Oval Definition:oval:org.opensuse.security:def:6317
Revision Date:2021-03-01Version:1
Title:Security update for gnome-autoar (Moderate)
Description:

This update for gnome-autoar fixes the following issues:

- CVE-2020-36241: Skip problematic files that might be extracted outside of the destination dir to prevent potential directory traversal (bsc#1181930).
Family:unixClass:patch
Status:Reference(s):1181930
CVE-2009-0793
CVE-2009-5044
CVE-2009-5080
CVE-2009-5081
CVE-2010-2522
CVE-2010-2523
CVE-2010-4651
CVE-2011-4182
CVE-2013-0334
CVE-2013-4276
CVE-2013-4509
CVE-2014-1829
CVE-2014-1830
CVE-2014-4607
CVE-2014-8964
CVE-2015-0848
CVE-2015-1196
CVE-2015-1395
CVE-2015-1396
CVE-2015-2296
CVE-2015-2325
CVE-2015-2327
CVE-2015-2328
CVE-2015-3210
CVE-2015-3217
CVE-2015-4588
CVE-2015-4695
CVE-2015-4696
CVE-2015-5073
CVE-2015-7555
CVE-2015-8079
CVE-2015-8380
CVE-2016-10713
CVE-2016-1283
CVE-2016-2347
CVE-2016-3191
CVE-2016-3977
CVE-2017-16611
CVE-2018-1000156
CVE-2018-6951
CVE-2020-36241
SUSE-SU-2021:0664-1
Platform(s):openSUSE 13.1
openSUSE 13.1 NonFree
openSUSE 13.2
openSUSE 13.2 NonFree
openSUSE Leap 42.1
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Build System Kit 12 SP3
SUSE Linux Enterprise Build System Kit 12 SP4
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Desktop 12 SP5
SUSE Linux Enterprise for SAP 12 SP1
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Live Patching 12 SP3
SUSE Linux Enterprise Module for Advanced Systems Management 12
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for High Performance Computing 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Point of Sale 12 SP2
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP5
SUSE OpenStack Cloud 6
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP3 is installed
  • AND kernel-zfcpdump-4.4.140-94.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP4 is installed
  • AND Package Information
  • libudev-mini-devel-228-150.53 is installed
  • OR libudev-mini1-228-150.53 is installed
  • OR systemd-mini-228-150.53 is installed
  • OR systemd-mini-devel-228-150.53 is installed
  • OR udev-mini-228-150.53 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libtiff3-3.8.2-141.154.1 is installed
  • OR libtiff3-32bit-3.8.2-141.154.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-24.5.0esr-0.8.1 is installed
  • OR MozillaFirefox-branding-SLED-24-0.7.36 is installed
  • OR MozillaFirefox-translations-24.5.0esr-0.8.1 is installed
  • OR libfreebl3-3.16-0.8.1 is installed
  • OR libfreebl3-32bit-3.16-0.8.1 is installed
  • OR libsoftokn3-3.16-0.8.1 is installed
  • OR libsoftokn3-32bit-3.16-0.8.1 is installed
  • OR mozilla-nspr-4.10.4-0.3.1 is installed
  • OR mozilla-nspr-32bit-4.10.4-0.3.1 is installed
  • OR mozilla-nss-3.16-0.8.1 is installed
  • OR mozilla-nss-32bit-3.16-0.8.1 is installed
  • OR mozilla-nss-tools-3.16-0.8.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.71-6 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.71-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • MozillaFirefox-38.5.0esr-54 is installed
  • OR MozillaFirefox-translations-38.5.0esr-54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND groff-1.22.2-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • ibus-chewing-1.4.14-4 is installed
  • OR ibus-pinyin-1.5.0-11 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP5 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • OR SUSE Linux Enterprise Workstation Extension 12 SP5 is installed
  • AND Package Information
  • libgnome-autoar-0-0-0.2.2-3.5.1 is installed
  • OR libgnome-autoar-gtk-0-0-0.2.2-3.5.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 SP1 is installed
