Oval Definition:oval:org.opensuse.security:def:61110
Revision Date:2021-03-01Version:1
Title:Security update for gnome-autoar (Moderate)
Description:

This update for gnome-autoar fixes the following issues:

- CVE-2020-36241: Skip problematic files that might be extracted outside of the destination dir to prevent potential directory traversal (bsc#1181930).
Family:unixClass:patch
Status:Reference(s):1012382
1013721
1013877
1026652
1043978
1051510
1052481
1052916
1057342
1059911
1059912
1059913
1060031
1066295
1069874
1084878
1085130
1085671
1086036
1087059
1100097
1117665
1120930
1134689
1135556
1137586
1137865
1139073
1139751
1140328
1140671
1143187
1144903
1145477
1146042
1146361
1146524
1146526
1146540
1146589
1147122
1148394
1148938
1149555
1149612
1150025
1150452
1150457
1150465
1151347
1151350
1152685
1152782
1152788
1153158
1154372
1155671
1158328
1168874
1174120
1174316
1175070
1175071
1175072
1176579
1176756
1177872
1178387
1181930
CVE-2016-7837
CVE-2016-9800
CVE-2016-9804
CVE-2017-1000117
CVE-2017-1000250
CVE-2017-13080
CVE-2017-13081
CVE-2017-14245
CVE-2017-14246
CVE-2017-14604
CVE-2017-14634
CVE-2017-16942
CVE-2017-18379
CVE-2017-18509
CVE-2017-18595
CVE-2017-2885
CVE-2017-6892
CVE-2018-12207
CVE-2018-12910
CVE-2018-19840
CVE-2018-5125
CVE-2018-5127
CVE-2018-5129
CVE-2018-5130
CVE-2018-5131
CVE-2018-5144
CVE-2018-5145
CVE-2018-5146
CVE-2018-5147
CVE-2018-5148
CVE-2019-10130
CVE-2019-10220
CVE-2019-11135
CVE-2019-11477
CVE-2019-11745
CVE-2019-13272
CVE-2019-13722
CVE-2019-14821
CVE-2019-15216
CVE-2019-15219
CVE-2019-15220
CVE-2019-15239
CVE-2019-15291
CVE-2019-15505
CVE-2019-15666
CVE-2019-15807
CVE-2019-15924
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16413
CVE-2019-16995
CVE-2019-17005
CVE-2019-17008
CVE-2019-17009
CVE-2019-17010
CVE-2019-17011
CVE-2019-17012
CVE-2019-17055
CVE-2019-17056
CVE-2019-17133
CVE-2019-17666
CVE-2019-9456
CVE-2019-9506
CVE-2020-11985
CVE-2020-11993
CVE-2020-1472
CVE-2020-15683
CVE-2020-15969
CVE-2020-25692
CVE-2020-36241
CVE-2020-6821
CVE-2020-6822
CVE-2020-6825
CVE-2020-6827
CVE-2020-6828
CVE-2020-9490
SUSE-SU-2017:2320-1
SUSE-SU-2017:3106-1
SUSE-SU-2018:0352-1
SUSE-SU-2018:0850-1
SUSE-SU-2018:1778-1
SUSE-SU-2018:2204-1
SUSE-SU-2019:1687-1
SUSE-SU-2020:0978-1
SUSE-SU-2020:3053-1
SUSE-SU-2020:3314-1
SUSE-SU-2021:0664-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Desktop 12 SP5
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Workstation Extension 12 SP5
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gnutls-3.6.7-lp151.2.3 is installed
  • OR gnutls-guile-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane0-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx28-3.6.7-lp151.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND cni-plugins-0.8.6-lp152.2.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP5 is installed
  • AND Package Information
  • libgnome-autoar-0-0-0.2.2-3.5.1 is installed
  • OR libgnome-autoar-gtk-0-0-0.2.2-3.5.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • kernel-firmware-20170530-21.13 is installed
  • OR ucode-amd-20170530-21.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-78.4.0-112.28 is installed
  • OR MozillaFirefox-devel-78.4.0-112.28 is installed
  • OR MozillaFirefox-translations-common-78.4.0-112.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-68.3.0-109.98 is installed
  • OR MozillaFirefox-translations-common-68.3.0-109.98 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libldap-2_4-2-2.4.41-18.77 is installed
  • OR libldap-2_4-2-32bit-2.4.41-18.77 is installed
  • OR openldap2-2.4.41-18.77 is installed
  • OR openldap2-back-meta-2.4.41-18.77 is installed
  • OR openldap2-client-2.4.41-18.77 is installed
  • OR openldap2-doc-2.4.41-18.77 is installed
  • OR openldap2-ppolicy-check-password-1.2-18.77 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • gnome-shell-search-provider-nautilus-3.20.3-23.6 is installed
  • OR libnautilus-extension1-3.20.3-23.6 is installed
  • OR nautilus-3.20.3-23.6 is installed
