OVAL Reference oval:org.opensuse.security:def:6180

Oval Definition:

oval:org.opensuse.security:def:6180

Revision Date:	2022-03-03	Version:	1
Title:	Security update for expat (Important)
Description:	This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025). - CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026). - CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168). - CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169). - CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).
Family:	unix	Class:	patch
Status:		Reference(s):	1189724 1196025 1196026 1196168 1196169 1196171 CVE-2006-7250 CVE-2007-6746 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-3245 CVE-2009-3555 CVE-2009-4355 CVE-2009-5146 CVE-2010-0405 CVE-2010-0740 CVE-2010-2939 CVE-2010-3864 CVE-2010-4180 CVE-2010-4252 CVE-2010-4530 CVE-2011-0014 CVE-2011-2721 CVE-2011-3210 CVE-2011-3627 CVE-2011-4108 CVE-2011-4109 CVE-2011-4354 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2011-5095 CVE-2012-0035 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-1457 CVE-2012-1458 CVE-2012-1459 CVE-2012-2110 CVE-2012-2131 CVE-2012-2333 CVE-2012-3355 CVE-2012-3386 CVE-2012-4929 CVE-2012-6706 CVE-2013-0166 CVE-2013-0169 CVE-2013-4143 CVE-2013-6487 CVE-2013-6497 CVE-2014-0076 CVE-2014-0221 CVE-2014-0224 CVE-2014-1545 CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-3775 CVE-2014-8275 CVE-2014-9050 CVE-2014-9328 CVE-2015-0204 CVE-2015-0205 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-1461 CVE-2015-1462 CVE-2015-1463 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2305 CVE-2015-2668 CVE-2015-3195 CVE-2015-3197 CVE-2015-3216 CVE-2015-4000 CVE-2015-5185 CVE-2015-5276 CVE-2015-7183 CVE-2016-0702 CVE-2016-0797 CVE-2016-0799 CVE-2016-0800 CVE-2016-2105 CVE-2016-2106 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-5104 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7056 CVE-2016-8610 CVE-2017-11423 CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 CVE-2017-2625 CVE-2017-6418 CVE-2017-6419 CVE-2017-6420 CVE-2017-7435 CVE-2017-7436 CVE-2017-9269 CVE-2018-0202 CVE-2018-0360 CVE-2018-0361 CVE-2018-0732 CVE-2018-0737 CVE-2018-0739 CVE-2018-1000085 CVE-2018-14680 CVE-2018-14681 CVE-2018-14682 CVE-2018-15378 CVE-2018-7685 CVE-2021-38171 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315 SUSE-SU-2022:0698-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree openSUSE Leap 42.1 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Build System Kit 12 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SP4	Product(s):
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND kernel-zfcpdump-3.12.38-44 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND Package Information python-tdb-1.3.8-4 is installed OR python-tevent-0.9.26-4 is installed OR tdb-1.3.8-4 is installed OR tevent-0.9.26-4 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND Package Information ghostscript-mini-9.15-17 is installed OR ghostscript-mini-devel-9.15-17 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND Package Information libreoffice-5.3.5.2-43.5 is installed OR libreoffice-sdk-5.3.5.2-43.5 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP4 is installed AND Package Information libreoffice-6.0.5.2-43.38 is installed OR libreoffice-sdk-6.0.5.2-43.38 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information Mesa-7.11.2-0.9.1 is installed OR Mesa-32bit-7.11.2-0.9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information augeas-0.9.0-3.17.2 is installed OR libaugeas0-0.9.0-3.17.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information tigervnc-1.3.0-22 is installed OR xorg-x11-Xvnc-1.3.0-22 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND pcsc-ccid-1.4.14-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND sblim-sfcb-1.4.8-16 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND clamav-0.100.2-33.18 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_61-52_72-default-3-2 is installed OR kgraft-patch-3_12_61-52_72-xen-3-2 is installed OR kgraft-patch-SLE12_Update_21-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information evince-3.10.3-2.3.1 is installed OR evince-lang-3.10.3-2.3.1 is installed OR libevdocument3-4-3.10.3-2.3.1 is installed OR libevview3-3-3.10.3-2.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information libpacemaker3-1.1.19+20180928.0d2680780-1 is installed OR pacemaker-1.1.19+20180928.0d2680780-1 is installed OR pacemaker-cli-1.1.19+20180928.0d2680780-1 is installed OR pacemaker-cts-1.1.19+20180928.0d2680780-1 is installed OR pacemaker-remote-1.1.19+20180928.0d2680780-1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND libpcreposix0-8.39-8.