  • AND dnsmasq-2.78-18.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND python-requests-2.8.1-6.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND libpcreposix0-8.39-8.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND apache2-mod_perl-2.0.8-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_35-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_12-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP3 is installed
  • AND Package Information
  • kgraft-patch-4_4_92-6_18-default-1-4 is installed
  • OR kgraft-patch-SLE12-SP3_Update_4-1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed
  • AND Package Information
  • puppet-3.8.5-15.3 is installed
  • OR puppet-server-3.8.5-15.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND docker-1.8.3-49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 12 is installed
  • AND Package Information
  • libslurm29-16.05.8.1-5 is installed
  • OR perl-slurm-16.05.8.1-5 is installed
  • OR slurm-16.05.8.1-5 is installed
  • OR slurm-auth-none-16.05.8.1-5 is installed
  • OR slurm-devel-16.05.8.1-5 is installed
  • OR slurm-doc-16.05.8.1-5 is installed
  • OR slurm-lua-16.05.8.1-5 is installed
  • OR slurm-munge-16.05.8.1-5 is installed
  • OR slurm-pam_slurm-16.05.8.1-5 is installed
  • OR slurm-plugins-16.05.8.1-5 is installed
  • OR slurm-sched-wiki-16.05.8.1-5 is installed
  • OR slurm-slurmdbd-16.05.8.1-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • compat-openssl098-0.9.8j-73 is installed
  • OR libopenssl0_9_8-0.9.8j-73 is installed
  • OR libopenssl0_9_8-32bit-0.9.8j-73 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND Package Information
  • kernel-ec2-3.12.74-60.64.51 is installed
  • OR kernel-ec2-devel-3.12.74-60.64.51 is installed
  • OR kernel-ec2-extra-3.12.74-60.64.51 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php5-5.5.14-11 is installed
  • OR php5-5.5.14-11 is installed
  • OR php5-bcmath-5.5.14-11 is installed
  • OR php5-bz2-5.5.14-11 is installed
  • OR php5-calendar-5.5.14-11 is installed
  • OR php5-ctype-5.5.14-11 is installed
  • OR php5-curl-5.5.14-11 is installed
  • OR php5-dba-5.5.14-11 is installed
  • OR php5-dom-5.5.14-11 is installed
  • OR php5-enchant-5.5.14-11 is installed
  • OR php5-exif-5.5.14-11 is installed
  • OR php5-fastcgi-5.5.14-11 is installed
  • OR php5-fileinfo-5.5.14-11 is installed
  • OR php5-fpm-5.5.14-11 is installed
  • OR php5-ftp-5.5.14-11 is installed
  • OR php5-gd-5.5.14-11 is installed
  • OR php5-gettext-5.5.14-11 is installed
  • OR php5-gmp-5.5.14-11 is installed
  • OR php5-iconv-5.5.14-11 is installed
  • OR php5-intl-5.5.14-11 is installed
  • OR php5-json-5.5.14-11 is installed
  • OR php5-ldap-5.5.14-11 is installed
  • OR php5-mbstring-5.5.14-11 is installed
  • OR php5-mcrypt-5.5.14-11 is installed
  • OR php5-mysql-5.5.14-11 is installed
  • OR php5-odbc-5.5.14-11 is installed
  • OR php5-openssl-5.5.14-11 is installed
  • OR php5-pcntl-5.5.14-11 is installed
  • OR php5-pdo-5.5.14-11 is installed
  • OR php5-pear-5.5.14-11 is installed
  • OR php5-pgsql-5.5.14-11 is installed
  • OR php5-pspell-5.5.14-11 is installed
  • OR php5-shmop-5.5.14-11 is installed
  • OR php5-snmp-5.5.14-11 is installed
  • OR php5-soap-5.5.14-11 is installed
  • OR php5-sockets-5.5.14-11 is installed
  • OR php5-sqlite-5.5.14-11 is installed
  • OR php5-suhosin-5.5.14-11 is installed
  • OR php5-sysvmsg-5.5.14-11 is installed
  • OR php5-sysvsem-5.5.14-11 is installed
  • OR php5-sysvshm-5.5.14-11 is installed
  • OR php5-tokenizer-5.5.14-11 is installed
  • OR php5-wddx-5.5.14-11 is installed
  • OR php5-xmlreader-5.5.14-11 is installed
  • OR php5-xmlrpc-5.5.14-11 is installed
  • OR php5-xmlwriter-5.5.14-11 is installed