  • OR nautilus-lang-3.20.3-23.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND gzip-1.6-9.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed
  • OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed
  • OR libwebkit2gtk3-lang-2.28.3-2.56 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed
  • OR webkit2gtk3-2.28.3-2.56 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND mailman-2.1.17-3.23 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • MozillaFirefox-68.7.0-109.116 is installed
  • OR MozillaFirefox-translations-common-68.7.0-109.116 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-3.3 is installed
  • OR crowbar-6.0+git.1561125496.b7508480-3.6 is installed
  • OR crowbar-core-6.0+git.1562154525.5e2983308-3.3 is installed
  • OR crowbar-core-branding-upstream-6.0+git.1562154525.5e2983308-3.3 is installed
  • OR crowbar-devel-6.0+git.1561125496.b7508480-3.6 is installed
  • OR crowbar-ha-6.0+git.1560951093.4af1ee5-3.3 is installed
  • OR crowbar-openstack-6.0+git.1562153583.4735fcf34-3.3 is installed
  • OR documentation-suse-openstack-cloud-crowbar-deployment-9.20190621-3.3 is installed
  • OR documentation-suse-openstack-cloud-crowbar-operations-9.20190621-3.3 is installed
  • OR documentation-suse-openstack-cloud-supplement-9.20190621-3.3 is installed
  • OR galera-python-clustercheck-0.0+git.1562242499.36b8b64-6.3 is installed
  • OR grafana-5.3.3-3.3 is installed
  • OR grafana-monasca-ui-drilldown-1.14.1~dev7-3.3 is installed
  • OR openstack-ceilometer-11.0.2~dev13-3.3 is installed
  • OR openstack-ceilometer-agent-central-11.0.2~dev13-3.3 is installed
  • OR openstack-ceilometer-agent-compute-11.0.2~dev13-3.3 is installed
  • OR openstack-ceilometer-agent-ipmi-11.0.2~dev13-3.3 is installed
  • OR openstack-ceilometer-agent-notification-11.0.2~dev13-3.3 is installed
  • OR openstack-ceilometer-polling-11.0.2~dev13-3.3 is installed
  • OR openstack-cinder-13.0.6~dev12-3.3 is installed
  • OR openstack-cinder-api-13.0.6~dev12-3.3 is installed
  • OR openstack-cinder-backup-13.0.6~dev12-3.3 is installed
  • OR openstack-cinder-scheduler-13.0.6~dev12-3.3 is installed
  • OR openstack-cinder-volume-13.0.6~dev12-3.3 is installed
  • OR openstack-dashboard-14.0.4~dev4-3.3 is installed
  • OR openstack-designate-7.0.1~dev20-3.3 is installed
  • OR openstack-designate-agent-7.0.1~dev20-3.3 is installed
  • OR openstack-designate-api-7.0.1~dev20-3.3 is installed
  • OR openstack-designate-central-7.0.1~dev20-3.3 is installed
  • OR openstack-designate-producer-7.0.1~dev20-3.3 is installed
  • OR openstack-designate-sink-7.0.1~dev20-3.3 is installed
  • OR openstack-designate-worker-7.0.1~dev20-3.3 is installed
  • OR openstack-heat-11.0.3~dev5-3.3 is installed
  • OR openstack-heat-api-11.0.3~dev5-3.3 is installed
  • OR openstack-heat-api-cfn-11.0.3~dev5-3.3 is installed
  • OR openstack-heat-engine-11.0.3~dev5-3.3 is installed
  • OR openstack-heat-plugin-heat_docker-11.0.3~dev5-3.3 is installed
  • OR openstack-horizon-plugin-designate-ui-7.0.1~dev7-3.3 is installed
  • OR openstack-horizon-plugin-heat-ui-1.4.1~dev4-4.3 is installed
  • OR openstack-horizon-plugin-magnum-ui-5.0.2~dev9-3.3 is installed
  • OR openstack-horizon-plugin-monasca-ui-1.14.1~dev7-3.3 is installed
  • OR openstack-ironic-11.1.4~dev2-3.3 is installed
  • OR openstack-ironic-api-11.1.4~dev2-3.3 is installed
  • OR openstack-ironic-conductor-11.1.4~dev2-3.3 is installed
  • OR openstack-ironic-python-agent-3.3.2~dev13-3.3 is installed
  • OR openstack-keystone-14.1.1~dev7-3.3 is installed
  • OR openstack-magnum-7.1.1~dev24-3.3 is installed
  • OR openstack-magnum-api-7.1.1~dev24-3.3 is installed
  • OR openstack-magnum-conductor-7.1.1~dev24-3.3 is installed
  • OR openstack-manila-7.3.1~dev2-4.3 is installed
  • OR openstack-manila-api-7.3.1~dev2-4.3 is installed
  • OR openstack-manila-data-7.3.1~dev2-4.3 is installed
  • OR openstack-manila-scheduler-7.3.1~dev2-4.3 is installed
  • OR openstack-manila-share-7.3.1~dev2-4.3 is installed
  • OR openstack-monasca-agent-2.8.1~dev10-3.3 is installed
  • OR openstack-monasca-notification-1.14.1~dev8-6.3 is installed
