Oval Definition:	oval:org.opensuse.security:def:60666
Revision Date: 2020-12-01 Version: 1 Title: Security update for strongswan (Important) Description: This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket (bsc#1094462). - CVE-2018-10811: Fixed a denial of service during the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF (bsc#1093536). - CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in the gmp plugin which might lead to authorization bypass (bsc#1107874). - CVE-2018-17540: Fixed an improper input validation in gmp plugin (bsc#1109845). Other issues addressed: - Fixed some client fails when the scep server URL is used with HTTPS protocol (bsc#1071853). - Reject Diffie-Hellman key exchanges using primes smaller than 1024 bit. - Handle unexpected informational message from SonicWall. (bsc#1009254) Family: unix Class: patch Status: Reference(s): 1002734 1009254 1019074 1041447 1041470 1050896 1064455 1071853 1076366 1082858 1090766 1092100 1093536 1094462 1096985 1097410 1101410 1101412 1101654 1103040 1106515 1107874 1109845 1115960 1116846 1118900 1120657 1125893 1126088 1129180 1131863 1132593 1132666 1134156 1136035 1136085 1140359 1141121 1141676 1141780 1141782 1141783 1141785 1141789 1143215 1145796 1146578 1146882 1146884 1147021 1148158 1148383 1150895 1155419 1159723 1159729 1160471 1163985 1164825 1168404 1168407 1169066 1170441 1171928 1172524 1173144 1174628 917802 CVE-2015-3448 CVE-2016-10127 CVE-2017-6318 CVE-2017-9263 CVE-2017-9265 CVE-2018-0360 CVE-2018-0361 CVE-2018-0495 CVE-2018-1000085 CVE-2018-10811 CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2018-14679 CVE-2018-15727 CVE-2018-16151 CVE-2018-16152 CVE-2018-17540 CVE-2018-19039 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-5388 CVE-2018-558213 CVE-2019-0221 CVE-2019-11771 CVE-2019-11775 CVE-2019-12418 CVE-2019-12973 CVE-2019-13611 CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 CVE-2019-15043 CVE-2019-15681 CVE-2019-15690 CVE-2019-17563 CVE-2019-17569 CVE-2019-20788 CVE-2019-2614 CVE-2019-2627 CVE-2019-2628 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2816 CVE-2019-3835 CVE-2019-3839 CVE-2019-4473 CVE-2019-5477 CVE-2019-7317 CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 CVE-2020-14344 CVE-2020-1720 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 CVE-2020-8163 CVE-2020-9484 SUSE-SU-2017:2212-1 SUSE-SU-2018:0663-1 SUSE-SU-2019:2336-1 SUSE-SU-2019:2478-1 SUSE-SU-2019:2867-1 SUSE-SU-2019:3266-1 SUSE-SU-2020:0586-1 SUSE-SU-2020:1272-1 SUSE-SU-2020:1498-1 SUSE-SU-2020:2140-1 SUSE-SU-2020:2196-1 SUSE-SU-2020:3125-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information apache-pdfbox-1.8.12-lp150.4.3 is installed OR apache-pdfbox-javadoc-1.8.12-lp150.4.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information docker-18.09.6_ce-lp151.2.6 is installed OR docker-bash-completion-18.09.6_ce-lp151.2.6 is installed OR docker-test-18.09.6_ce-lp151.2.6 is installed OR docker-zsh-completion-18.09.6_ce-lp151.2.6 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND firejail-0.9.62-lp152.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND openvswitch-2.7.0-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information LibVNCServer-0.9.9-17.19 is installed OR libvncclient0-0.9.9-17.19 is installed OR libvncserver0-0.9.9-17.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information bluez-5.13-5.4 is installed OR libbluetooth3-5.13-5.4 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information strongswan-5.1.3-26.13 is installed OR strongswan-doc-5.1.3-26.13 is installed OR strongswan-hmac-5.1.3-26.13 is installed OR strongswan-ipsec-5.1.3-26.13 is installed OR strongswan-libs0-5.1.3-26.13 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.29-3.22 is installed OR mariadb-galera-10.2.29-3.22 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-core-5.0+git.1569597589.1f025c557-3.32 is installed OR crowbar-core-branding-upstream-5.0+git.1569597589.1f025c557-3.32 is installed OR crowbar-ha-5.0+git.1567673535.607aada-3.26 is installed OR crowbar-openstack-5.0+git.1570141351.058c8bd44-4.31 is installed OR crowbar-ui-1.2.0+git.1568396400.0344a727-3.12 is installed OR galera-3-25.3.25-4.6 is installed OR galera-3-wsrep-provider-25.3.25-4.6 is installed OR