Oval Definition:oval:org.opensuse.security:def:60661
Revision Date:2020-12-01Version:1
Title:Security update for clamav (Moderate)
Description:

This update for clamav fixes the following issues:

Security issue fixed:

- CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504). - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458).

Non-security issues fixed:

- Added the --max-scantime clamscan option and MaxScanTime clamd configuration option (bsc#1144504). - Increased the startup timeout of clamd to 5 minutes to cater for the grown virus database as a workaround until clamd has learned to talk to systemd to extend the timeout as long as needed (bsc#1151839).
Family:unixClass:patch
Status:Reference(s):1027519
1051643
1051644
1054171
1065729
1091107
1099497
1103276
1109412
1109413
1109414
1111996
1112534
1112535
1113247
1113252
1113255
1116827
1118830
1118831
1120640
1121034
1121035
1121056
1122706
1133131
1133232
1141913
1142772
1144504
1145092
1146351
1149458
1149652
1151839
1152457
1160968
1162002
1162972
1164910
1167890
1168404
1168407
1168422
1168930
1169066
1170011
1170618
1170771
1171078
1171189
1171191
1171220
1171732
1171988
1172453
1172458
1172775
1172999
1173280
1173658
1173998
1174115
1174462
1174543
1176756
1177872
CVE-2017-1000100
CVE-2017-1000101
CVE-2017-7555
CVE-2018-1000876
CVE-2018-10860
CVE-2018-17358
CVE-2018-17359
CVE-2018-17360
CVE-2018-17985
CVE-2018-18309
CVE-2018-18483
CVE-2018-18484
CVE-2018-18605
CVE-2018-18606
CVE-2018-18607
CVE-2018-19931
CVE-2018-19932
CVE-2018-20623
CVE-2018-20651
CVE-2018-20671
CVE-2018-3646
CVE-2019-1010180
CVE-2019-10208
CVE-2019-12625
CVE-2019-12900
CVE-2019-20810
CVE-2019-20812
CVE-2019-3813
CVE-2019-4732
CVE-2020-0305
CVE-2020-10135
CVE-2020-10711
CVE-2020-10732
CVE-2020-10751
CVE-2020-10773
CVE-2020-12243
CVE-2020-12771
CVE-2020-13753
CVE-2020-13974
CVE-2020-14416
CVE-2020-15683
CVE-2020-15969
CVE-2020-1927
CVE-2020-1934
CVE-2020-1938
CVE-2020-2583
CVE-2020-2593
CVE-2020-2604
CVE-2020-2659
CVE-2020-3898
CVE-2020-5260
CVE-2020-9802
CVE-2020-9803
CVE-2020-9805
CVE-2020-9806
CVE-2020-9807
CVE-2020-9843
CVE-2020-9850
SUSE-SU-2017:2174-1
SUSE-SU-2018:0650-1
SUSE-SU-2019:0241-1
SUSE-SU-2019:2159-1
SUSE-SU-2019:2650-1
SUSE-SU-2019:3066-1
SUSE-SU-2020:0528-1
SUSE-SU-2020:1193-1
SUSE-SU-2020:1272-1
SUSE-SU-2020:2069-1
SUSE-SU-2020:2152-1
SUSE-SU-2020:3053-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-lp150.2.12 is installed
  • OR ImageMagick-devel-7.0.7.34-lp150.2.12 is installed
  • OR ImageMagick-devel-32bit-7.0.7.34-lp150.2.12 is installed
  • OR ImageMagick-doc-7.0.7.34-lp150.2.12 is installed
  • OR ImageMagick-extra-7.0.7.34-lp150.2.12 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.12 is installed
  • OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.12 is installed
  • OR libMagick++-devel-7.0.7.34-lp150.2.12 is installed
  • OR libMagick++-devel-32bit-7.0.7.34-lp150.2.12 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.12 is installed
  • OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.12 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.12 is installed
  • OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.12 is installed
  • OR perl-PerlMagick-7.0.7.34-lp150.2.12 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libnetpbm-devel-10.80.1-lp151.4.3 is installed
  • OR libnetpbm11-10.80.1-lp151.4.3 is installed
  • OR libnetpbm11-32bit-10.80.1-lp151.4.3 is installed
