Oval Definition:	oval:org.opensuse.security:def:6289
Revision Date: 2022-01-11 Version: 1 Title: Security update for grafana (Important) (in QA) Description: This update for grafana fixes the following issues: - CVE-2021-39226: Fixed snapshot authentication bypass (bsc#1191454) - CVE-2021-43813: Fixed markdown path traversal (bsc#1193688) This patch is currently in QA and not yet available for download. Family: unix Class: patch Status: Reference(s): 1191454 1193688 CVE-2007-3126 CVE-2009-0316 CVE-2009-1886 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4536 CVE-2009-4538 CVE-2010-0547 CVE-2010-0728 CVE-2010-0787 CVE-2010-0926 CVE-2010-1146 CVE-2010-1436 CVE-2010-1635 CVE-2010-1641 CVE-2010-1642 CVE-2010-2063 CVE-2010-2066 CVE-2010-2252 CVE-2010-2529 CVE-2010-2891 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3069 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-4540 CVE-2010-4541 CVE-2010-4542 CVE-2010-4543 CVE-2011-0712 CVE-2011-0719 CVE-2011-1020 CVE-2011-1577 CVE-2011-2203 CVE-2011-2522 CVE-2011-2694 CVE-2011-2896 CVE-2012-0035 CVE-2012-0056 CVE-2012-0817 CVE-2012-0870 CVE-2012-1182 CVE-2012-2111 CVE-2012-3236 CVE-2012-4929 CVE-2012-5576 CVE-2012-6150 CVE-2013-0160 CVE-2013-0172 CVE-2013-0213 CVE-2013-0214 CVE-2013-0231 CVE-2013-0240 CVE-2013-0454 CVE-2013-0913 CVE-2013-1799 CVE-2013-1863 CVE-2013-1986 CVE-2013-2850 CVE-2013-4124 CVE-2013-4312 CVE-2013-4314 CVE-2013-4408 CVE-2013-4475 CVE-2013-4476 CVE-2013-4496 CVE-2013-6393 CVE-2013-6442 CVE-2013-6487 CVE-2014-0038 CVE-2014-00691 CVE-2014-0178 CVE-2014-0196 CVE-2014-0239 CVE-2014-0244 CVE-2014-2525 CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2014-3493 CVE-2014-3560 CVE-2014-3775 CVE-2014-4877 CVE-2014-8143 CVE-2014-9130 CVE-2015-0240 CVE-2015-1350 CVE-2015-2059 CVE-2015-3223 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-5370 CVE-2015-7560 CVE-2015-7833 CVE-2015-7884 CVE-2015-7885 CVE-2015-8467 CVE-2015-8543 CVE-2015-8709 CVE-2015-8812 CVE-2015-8964 CVE-2016-0617 CVE-2016-0723 CVE-2016-0728 CVE-2016-0758 CVE-2016-0771 CVE-2016-10200 CVE-2016-1237 CVE-2016-1248 CVE-2016-1583 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2117 CVE-2016-2118 CVE-2016-2119 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-2383 CVE-2016-2384 CVE-2016-2847 CVE-2016-3134 CVE-2016-3135 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3140 CVE-2016-3156 CVE-2016-3672 CVE-2016-3689 CVE-2016-3713 CVE-2016-3951 CVE-2016-4470 CVE-2016-4482 CVE-2016-4486 CVE-2016-4557 CVE-2016-4558 CVE-2016-4569 CVE-2016-4578 CVE-2016-4794 CVE-2016-4805 CVE-2016-4951 CVE-2016-4971 CVE-2016-4994 CVE-2016-4997 CVE-2016-4998 CVE-2016-5195 CVE-2016-5244 CVE-2016-5412 CVE-2016-5696 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197 CVE-2016-6480 CVE-2016-6828 CVE-2016-7039 CVE-2016-7042 CVE-2016-7097 CVE-2016-7098 CVE-2016-7117 CVE-2016-7425 CVE-2016-7913 CVE-2016-7917 CVE-2016-7947 CVE-2016-7948 CVE-2016-8632 CVE-2016-8636 CVE-2016-8645 CVE-2016-8655 CVE-2016-8658 CVE-2016-8666 CVE-2016-9083 CVE-2016-9084 CVE-2016-9191 CVE-2016-9555 CVE-2016-9576 CVE-2016-9793 CVE-2016-9794 CVE-2016-9806 CVE-2016-9919 CVE-2017-1000364 CVE-2017-1000365 CVE-2017-1000380 CVE-2017-13089 CVE-2017-13090 CVE-2017-2583 CVE-2017-2584 CVE-2017-2596 CVE-2017-2636 CVE-2017-2671 CVE-2017-5551 CVE-2017-5576 CVE-2017-5577 CVE-2017-5838 CVE-2017-5897 CVE-2017-5953 CVE-2017-5970 CVE-2017-5986 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6347 CVE-2017-6349 CVE-2017-6350 CVE-2017-6353 CVE-2017-6508 CVE-2017-7184 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7346 CVE-2017-7374 CVE-2017-7487 CVE-2017-7518 CVE-2017-7616 CVE-2017-7618 CVE-2017-8890 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9150 CVE-2017-9242 CVE-2018-0494 CVE-2021-39226 CVE-2021-43813 Platform(s): openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE Leap 42.1 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Build System Kit 12 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 12 SP2 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 Product(s): Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND kernel-zfcpdump-4.4.38-93 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND python-pycrypto-2.6.1-10.3 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP4 is installed AND Package Information krb5-mini-1.12.5-40.31 is installed OR krb5-mini-devel-1.12.5-40.31 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information gnutls-2.4.1-24.39.47.1 is installed OR libgnutls26-2.4.1-24.39.47.1 is installed OR libgnutls26-32bit-2.4.1-24.39.47.