-kgraft-4.4.180-94.113 is installed OR kernel-devel-4.4.180-94.113 is installed OR kernel-macros-4.4.180-94.113 is installed OR kernel-source-4.4.180-94.113 is installed OR kernel-syms-4.4.180-94.113 is installed OR kgraft-patch-4_4_180-94_113-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_30-1-4.5 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information perl-Mail-SpamAssassin-3.4.2-44.8 is installed OR spamassassin-3.4.2-44.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-actionview-4_2-4.2.9-9.9 is installed OR ruby2.1-rubygem-activesupport-4_2-4.2.9-7.6 is installed OR rubygem-actionview-4_2-4.2.9-9.9 is installed OR rubygem-activesupport-4_2-4.2.9-7.6 is installed
BACK