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_57-60_35-default-5-2 is installed OR kgraft-patch-3_12_57-60_35-xen-5-2 is installed OR kgraft-patch-SLE12-SP1_Update_4-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_73-5-default-2-2.3 is installed OR kgraft-patch-SLE12-SP3_Update_0-2-2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information salt-2016.11.4-46.7 is installed OR salt-api-2016.11.4-46.7 is installed OR salt-bash-completion-2016.11.4-46.7 is installed OR salt-cloud-2016.11.4-46.7 is installed OR salt-doc-2016.11.4-46.7 is installed OR salt-master-2016.11.4-46.7 is installed OR salt-minion-2016.11.4-46.7 is installed OR salt-proxy-2016.11.4-46.7 is installed OR salt-ssh-2016.11.4-46.7 is installed OR salt-syndic-2016.11.4-46.7 is installed OR salt-zsh-completion-2016.11.4-46.7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND Package Information ruby2.1-rubygem-rack-1_4-1.4.5-8 is installed OR rubygem-rack-1_4-1.4.5-8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information cups154-1.5.4-9 is installed OR cups154-client-1.5.4-9 is installed OR cups154-filters-1.5.4-9 is installed OR cups154-libs-1.5.4-9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.39-47 is installed OR kernel-ec2-devel-3.12.39-47 is installed OR kernel-ec2-extra-3.12.39-47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1 is installed AND Package Information evince-2.28.2-0.2.68 is installed OR evince-doc-2.28.2-0.2.68 is installed OR evince-lang-2.28.2-0.2.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND apache2-mod_jk-1.2.26-1.30.110 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND MozillaFirefox-31.5.3esr-0.8.1 is installed OR MozillaFirefox-translations-31.5.3esr-0.8.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND MozillaFirefox-31.5.3esr-0.8.1 is installed OR MozillaFirefox-translations-31.5.3esr-0.8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND libadns1-1.4-73.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND Package Information libopenssl0_9_8-0.9.8j-0.89.1 is installed OR libopenssl0_9_8-32bit-0.9.8j-0.89.1 is installed OR libopenssl0_9_8-hmac-0.9.8j-0.89.1 is installed OR libopenssl0_9_8-hmac-32bit-0.9.8j-0.89.1 is installed OR openssl-0.9.8j-0.89.1 is installed OR openssl-doc-0.9.8j-0.89.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information OpenEXR-1.6.1-83.17.1 is installed OR OpenEXR-32bit-1.6.1-83.17.1 is installed OR OpenEXR-x86-1.6.1-83.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11-SECURITY is installed AND Package Information libldap-openssl1-2_4-2-2.4.26-0.30.2 is installed OR libldap-openssl1-2_4-2-32bit-2.4.26-0.30.2 is installed OR libldap-openssl1-2_4-2-x86-2.4.26-0.30.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND apache2-mod_jk-1.2.40-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information augeas-1.2.0-3 is installed OR augeas-lenses-1.2.0-3 is installed OR libaugeas0-1.2.0-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-28 is installed OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND ant-1.9.4-3.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND expat-2.1.0-21.18.1 is installed OR libexpat1-2.1.0-21.18.1 is installed OR libexpat1-32bit-2.1.0-21.18.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND expat-2.1.0-21.18.1 is installed OR libexpat1-2.1.0-21.18.1 is installed OR libexpat1-32bit-2.1.0-21.18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information libvirt-2.0.0-26 is installed OR libvirt-client-2.0.0-26 is installed OR libvirt-daemon-2.0.0-26 is installed OR libvirt-daemon-config-network-2.0.0-26 is installed OR libvirt-daemon-config-nwfilter-2.0.0-26 is installed OR libvirt-daemon-driver-interface-2.0.0-26 is installed OR libvirt-daemon-driver-lxc-2.0.0-26 is installed OR libvirt-daemon-driver-network-2.0.0-26 is installed OR libvirt-daemon-driver-nodedev-2.0.0-26 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-26 is installed OR libvirt-daemon-driver-qemu-2.0.0-26 is installed OR libvirt-daemon-driver-secret-2.0.0-26 is installed OR libvirt-daemon-driver-storage-2.0.0-26 is installed OR libvirt-daemon-lxc-2.0.0-26 is installed OR libvirt-daemon-qemu-2.0.0-26 is installed OR libvirt-doc-2.0.0-26 is installed OR libvirt-lock-sanlock-2.0.0-26 is installed OR libvirt-nss-2.0.0-26 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND Package Information kgraft-patch-4_4_121-92_101-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_27-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information Mesa-devel-7.11.2-0.9.1 is installed OR Mesa-devel-32bit-7.11.2-0.9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND MozillaFirefox-devel-17.0.9esr-0.7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND PolicyKit-devel-0.9-14.43.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information bash-devel-4.2-75 is installed OR readline-devel-6.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND apache2-devel-2.4.16-5 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND augeas-devel-1.2.0-15 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information typelib-1_0-EvinceDocument-3_0-3.20.2-6.22 is installed OR typelib-1_0-EvinceView-3_0-3.20.2-6.22 is installed

BACK