OVAL Reference oval:org.opensuse.security:def:6201

Oval Definition:

oval:org.opensuse.security:def:6201

Revision Date:	2022-03-17	Version:	1
Title:	Security update for python-lxml (Moderate)
Description:	This update for python-lxml fixes the following issues: - CVE-2021-43818: Removed SVG image data URLs since they can embed script content (bsc#1193752). - CVE-2021-28957: Fixed a potential XSS due to improper input sanitization (bsc#1184177). - CVE-2020-27783: Fixed a potential XSS due to improper HTML parsing (bsc#1179534). - CVE-2018-19787: Fixed a potential XSS due to improper input sanitization (bsc#1118088).
Family:	unix	Class:	patch
Status:		Reference(s):	1065729 1118088 1148868 1152489 1154353 1159886 1167773 1170774 1173746 1176940 1179534 1184177 1184439 1184804 1185302 1185677 1185726 1185762 1187167 1188067 1188651 1188986 1189297 1189841 1189884 1190023 1190062 1190115 1190159 1190358 1190406 1190432 1190467 1190523 1190534 1190543 1190576 1190595 1190596 1190598 1190620 1190626 1190679 1190705 1190717 1190746 1190758 1190784 1190785 1191172 1191193 1191240 1191292 1193752 CVE-2006-4484 CVE-2008-4316 CVE-2009-0945 CVE-2010-2074 CVE-2010-2240 CVE-2011-3193 CVE-2011-3602 CVE-2011-3922 CVE-2012-0786 CVE-2012-3524 CVE-2012-4453 CVE-2012-4929 CVE-2012-4929 CVE-2012-6093 CVE-2013-0157 CVE-2013-0254 CVE-2013-1940 CVE-2013-4396 CVE-2013-4549 CVE-2013-6424 CVE-2014-0011 CVE-2014-0190 CVE-2014-7202 CVE-2014-7203 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 CVE-2014-8103 CVE-2014-8119 CVE-2014-8240 CVE-2014-9114 CVE-2014-9721 CVE-2015-0255 CVE-2015-0295 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2015-2924 CVE-2015-3164 CVE-2015-3418 CVE-2015-5218 CVE-2016-0764 CVE-2016-10040 CVE-2016-1521 CVE-2016-1523 CVE-2016-1526 CVE-2016-2779 CVE-2016-5011 CVE-2016-8637 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436 CVE-2016-9437 CVE-2016-9438 CVE-2016-9439 CVE-2016-9440 CVE-2016-9441 CVE-2016-9442 CVE-2016-9443 CVE-2016-9621 CVE-2016-9622 CVE-2016-9623 CVE-2016-9624 CVE-2016-9625 CVE-2016-9626 CVE-2016-9627 CVE-2016-9628 CVE-2016-9629 CVE-2016-9630 CVE-2016-9631 CVE-2016-9632 CVE-2016-9633 CVE-2017-2616 CVE-2017-2624 CVE-2017-5436 CVE-2017-7555 CVE-2018-17407 CVE-2018-19787 CVE-2018-7738 CVE-2018-7999 CVE-2018-9275 CVE-2020-27783 CVE-2020-3702 CVE-2021-28957 CVE-2021-3669 CVE-2021-3744 CVE-2021-3752 CVE-2021-3764 CVE-2021-40490 CVE-2021-43818 SUSE-SU-2022:0895-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree openSUSE Leap 42.1 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Build System Kit 12 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for High Performance Computing 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE OpenStack Cloud 6	Product(s):
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND perl-Capture-Tiny-0.23-4 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND Package Information krb5-mini-1.12.1-22 is installed OR krb5-mini-devel-1.12.1-22 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND Package Information krb5-mini-1.12.5-40.13 is installed OR krb5-mini-devel-1.12.5-40.13 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND kernel-zfcpdump-4.4.82-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP4 is installed AND Package Information libudev-mini-devel-228-150.58 is installed OR libudev-mini1-228-150.58 is installed OR systemd-mini-228-150.58 is installed OR systemd-mini-devel-228-150.58 is installed OR udev-mini-228-150.58 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information cups-1.3.9-8.46.48.1 is installed OR cups-client-1.3.9-8.46.48.1 is installed OR cups-libs-1.3.9-8.46.48.1 is installed OR cups-libs-32bit-1.3.9-8.46.48.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.6.0esr-0.8.1 is installed OR MozillaFirefox-branding-SLED-24-0.7.48 is installed OR MozillaFirefox-translations-24.6.0esr-0.8.1 is installed OR libfreebl3-3.16.1-0.8.1 is installed OR libfreebl3-32bit-3.16.1-0.8.1 is installed OR libsoftokn3-3.16.1-0.8.1 is installed OR libsoftokn3-32bit-3.16.1-0.8.1 is installed OR mozilla-nspr-4.10.6-0.3.1 is installed OR mozilla-nspr-32bit-4.10.6-0.3.1 is installed OR mozilla-nss-3.16.1-0.8.1 is installed OR mozilla-nss-32bit-3.16.1-0.8.1 is installed OR mozilla-nss-tools-3.16.1-0.8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND mailx-12.5-22 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND radvd-1.9.7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND w3m-0.5.3.git20161120-160 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information NetworkManager-1.0.12-13.6 is installed OR NetworkManager-lang-1.0.12-13.6 is installed OR libnm-glib-vpn1-1.0.12-13.6 is installed OR libnm-glib4-1.0.12-13.6 is installed OR libnm-util2-1.0.12-13.6 is installed OR libnm0-1.0.12-13.6 is installed OR typelib-1_0-NM-1_0-1.0.12-13.6 is installed OR typelib-1_0-NMClient-1_0-1.0.12-13.6 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-13.6 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information libblkid1-2.25-24.10 is installed OR libblkid1-32bit-2.25-24.10 is installed OR libmount1-2.25-24.10 is installed OR libmount1-32bit-2.25-24.10 is installed OR libsmartcols1-2.25-24.10 is installed OR libuuid1-2.25-24.10 is installed OR libuuid1-32bit-2.25-24.10 is installed OR python-libmount-2.25-24.10 is installed OR util-linux-2.25-24.10 is installed OR util-linux-lang-2.25-24.10 is installed OR util-linux-systemd-2.25-24.10 is installed OR uuidd-2.25-24.10 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information bind-9.9.9P1-62.1 is installed OR bind-chrootenv-9.9.9P1-62.1 is installed OR bind-devel-9.9.9P1-62.1 is installed OR bind-doc-9.9.9P1-62.1 is installed OR bind-libs-9.9.9P1-62.1 is installed OR bind-libs-32bit-9.9.9P1-62.1 is installed OR bind-utils-9.9.9P1-62.