  • OR netpbm-10.80.1-lp151.4.3 is installed
  • OR netpbm-vulnerable-10.80.1-lp151.4.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • libwireshark13-3.2.5-lp152.2.3 is installed
  • OR libwiretap10-3.2.5-lp152.2.3 is installed
  • OR libwsutil11-3.2.5-lp152.2.3 is installed
  • OR wireshark-3.2.5-lp152.2.3 is installed
  • OR wireshark-devel-3.2.5-lp152.2.3 is installed
  • OR wireshark-ui-qt-3.2.5-lp152.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • curl-7.37.0-37.3 is installed
  • OR libcurl4-7.37.0-37.3 is installed
  • OR libcurl4-32bit-7.37.0-37.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • cups-1.7.5-20.29 is installed
  • OR cups-client-1.7.5-20.29 is installed
  • OR cups-libs-1.7.5-20.29 is installed
  • OR cups-libs-32bit-1.7.5-20.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libldap-2_4-2-2.4.41-18.68 is installed
  • OR libldap-2_4-2-32bit-2.4.41-18.68 is installed
  • OR openldap2-2.4.41-18.68 is installed
  • OR openldap2-back-meta-2.4.41-18.68 is installed
  • OR openldap2-client-2.4.41-18.68 is installed
  • OR openldap2-doc-2.4.41-18.68 is installed
  • OR openldap2-ppolicy-check-password-1.2-18.68 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND perl-Archive-Zip-1.34-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR avahi-utils-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND clamav-0.100.3-33.26 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • ansible1-1.9.6-9.3 is installed
  • OR ardana-ansible-9.0+git.1568385829.54601ac-3.10 is installed
  • OR ardana-cluster-9.0+git.1568150980.027f167-3.10 is installed
  • OR ardana-db-9.0+git.1568382922.6f2cea4-3.10 is installed
  • OR ardana-extensions-nsx-9.0+git.1568830037.2eea267-11 is installed
  • OR ardana-glance-9.0+git.1567000146.4569d10-3.10 is installed
  • OR ardana-input-model-9.0+git.1566409257.eec6360-3.10 is installed
  • OR ardana-installer-ui-9.0+git.1569535129.ca87ef0-3.10 is installed
  • OR ardana-manila-9.0+git.1568835830.10c9689-3.6 is installed
  • OR ardana-monasca-9.0+git.1567695427.5974ab2-3.10 is installed
  • OR ardana-neutron-9.0+git.1568817582.a4813e2-3.10 is installed
  • OR ardana-nova-9.0+git.1567630824.aa6dc2d-3.10 is installed
  • OR ardana-octavia-9.0+git.1568362662.7fba216-3.10 is installed
  • OR ardana-opsconsole-ui-9.0+git.1566593422.813e56c-4.10 is installed
  • OR ardana-osconfig-9.0+git.1567630791.5ca70a6-3.10 is installed
  • OR ardana-service-9.0+git.1569439941.6800991-3.10 is installed
  • OR ardana-tls-9.0+git.1569257240.456c4fc-3.6 is installed
  • OR grafana-6.2.5-3.6 is installed
  • OR grafana-monasca-ui-drilldown-1.14.1~dev9-3.6 is installed
  • OR novnc-1.1.0-3.3 is installed
  • OR openstack-cinder-13.0.7~dev16-3.10 is installed
  • OR openstack-cinder-api-13.0.7~dev16-3.10 is installed
  • OR openstack-cinder-backup-13.0.7~dev16-3.10 is installed
  • OR openstack-cinder-scheduler-13.0.7~dev16-3.10 is installed
  • OR openstack-cinder-volume-13.0.7~dev16-3.10 is installed
  • OR openstack-dashboard-14.0.4~dev11-3.6 is installed
  • OR openstack-designate-7.0.1~dev22-3.10 is installed
  • OR openstack-designate-agent-7.0.1~dev22-3.10 is installed
  • OR openstack-designate-api-7.0.1~dev22-3.10 is installed
  • OR openstack-designate-central-7.0.1~dev22-3.10 is installed
  • OR openstack-designate-producer-7.0.1~dev22-3.10 is installed
  • OR openstack-designate-sink-7.0.1~dev22-3.10 is installed