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.8.0esr-0.13.2 is installed OR MozillaFirefox-translations-31.8.0esr-0.13.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information finch-2.10.9-8 is installed OR libpurple-2.10.9-8 is installed OR libpurple-lang-2.10.9-8 is installed OR libpurple-meanwhile-2.10.9-8 is installed OR libpurple-tcl-2.10.9-8 is installed OR pidgin-2.10.9-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information kernel-default-3.12.59-60.41 is installed OR kernel-default-devel-3.12.59-60.41 is installed OR kernel-default-extra-3.12.59-60.41 is installed OR kernel-devel-3.12.59-60.41 is installed OR kernel-macros-3.12.59-60.41 is installed OR kernel-source-3.12.59-60.41 is installed OR kernel-syms-3.12.59-60.41 is installed OR kernel-xen-3.12.59-60.41 is installed OR kernel-xen-devel-3.12.59-60.41 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information emacs-24.3-16 is installed OR emacs-info-24.3-16 is installed OR emacs-x11-24.3-16 is installed OR etags-24.3-16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gimp-2.8.18-9.3 is installed OR gimp-lang-2.8.18-9.3 is installed OR gimp-plugins-python-2.8.18-9.3 is installed OR libgimp-2_0-0-2.8.18-9.3 is installed OR libgimpui-2_0-0-2.8.18-9.3 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information libsoup-2.44.2-2.3 is installed OR libsoup-2_4-1-2.44.2-2.3 is installed OR libsoup-2_4-1-32bit-2.44.2-2.3 is installed OR libsoup-lang-2.44.2-2.3 is installed OR typelib-1_0-Soup-2_4-2.44.2-2.3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND ctdb-4.4.2-29 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.73-5 is installed OR dlm-kmp-default-4.4.73-5 is installed OR gfs2-kmp-default-4.4.73-5 is installed OR ocfs2-kmp-default-4.4.73-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information cluster-md-kmp-default-4.12.14-120 is installed OR dlm-kmp-default-4.12.14-120 is installed OR gfs2-kmp-default-4.12.14-120 is installed OR ocfs2-kmp-default-4.12.14-120 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND apache2-mod_perl-2.0.8-11 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-4_4_59-92_20-default-5-4 is installed OR kgraft-patch-SLE12-SP2_Update_8-5-4 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_73-5-default-2-2.3 is installed OR kgraft-patch-SLE12-SP3_Update_0-2-2.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.8.5-15.3 is installed OR puppet-server-3.8.5-15.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND sles12sp1-docker-image-1.0.4-20160308170633 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.36-38 is installed OR kernel-ec2-devel-3.12.36-38 is installed OR kernel-ec2-extra-3.12.36-38 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-30 is installed OR php5-5.5.14-30 is installed OR php5-bcmath-5.5.14-30 is installed OR php5-bz2-5.5.14-30 is installed OR php5-calendar-5.5.14-30 is installed OR php5-ctype-5.5.14-30 is installed OR php5-curl-5.5.14-30 is installed OR php5-dba-5.5.14-30 is installed OR php5-dom-5.5.14-30 is installed OR php5-enchant-5.5.14-30 is installed OR php5-exif-5.5.14-30 is installed OR php5-fastcgi-5.5.14-30 is installed OR php5-fileinfo-5.5.14-30 is installed OR php5-fpm-5.5.14-30 is installed OR php5-ftp-5.5.14-30 is installed OR php5-gd-5.5.14-30 is installed OR php5-gettext-5.5.14-30 is installed OR php5-gmp-5.5.14-30 is installed OR php5-iconv-5.5.14-30 is installed OR php5-intl-5.5.14-30 is installed OR php5-json-5.5.14-30 is installed OR php5-ldap-5.5.14-30 is installed OR php5-mbstring-5.5.14-30 is installed OR php5-mcrypt-5.5.14-30 is installed OR php5-mysql-5.5.14-30 is installed OR php5-odbc-5.5.14-30 is installed OR php5-openssl-5.5.14-30 is installed OR php5-pcntl-5.5.14-30 is installed OR php5-pdo-5.5.14-30 is installed OR php5-pear-5.5.14-30 is installed OR php5-pgsql-5.5.14-30 is installed OR php5-pspell-5.5.14-30 is installed OR php5-shmop-5.5.14-30 