  • OR php5-xsl-5.5.14-11 is installed
  • OR php5-zip-5.5.14-11 is installed
  • OR php5-zlib-5.5.14-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Point of Sale 12 SP2 is installed
  • AND Package Information
  • salt-2016.11.4-46.7 is installed
  • OR salt-minion-2016.11.4-46.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND coolkey-1.1.0-22.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-17.0.4esr-0.10.42 is installed
  • OR MozillaFirefox-translations-17.0.4esr-0.10.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • AND Package Information
  • ntp-4.2.8p8-47.3 is installed
  • OR ntp-doc-4.2.8p8-47.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND aaa_base-11-6.105.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • accountsservice-0.6.35-1 is installed
  • OR accountsservice-lang-0.6.35-1 is installed
  • OR libaccountsservice0-0.6.35-1 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.35-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND apache2-mod_perl-2.0.8-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • file-5.19-9 is installed
  • OR file-magic-5.19-9 is installed
  • OR libmagic1-5.19-9 is installed
  • OR libmagic1-32bit-5.19-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • at-3.1.14-7 is installed
  • OR flex-2.5.37-8 is installed
  • OR flex-32bit-2.5.37-8 is installed
  • OR libQtWebKit4-4.8.6+2.3.3-3 is installed
  • OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed
  • OR libbonobo-2.32.1-16 is installed
  • OR libbonobo-32bit-2.32.1-16 is installed
  • OR libbonobo-doc-2.32.1-16 is installed
  • OR libbonobo-lang-2.32.1-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • augeas-1.2.0-17.3 is installed
  • OR augeas-lenses-1.2.0-17.3 is installed
  • OR libaugeas0-1.2.0-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr3.50-28.2 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr3.50-28.2 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr3.50-28.2 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr3.50-28.2 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr3.50-28.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • jasper-1.900.14-181 is installed
  • OR libjasper1-1.900.14-181 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND Package Information
  • ntp-4.2.8p13-85 is installed
  • OR ntp-doc-4.2.8p13-85 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP2 is installed
  • AND cups-devel-1.3.9-8.46.48.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-31.8.0esr-0.13.2 is installed
  • OR MozillaFirefox-devel-31.8.0esr-0.13.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND MozillaFirefox-devel-31.7.0esr-0.8.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND Package Information
  • gnutls-3.2.15-4 is installed
  • OR libgnutls-devel-3.2.15-4 is installed
  • OR libgnutls-openssl-devel-3.2.15-4 is installed
  • OR libgnutlsxx-devel-3.2.15-4 is installed
  • OR libgnutlsxx28-3.2.15-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-8 is installed
  • OR ImageMagick-devel-6.8.8.1-8 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-8 is installed
  • OR libMagick++-devel-6.8.8.1-8 is installed
  • OR perl-PerlMagick-6.8.8.1-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND alsa-devel-1.0.27.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND gdm-devel-3.10.0.1-52 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND Package Information
  • DirectFB-devel-1.7.1-6 is installed
  • OR lib++dfb-devel-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 is installed
  • AND Package Information
  • kernel-default-3.12.39-47.1 is installed
  • OR kernel-default-extra-3.12.39-47.1 is installed
    • BACK