Oval Definition:oval:org.opensuse.security:def:60934
Revision Date:2020-12-01Version:1
Title:Security update for rubygem-loofah (Moderate)
Description:

This update for rubygem-loofah fixes the following issues:

Security issues fixed:

- CVE-2018-16468: Fixed XXS by removing the svg animate attribute `from` from the allowlist (bsc#1113969). - CVE-2018-8048: Fixed XSS vulnerability due to unescaped characters by libcxml2 (bsc#1085967).
Family:unixClass:patch
Status:Reference(s):1012382
1065274
1077717
1082653
1085042
1085536
1085967
1087081
1089343
1090123
1090435
1092001
1094244
1095643
1096978
1097771
1099858
1100132
1100930
1101658
1101789
1102188
1102197
1102203
1102205
1102207
1102211
1102214
1102215
1102340
1102394
1102683
1102851
1103119
1103580
1103745
1103884
1113969
1115750
1115929
1117080
1117840
1122293
1122299
1123156
1123191
1123919
1146068
1146211
1146212
1146213
1146873
1148158
1149811
1151781
1151782
1151783
1151784
1151785
1151786
1152007
1152856
1154212
1154235
1155089
1155942
1156305
1156669
1156914
1157028
1157206
1157482
1158675
1160024
1160048
1160878
1160883
1160895
1160912
1161066
1161351
1161517
1162388
1163018
1163985
1166240
1167373
1170940
1171186
1171352
1173304
1174157
1174922
1174923
1177943
CVE-2017-1002201
CVE-2017-15088
CVE-2017-18344
CVE-2018-11212
CVE-2018-14734
CVE-2018-16468
CVE-2018-17954
CVE-2018-19211
CVE-2018-3620
CVE-2018-3646
CVE-2018-4700
CVE-2018-5390
CVE-2018-8048
CVE-2019-12068
CVE-2019-13117
CVE-2019-14980
CVE-2019-15139
CVE-2019-15140
CVE-2019-15141
CVE-2019-15890
CVE-2019-16708
CVE-2019-16709
CVE-2019-16710
CVE-2019-16711
CVE-2019-16712
CVE-2019-16713
CVE-2019-16770
CVE-2019-18860
CVE-2019-18901
CVE-2019-2422
CVE-2019-2737
CVE-2019-2739
CVE-2019-2740
CVE-2019-2758
CVE-2019-2805
CVE-2019-2894
CVE-2019-2933
CVE-2019-2938
CVE-2019-2945
CVE-2019-2949
CVE-2019-2958
CVE-2019-2962
CVE-2019-2964
CVE-2019-2973
CVE-2019-2974
CVE-2019-2978
CVE-2019-2981
CVE-2019-2983
CVE-2019-2987
CVE-2019-2988
CVE-2019-2989
CVE-2019-2992
CVE-2019-2999
CVE-2019-6778
CVE-2020-12387
CVE-2020-12388
CVE-2020-12389
CVE-2020-12392
CVE-2020-12393
CVE-2020-12395
CVE-2020-12673
CVE-2020-12674
CVE-2020-14059
CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-14779
CVE-2020-14781
CVE-2020-14782
CVE-2020-14792
CVE-2020-14796
CVE-2020-14797
CVE-2020-14798
CVE-2020-14803
CVE-2020-1711
CVE-2020-1720
CVE-2020-1983
CVE-2020-2574
CVE-2020-6831
CVE-2020-7039
CVE-2020-7595
CVE-2020-8608
SUSE-SU-2017:2948-1
SUSE-SU-2018:2328-1
SUSE-SU-2018:4089-1
SUSE-SU-2019:0394-1
SUSE-SU-2019:0604-1
SUSE-SU-2020:0586-1
SUSE-SU-2020:0640-1
SUSE-SU-2020:1538-1
SUSE-SU-2020:1803-1
SUSE-SU-2020:2274-1
SUSE-SU-2020:3191-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND teeworlds-0.7.3.1-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • krb5-1.12.5-40.16 is installed
  • OR krb5-32bit-1.12.5-40.16 is installed
  • OR krb5-client-1.12.5-40.16 is installed
  • OR krb5-doc-1.12.5-40.16 is installed
  • OR krb5-plugin-kdb-ldap-1.12.5-40.16 is installed
  • OR krb5-plugin-preauth-otp-1.12.5-40.16 is installed
  • OR krb5-plugin-preauth-pkinit-1.12.5-40.16 is installed
  • OR krb5-server-1.12.5-40.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND squid-3.5.21-26.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-68.8.0-109.119 is installed
  • OR MozillaFirefox-translations-common-68.8.0-109.119 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • postgresql96-9.6.17-3.33 is installed
  • OR postgresql96-contrib-9.6.17-3.33 is installed
  • OR postgresql96-docs-9.6.17-3.33 is installed
  • OR postgresql96-libs-9.6.17-3.33 is installed
  • OR postgresql96-plperl-9.6.17-3.33 is installed
  • OR postgresql96-plpython-9.6.17-3.33 is installed
  • OR postgresql96-pltcl-9.6.17-3.33 is installed
  • OR postgresql96-server-9.6.17-3.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libncurses5-5.9-61 is installed
  • OR libncurses5-32bit-5.9-61 is installed
  • OR libncurses6-5.9-61 is installed
  • OR libncurses6-32bit-5.9-61 is installed
  • OR ncurses-5.9-61 is installed
  • OR ncurses-devel-5.9-61 is installed
  • OR ncurses-devel-32bit-5.9-61 is installed
  • OR ncurses-utils-5.9-61 is installed
  • OR tack-5.9-61 is installed
  • OR terminfo-5.9-61 is installed
  • OR terminfo-base-5.9-61 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • evince-3.20.2-6.22 is installed
  • OR evince-browser-plugin-3.20.2-6.22 is installed
  • OR evince-lang-3.20.2-6.22 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.22 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.22 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.22 is installed
  • OR evince-plugin-psdocument-3.20.2-6.22 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.22 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.22 is installed
  • OR libevdocument3-4-3.20.2-6.22 is installed
  • OR libevview3-3-3.20.2-6.22 is installed
  • OR nautilus-evince-3.20.2-6.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed
  • OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed
  • OR libwebkit2gtk3-lang-2.28.3-2.56 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed
  • OR webkit2gtk3-2.28.3-2.56 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-loofah-2.0.2-3.5 is installed
  • OR rubygem-loofah-2.0.2-3.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-30.72 is installed
    • BACK