is installed OR php5-snmp-5.5.14-30 is installed OR php5-soap-5.5.14-30 is installed OR php5-sockets-5.5.14-30 is installed OR php5-sqlite-5.5.14-30 is installed OR php5-suhosin-5.5.14-30 is installed OR php5-sysvmsg-5.5.14-30 is installed OR php5-sysvsem-5.5.14-30 is installed OR php5-sysvshm-5.5.14-30 is installed OR php5-tokenizer-5.5.14-30 is installed OR php5-wddx-5.5.14-30 is installed OR php5-xmlreader-5.5.14-30 is installed OR php5-xmlrpc-5.5.14-30 is installed OR php5-xmlwriter-5.5.14-30 is installed OR php5-xsl-5.5.14-30 is installed OR php5-zip-5.5.14-30 is installed OR php5-zlib-5.5.14-30 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2 is installed AND python-pycrypto-2.6.1-10.3 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information glibc-2.22-62.13 is installed OR glibc-32bit-2.22-62.13 is installed OR glibc-devel-2.22-62.13 is installed OR glibc-devel-32bit-2.22-62.13 is installed OR glibc-html-2.22-62.13 is installed OR glibc-i18ndata-2.22-62.13 is installed OR glibc-info-2.22-62.13 is installed OR glibc-locale-2.22-62.13 is installed OR glibc-locale-32bit-2.22-62.13 is installed OR glibc-profile-2.22-62.13 is installed OR glibc-profile-32bit-2.22-62.13 is installed OR nscd-2.22-62.13 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1 is installed AND xdg-utils-1.0.2-36.18 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND aaa_base-11-6.65.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND libxml2-2.7.6-0.31.1 is installed OR libxml2-32bit-2.7.6-0.31.1 is installed OR libxml2-doc-2.7.6-0.31.1 is installed OR libxml2-python-2.7.6-0.31.1 is installed OR libxml2-x86-2.7.6-0.31.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND libxml2-2.7.6-0.31.1 is installed OR libxml2-32bit-2.7.6-0.31.1 is installed OR libxml2-doc-2.7.6-0.31.1 is installed OR libxml2-python-2.7.6-0.31.1 is installed OR libxml2-x86-2.7.6-0.31.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND LibVNCServer-0.9.1-154.24 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND apache2-mod_security2-2.7.1-0.2.18.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information MozillaFirefox-31.1.0esr-1 is installed OR MozillaFirefox-translations-31.1.0esr-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information apache2-2.4.16-5 is installed OR apache2-doc-2.4.16-5 is installed OR apache2-example-pages-2.4.16-5 is installed OR apache2-prefork-2.4.16-5 is installed OR apache2-utils-2.4.16-5 is installed OR apache2-worker-2.4.16-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpio-2.11-29 is installed OR cpio-lang-2.11-29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information ghostscript-9.15-11.1 is installed OR ghostscript-x11-9.15-11.1 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND Package Information kgraft-patch-4_4_121-92_98-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_26-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND Package Information kgraft-patch-4_4_143-94_47-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_16-7-2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information finch-2.6.6-0.19.1 is installed OR finch-devel-2.6.6-0.19.1 is installed OR libpurple-2.6.6-0.19.1 is installed OR libpurple-devel-2.6.6-0.19.1 is installed OR libpurple-lang-2.6.6-0.19.1 is installed OR pidgin-2.6.6-0.19.1 is installed OR pidgin-devel-2.6.6-0.19.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information Mesa-devel-9.0.3-0.19.1 is installed OR Mesa-devel-32bit-9.0.3-0.19.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND apache2-mod_fcgid-2.2-31.27.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information libopenssl-devel-1.0.1i-9 is installed OR openssl-1.0.1i-9 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND dbus-1-glib-devel-0.100.2-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND cyrus-sasl-devel-2.1.26-7 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND checkbashisms-2.12.6-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information avahi-compat-howl-devel-0.6.32-30 is installed OR avahi-compat-mDNSResponder-devel-0.6.32-30 is installed OR libavahi-devel-0.6.32-30 is installed OR libhowl0-0.6.32-30 is installed OR python-avahi-0.6.32-30 is installed
BACK