Oval Definition:	oval:org.opensuse.security:def:60923
Revision Date: 2020-12-01 Version: 1 Title: Security update for clamav (Moderate) Description: This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files (bsc#1144504). - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1149458). Non-security issues fixed: - Added the --max-scantime clamscan option and MaxScanTime clamd configuration option (bsc#1144504). - Increased the startup timeout of clamd to 5 minutes to cater for the grown virus database as a workaround until clamd has learned to talk to systemd to extend the timeout as long as needed (bsc#1151839). Family: unix Class: patch Status: Reference(s): 1060653 1061876 1063824 1068664 1072183 1073748 1091396 1105010 1109847 1112852 1120943 1122191 1144504 1144524 1146848 1149458 1151839 1153674 1156275 1156402 1157888 1158003 1158004 1158005 1158006 1158007 1159208 1159623 1160770 1161181 1166847 1167152 1168140 1168142 1169392 1171186 1172205 1174415 1176410 1177143 964336 968175 CVE-2012-0876 CVE-2016-0718 CVE-2016-4472 CVE-2016-9063 CVE-2017-1000158 CVE-2017-1000254 CVE-2017-1000257 CVE-2017-9233 CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 CVE-2018-14647 CVE-2018-15473 CVE-2018-20030 CVE-2019-12625 CVE-2019-12900 CVE-2019-13456 CVE-2019-14287 CVE-2019-14869 CVE-2019-17185 CVE-2019-19577 CVE-2019-19578 CVE-2019-19579 CVE-2019-19580 CVE-2019-19581 CVE-2019-19583 CVE-2019-2201 CVE-2019-5010 CVE-2019-9278 CVE-2020-0543 CVE-2020-11739 CVE-2020-11740 CVE-2020-11741 CVE-2020-11742 CVE-2020-12387 CVE-2020-12388 CVE-2020-12389 CVE-2020-12392 CVE-2020-12393 CVE-2020-12395 CVE-2020-15900 CVE-2020-25219 CVE-2020-26154 CVE-2020-6831 CVE-2020-7211 SUSE-SU-2017:2831-1 SUSE-SU-2018:2171-1 SUSE-SU-2018:3910-1 SUSE-SU-2019:0482-1 SUSE-SU-2019:3066-1 SUSE-SU-2020:0457-1 SUSE-SU-2020:0497-1 SUSE-SU-2020:1218-1 SUSE-SU-2020:1630-1 SUSE-SU-2020:2097-1 SUSE-SU-2020:2900-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information kernel-firmware-20190618-lp151.2.6 is installed OR ucode-amd-20190618-lp151.2.6 is installed Definition Synopsis openSUSE Leap 15.1 NonFree is installed AND opera-68.0.3618.104-lp151.2.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information curl-7.37.0-37.8 is installed OR libcurl4-7.37.0-37.8 is installed OR libcurl4-32bit-7.37.0-37.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_06-3.62 is installed OR xen-doc-html-4.9.4_06-3.62 is installed OR xen-libs-4.9.4_06-3.62 is installed OR xen-libs-32bit-4.9.4_06-3.62 is installed OR xen-tools-4.9.4_06-3.62 is installed OR xen-tools-domU-4.9.4_06-3.62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information freeradius-server-3.0.15-2.14 is installed OR freeradius-server-doc-3.0.15-2.14 is installed OR freeradius-server-krb5-3.0.15-2.14 is installed OR freeradius-server-ldap-3.0.15-2.14 is installed OR freeradius-server-libs-3.0.15-2.14 is installed OR freeradius-server-mysql-3.0.15-2.14 is installed OR freeradius-server-perl-3.0.15-2.14 is installed OR freeradius-server-postgresql-3.0.15-2.14 is installed OR freeradius-server-python-3.0.15-2.14 is installed OR freeradius-server-sqlite-3.0.15-2.14 is installed OR freeradius-server-utils-3.0.15-2.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libexif-0.6.21-8.6 is installed OR libexif12-0.6.21-8.6 is installed OR libexif12-32bit-0.6.21-8.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-60.3.0-109.50 is installed OR MozillaFirefox-translations-common-60.3.0-109.50 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND dnsmasq-2.78-18.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information xen-4.11.4_06-2.33 is installed OR xen-doc-html-4.11.4_06-2.33 is installed OR xen-libs-4.11.4_06-2.33 is installed OR xen-libs-32bit-4.11.4_06-2.33 is installed OR xen-tools-4.11.4_06-2.33 is installed OR xen-tools-domU-4.11.4_06-2.33 is installed
BACK