  • OR openstack-neutron-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-dhcp-agent-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-fwaas-13.0.2~dev14-3.3 is installed
  • OR openstack-neutron-gbp-5.0.1~dev443-3.3 is installed
  • OR openstack-neutron-ha-tool-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-l3-agent-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-lbaas-13.0.1~dev12-3.3 is installed
  • OR openstack-neutron-lbaas-agent-13.0.1~dev12-3.3 is installed
  • OR openstack-neutron-linuxbridge-agent-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-macvtap-agent-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-metadata-agent-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-metering-agent-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-openvswitch-agent-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-server-13.0.4~dev89-3.3 is installed
  • OR openstack-neutron-vpnaas-13.0.2~dev4-3.3 is installed
  • OR openstack-neutron-vyatta-agent-13.0.2~dev4-3.3 is installed
  • OR openstack-nova-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-api-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-cells-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-compute-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-conductor-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-console-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-novncproxy-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-placement-api-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-scheduler-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-serialproxy-18.2.2~dev9-3.3 is installed
  • OR openstack-nova-vncproxy-18.2.2~dev9-3.3 is installed
  • OR openstack-octavia-3.1.2~dev2-3.3 is installed
  • OR openstack-octavia-amphora-agent-3.1.2~dev2-3.3 is installed
  • OR openstack-octavia-api-3.1.2~dev2-3.3 is installed
  • OR openstack-octavia-health-manager-3.1.2~dev2-3.3 is installed
  • OR openstack-octavia-housekeeping-3.1.2~dev2-3.3 is installed
  • OR openstack-octavia-worker-3.1.2~dev2-3.3 is installed
  • OR python-barbican-tempest-plugin-0.1.0-4.3 is installed
  • OR python-ceilometer-11.0.2~dev13-3.3 is installed
  • OR python-cinder-13.0.6~dev12-3.3 is installed
  • OR python-cinderclient-4.0.2-3.3 is installed
  • OR python-cinderclient-doc-4.0.2-3.3 is installed
  • OR python-designate-7.0.1~dev20-3.3 is installed
  • OR python-heat-11.0.3~dev5-3.3 is installed
  • OR python-horizon-14.0.4~dev4-3.3 is installed
  • OR python-horizon-plugin-designate-ui-7.0.1~dev7-3.3 is installed
  • OR python-horizon-plugin-heat-ui-1.4.1~dev4-4.3 is installed
  • OR python-horizon-plugin-magnum-ui-5.0.2~dev9-3.3 is installed
  • OR python-horizon-plugin-monasca-ui-1.14.1~dev7-3.3 is installed
  • OR python-ironic-11.1.4~dev2-3.3 is installed
  • OR python-ironicclient-2.5.2-4.3 is installed
  • OR python-ironicclient-doc-2.5.2-4.3 is installed
  • OR python-keystone-14.1.1~dev7-3.3 is installed
  • OR python-magnum-7.1.1~dev24-3.3 is installed
  • OR python-manila-7.3.1~dev2-4.3 is installed
  • OR python-manila-tempest-plugin-0.1.0-3.3 is installed
  • OR python-manilaclient-1.24.2-3.3 is installed
  • OR python-manilaclient-doc-1.24.2-3.3 is installed
  • OR python-monasca-agent-2.8.1~dev10-3.3 is installed
  • OR python-monasca-notification-1.14.1~dev8-6.3 is installed
  • OR python-neutron-13.0.4~dev89-3.3 is installed
  • OR python-neutron-fwaas-13.0.2~dev14-3.3 is installed
  • OR python-neutron-gbp-5.0.1~dev443-3.3 is installed
  • OR python-neutron-lbaas-13.0.1~dev12-3.3 is installed
  • OR python-neutron-vpnaas-13.0.2~dev4-3.3 is installed
  • OR python-nova-18.2.2~dev9-3.3 is installed
  • OR python-octavia-3.1.2~dev2-3.3 is installed
  • OR python-openstack_auth-14.0.4~dev4-3.3 is installed
  • OR python-os-brick-2.5.7-3.3 is installed
  • OR python-os-brick-common-2.5.7-3.3 is installed
  • OR python-oslo.db-4.40.2-3.3 is installed
  • OR python-proliantutils-2.8.4-1 is installed
  • OR supportutils-plugin-suse-openstack-cloud-9.0.1562324636.e7046a3-1 is installed
    • BACK