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_32-33-default-5-2 is installed OR kgraft-patch-3_12_32-33-xen-5-2 is installed OR kgraft-patch-SLE12_Update_1-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_3-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_1-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND facter-2.0.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND python-setuptools-1.1.7-7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 12 is installed AND Package Information libpmi0-17.02.9-6.10 is installed OR libslurm29-16.05.8.1-6 is installed OR libslurm31-17.02.9-6.10 is installed OR pdsh-2.33-7.5 is installed OR perl-slurm-17.02.9-6.10 is installed OR slurm-17.02.9-6.10 is installed OR slurm-auth-none-17.02.9-6.10 is installed OR slurm-devel-17.02.9-6.10 is installed OR slurm-doc-17.02.9-6.10 is installed OR slurm-lua-17.02.9-6.10 is installed OR slurm-munge-17.02.9-6.10 is installed OR slurm-pam_slurm-17.02.9-6.10 is installed OR slurm-plugins-17.02.9-6.10 is installed OR slurm-sched-wiki-17.02.9-6.10 is installed OR slurm-slurmdb-direct-17.02.9-6.10 is installed OR slurm-slurmdbd-17.02.9-6.10 is installed OR slurm-sql-17.02.9-6.10 is installed OR slurm-torque-17.02.9-6.10 is installed OR slurmlibs-16.05.8.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.2-8 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.2-8 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.2-8 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.2-8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.39-47 is installed OR kernel-ec2-devel-3.12.39-47 is installed OR kernel-ec2-extra-3.12.39-47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1 is installed AND Package Information gtk2-2.18.9-0.4.1 is installed OR gtk2-32bit-2.18.9-0.4.1 is installed OR gtk2-doc-2.18.9-0.4.1 is installed OR gtk2-lang-2.18.9-0.4.1 is installed OR gtk2-x86-2.18.9-0.4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND apache2-mod_perl-2.0.4-40.19 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND gnutls-2.4.1-24.39.60.1 is installed OR libgnutls-extra26-2.4.1-24.39.60.1 is installed OR libgnutls26-2.4.1-24.39.60.1 is installed OR libgnutls26-32bit-2.4.1-24.39.60.1 is installed OR libgnutls26-x86-2.4.1-24.39.60.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND gnutls-2.4.1-24.39.60.1 is installed OR libgnutls-extra26-2.4.1-24.39.60.1 is installed OR libgnutls26-2.4.1-24.39.60.1 is installed OR libgnutls26-32bit-2.4.1-24.39.60.1 is installed OR libgnutls26-x86-2.4.1-24.39.60.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information libopensc2-0.11.6-5.27.1 is installed OR libopensc2-32bit-0.11.6-5.27.1 is installed OR libopensc2-x86-0.11.6-5.27.1 is installed OR opensc-0.11.6-5.27.1 is installed OR opensc-32bit-0.11.6-5.27.1 is installed OR opensc-x86-0.11.6-5.27.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information MozillaFirefox-31.7.0esr-0.8.1 is installed OR MozillaFirefox-translations-31.7.0esr-0.8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11-SECURITY is installed AND Package Information libopenssl1-devel-1.0.1g-0.40.1 is installed OR libopenssl1_0_0-1.0.1g-0.40.1 is installed OR libopenssl1_0_0-32bit-1.0.1g-0.40.1 is installed OR libopenssl1_0_0-x86-1.0.1g-0.40.1 is installed OR openssl1-1.0.1g-0.40.1 is installed OR openssl1-doc-1.0.1g-0.40.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-1 is installed OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cvs-1.12.12-181 is installed OR cvs-doc-1.12.12-181 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information bzip2-1.0.6-29 is installed OR bzip2-doc-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND python-lxml-3.6.1-8.5.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND python-lxml-3.6.1-8.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND opie-2.4-724 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND Package Information kgraft-patch-4_4_175-94_79-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND libcurl-devel-7.19.7-1.20.31.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information MozillaFirefox-31.8.0esr-0.13.2 is installed OR MozillaFirefox-devel-31.8.0esr-0.13.2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND MozillaFirefox-devel-31.7.0esr-0.8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND aaa_base-malloccheck-13.2+git20140911.61c1681-1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information FastCGI-2.4.0-167 is installed OR perl-FastCGI-2.4.0-167 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-33 is installed OR ImageMagick-devel-6.8.8.1-33 is installed OR libMagick++-6_Q16-3-6.8.8.1-33 is installed OR libMagick++-devel-6.8.8.1-33 is installed OR perl-PerlMagick-6.8.8.1-33 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND aaa_base-malloccheck-13.2+git20140911.61c1681-36 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND apache-pdfbox-1.8.12-3.5 is installed

BACK