  • OR openstack-designate-worker-7.0.1~dev22-3.10 is installed
  • OR openstack-glance-17.0.1~dev30-3.3 is installed
  • OR openstack-glance-api-17.0.1~dev30-3.3 is installed
  • OR openstack-heat-11.0.3~dev23-3.10 is installed
  • OR openstack-heat-api-11.0.3~dev23-3.10 is installed
  • OR openstack-heat-api-cfn-11.0.3~dev23-3.10 is installed
  • OR openstack-heat-engine-11.0.3~dev23-3.10 is installed
  • OR openstack-heat-plugin-heat_docker-11.0.3~dev23-3.10 is installed
  • OR openstack-horizon-plugin-heat-ui-1.4.1~dev4-4.6 is installed
  • OR openstack-horizon-plugin-monasca-ui-1.14.1~dev9-3.6 is installed
  • OR openstack-ironic-11.1.4~dev15-3.10 is installed
  • OR openstack-ironic-api-11.1.4~dev15-3.10 is installed
  • OR openstack-ironic-conductor-11.1.4~dev15-3.10 is installed
  • OR openstack-ironic-python-agent-3.3.3~dev5-3.10 is installed
  • OR openstack-keystone-14.1.1~dev16-3.10 is installed
  • OR openstack-manila-7.3.1~dev6-4.10 is installed
  • OR openstack-manila-api-7.3.1~dev6-4.10 is installed
  • OR openstack-manila-data-7.3.1~dev6-4.10 is installed
  • OR openstack-manila-scheduler-7.3.1~dev6-4.10 is installed
  • OR openstack-manila-share-7.3.1~dev6-4.10 is installed
  • OR openstack-neutron-13.0.5~dev50-3.10 is installed
  • OR openstack-neutron-dhcp-agent-13.0.5~dev50-3.10 is installed
  • OR openstack-neutron-gbp-5.0.1~dev472-3.10 is installed
  • OR openstack-neutron-ha-tool-13.0.5~dev50-3.10 is installed
  • OR openstack-neutron-l3-agent-13.0.5~dev50-3.10 is installed
  • OR openstack-neutron-linuxbridge-agent-13.0.5~dev50-3.10 is installed
  • OR openstack-neutron-macvtap-agent-13.0.5~dev50-3.10 is installed
  • OR openstack-neutron-metadata-agent-13.0.5~dev50-3.10 is installed
  • OR openstack-neutron-metering-agent-13.0.5~dev50-3.10 is installed
  • OR openstack-neutron-openvswitch-agent-13.0.5~dev50-3.10 is installed
  • OR openstack-neutron-server-13.0.5~dev50-3.10 is installed
  • OR openstack-nova-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-api-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-cells-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-compute-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-conductor-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-console-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-novncproxy-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-placement-api-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-scheduler-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-serialproxy-18.2.3~dev22-3.10 is installed
  • OR openstack-nova-vncproxy-18.2.3~dev22-3.10 is installed
  • OR openstack-octavia-3.1.2~dev45-3.10 is installed
  • OR openstack-octavia-amphora-agent-3.1.2~dev45-3.10 is installed
  • OR openstack-octavia-api-3.1.2~dev45-3.10 is installed
  • OR openstack-octavia-health-manager-3.1.2~dev45-3.10 is installed
  • OR openstack-octavia-housekeeping-3.1.2~dev45-3.10 is installed
  • OR openstack-octavia-worker-3.1.2~dev45-3.10 is installed
  • OR openstack-sahara-9.0.2~dev12-3.3 is installed
  • OR openstack-sahara-api-9.0.2~dev12-3.3 is installed
  • OR openstack-sahara-engine-9.0.2~dev12-3.3 is installed
  • OR openstack-tempest-19.0.0-15 is installed
  • OR openstack-tempest-test-19.0.0-15 is installed
  • OR openstack-watcher-1.12.1~dev19-4.3 is installed
  • OR openstack-watcher-doc-1.12.1~dev19-4.3 is installed