grafana-4.6.5-4.6 is installed OR libmariadb3-3.1.2-3.12 is installed OR mariadb-10.2.25-4.14 is installed OR mariadb-client-10.2.25-4.14 is installed OR mariadb-connector-c-3.1.2-3.12 is installed OR mariadb-errormessages-10.2.25-4.14 is installed OR mariadb-galera-10.2.25-4.14 is installed OR mariadb-tools-10.2.25-4.14 is installed OR novnc-1.0.0-3.6 is installed OR openstack-cinder-11.2.3~dev16-3.21 is installed OR openstack-cinder-api-11.2.3~dev16-3.21 is installed OR openstack-cinder-backup-11.2.3~dev16-3.21 is installed OR openstack-cinder-doc-11.2.3~dev16-3.21 is installed OR openstack-cinder-scheduler-11.2.3~dev16-3.21 is installed OR openstack-cinder-volume-11.2.3~dev16-3.21 is installed OR openstack-glance-15.0.3~dev3-3.12 is installed OR openstack-glance-api-15.0.3~dev3-3.12 is installed OR openstack-glance-doc-15.0.3~dev3-3.12 is installed OR openstack-glance-registry-15.0.3~dev3-3.12 is installed OR openstack-heat-9.0.8~dev13-3.24 is installed OR openstack-heat-api-9.0.8~dev13-3.24 is installed OR openstack-heat-api-cfn-9.0.8~dev13-3.24 is installed OR openstack-heat-api-cloudwatch-9.0.8~dev13-3.24 is installed OR openstack-heat-doc-9.0.8~dev13-3.24 is installed OR openstack-heat-engine-9.0.8~dev13-3.24 is installed OR openstack-heat-plugin-heat_docker-9.0.8~dev13-3.24 is installed OR openstack-heat-test-9.0.8~dev13-3.24 is installed OR openstack-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed OR openstack-keystone-12.0.4~dev4-5.27 is installed OR openstack-keystone-doc-12.0.4~dev4-5.27 is installed OR openstack-monasca-installer-20190923_16.32-3.9 is installed OR openstack-neutron-11.0.9~dev51-3.24 is installed OR openstack-neutron-dhcp-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-doc-11.0.9~dev51-3.24 is installed OR openstack-neutron-gbp-7.3.1~dev56-3.9 is installed OR openstack-neutron-ha-tool-11.0.9~dev51-3.24 is installed OR openstack-neutron-l3-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-lbaas-11.0.4~dev6-3.15 is installed OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.15 is installed OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.15 is installed OR openstack-neutron-linuxbridge-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-macvtap-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-metadata-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-metering-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-openvswitch-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-server-11.0.9~dev51-3.24 is installed OR openstack-nova-16.1.9~dev7-3.29 is installed OR openstack-nova-api-16.1.9~dev7-3.29 is installed OR openstack-nova-cells-16.1.9~dev7-3.29 is installed OR openstack-nova-compute-16.1.9~dev7-3.29 is installed OR openstack-nova-conductor-16.1.9~dev7-3.29 is installed OR openstack-nova-console-16.1.9~dev7-3.29 is installed OR openstack-nova-consoleauth-16.1.9~dev7-3.29 is installed OR openstack-nova-doc-16.1.9~dev7-3.29 is installed OR openstack-nova-novncproxy-16.1.9~dev7-3.29 is installed OR openstack-nova-placement-api-16.1.9~dev7-3.29 is installed OR openstack-nova-scheduler-16.1.9~dev7-3.29 is installed OR openstack-nova-serialproxy-16.1.9~dev7-3.29 is installed OR openstack-nova-vncproxy-16.1.9~dev7-3.29 is installed OR python-amqp-2.2.2-3.6 is installed OR python-cinder-11.2.3~dev16-3.21 is installed OR python-glance-15.0.3~dev3-3.12 is installed OR python-heat-9.0.8~dev13-3.24 is installed OR python-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed OR python-keystone-12.0.4~dev4-5.27 is installed OR python-neutron-11.0.9~dev51-3.24 is installed OR python-neutron-gbp-7.3.1~dev56-3.9 is installed OR python-neutron-lbaas-11.0.4~dev6-3.15 is installed OR python-nova-16.1.9~dev7-3.29 is installed OR python-ovs-2.7.2-3.6 is installed OR python-pysaml2-4.0.2-5.3 is installed OR python-urllib3-1.22-5.9 is installed OR release-notes-suse-openstack-cloud-8.20190911-3.20 is installed OR ruby2.1-rubygem-easy_diff-1.0.0-3.4 is installed OR rubygem-easy_diff-1.0.0-3.4 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information dovecot22-2.2.31-19.22 is installed OR dovecot22-backend-mysql-2.2.31-19.22 is installed OR dovecot22-backend-pgsql-2.2.31-19.22 is installed OR dovecot22-backend-sqlite-2.2.31-19.22 is installed
BACK