  • OR python-ardana-configurationprocessor-9.0+git.1568955483.5f039e4-3.11 is installed
  • OR python-cinder-13.0.7~dev16-3.10 is installed
  • OR python-cinder-tempest-plugin-0.1.0-11 is installed
  • OR python-designate-7.0.1~dev22-3.10 is installed
  • OR python-glance-17.0.1~dev30-3.3 is installed
  • OR python-heat-11.0.3~dev23-3.10 is installed
  • OR python-horizon-14.0.4~dev11-3.6 is installed
  • OR python-horizon-plugin-heat-ui-1.4.1~dev4-4.6 is installed
  • OR python-horizon-plugin-monasca-ui-1.14.1~dev9-3.6 is installed
  • OR python-ironic-11.1.4~dev15-3.10 is installed
  • OR python-keystone-14.1.1~dev16-3.10 is installed
  • OR python-manila-7.3.1~dev6-4.10 is installed
  • OR python-neutron-13.0.5~dev50-3.10 is installed
  • OR python-neutron-gbp-5.0.1~dev472-3.10 is installed
  • OR python-nova-18.2.3~dev22-3.10 is installed
  • OR python-octavia-3.1.2~dev45-3.10 is installed
  • OR python-openstack_auth-14.0.4~dev11-3.6 is installed
  • OR python-sahara-9.0.2~dev12-3.3 is installed
  • OR python-tempest-19.0.0-15 is installed
  • OR python-urllib3-1.23-3.9 is installed
  • OR python-watcher-1.12.1~dev19-4.3 is installed
  • OR venv-openstack-barbican-7.0.1~dev18-3.9 is installed
  • OR venv-openstack-barbican-x86_64-7.0.1~dev18-3.9 is installed
  • OR venv-openstack-cinder-13.0.7~dev16-3.9 is installed
  • OR venv-openstack-cinder-x86_64-13.0.7~dev16-3.9 is installed
  • OR venv-openstack-designate-7.0.1~dev22-3.9 is installed
  • OR venv-openstack-designate-x86_64-7.0.1~dev22-3.9 is installed
  • OR venv-openstack-glance-17.0.1~dev30-3.9 is installed
  • OR venv-openstack-glance-x86_64-17.0.1~dev30-3.9 is installed
  • OR venv-openstack-heat-11.0.3~dev23-3.9 is installed
  • OR venv-openstack-heat-x86_64-11.0.3~dev23-3.9 is installed
  • OR venv-openstack-horizon-14.0.4~dev11-4.9 is installed
  • OR venv-openstack-horizon-x86_64-14.0.4~dev11-4.9 is installed
  • OR venv-openstack-ironic-11.1.4~dev15-4.9 is installed
  • OR venv-openstack-ironic-x86_64-11.1.4~dev15-4.9 is installed
  • OR venv-openstack-keystone-14.1.1~dev16-3.9 is installed
  • OR venv-openstack-keystone-x86_64-14.1.1~dev16-3.9 is installed
  • OR venv-openstack-magnum-7.1.1~dev28-4.9 is installed
  • OR venv-openstack-magnum-x86_64-7.1.1~dev28-4.9 is installed
  • OR venv-openstack-manila-7.3.1~dev6-3.9 is installed
  • OR venv-openstack-manila-x86_64-7.3.1~dev6-3.9 is installed
  • OR venv-openstack-monasca-2.7.1~dev10-3.9 is installed
  • OR venv-openstack-monasca-ceilometer-1.8.2~dev3-3.9 is installed
  • OR venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.9 is installed
  • OR venv-openstack-monasca-x86_64-2.7.1~dev10-3.9 is installed
  • OR venv-openstack-neutron-13.0.5~dev50-6.9 is installed
  • OR venv-openstack-neutron-x86_64-13.0.5~dev50-6.9 is installed
  • OR venv-openstack-nova-18.2.3~dev22-3.9 is installed
  • OR venv-openstack-nova-x86_64-18.2.3~dev22-3.9 is installed
  • OR venv-openstack-octavia-3.1.2~dev45-4.9 is installed
  • OR venv-openstack-octavia-x86_64-3.1.2~dev45-4.9 is installed
  • OR venv-openstack-sahara-9.0.2~dev12-3.9 is installed
  • OR venv-openstack-sahara-x86_64-9.0.2~dev12-3.9 is installed
  • OR venv-openstack-swift-2.19.2~dev1-2.6 is installed
  • OR venv-openstack-swift-x86_64-2.19.2~dev1-2.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND binutils-2.32-9.33 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-ipaddress-1.0.18-3.13 is installed
    • BACK