Oval Definition:oval:org.opensuse.security:def:63670
Revision Date:2020-12-01Version:1
Title:Security update for hostinfo, supportutils (Important)
Description:

This update for hostinfo, supportutils fixes the following issues: Security issues fixed for supportutils:

- CVE-2018-19640: Fixed an issue where users could kill arbitrary processes (bsc#1118463). - CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files (bsc#1118460). - CVE-2018-19639: Fixed a code execution if run with -v (bsc#1118462). - CVE-2018-19637: Fixed an issue where static temporary filename could allow overwriting of files (bsc#1117776). - CVE-2018-19636: Fixed a local root exploit via inclusion of attacker controlled shell script (bsc#1117751).

Other issues fixed for supportutils:

- Fixed invalid exit code commands (bsc#1125666) - SUSE separation in supportconfig (bsc#1125623) - Clarified supportconfig(8) -x option (bsc#1115245) - supportconfig: 3.0.127 - btrfs filesystem usage - List products.d - Dump lsof errors - Added ha commands for corosync - Dumped find errors in ib_info

Issues fixed in hostinfo: - Removed extra kernel install dates (bsc#1099498) - Resolved network bond issue (bsc#1054979)
Family:unixClass:patch
Status:Reference(s):1051510
1054979
1055117
1071995
1082023
1083647
1083710
1099498
1102247
1103991
1103992
1104745
1109837
1111666
1112374
1115245
1117751
1117776
1118460
1118462
1118463
1119222
1121995
1123080
1124159
1124781
1125623
1125666
1127034
1127315
1127341
1127611
1129770
1130972
1132549
1132664
1133021
1134090
1134097
1134390
1134399
1135335
1135642
1136217
1136342
1136460
1136461
1136462
1136467
1136896
1137443
1137458
1137534
1137535
1137584
1137609
1137811
1137827
1138793
1138874
1139358
1139619
1140133
1140139
1140322
1140559
1140652
1140676
1140887
1140888
1140889
1140891
1140893
1140903
1140945
1140948
1140954
1140955
1140956
1140957
1140958
1140959
1140960
1140961
1140962
1140964
1140971
1140972
1140992
1141312
1141401
1141402
1141452
1141453
1141454
1141478
1142023
1142052
1142112
1142115
1142119
1142220
1142221
1142254
1142350
1142351
1142354
1142359
1142450
1142623
1142673
1142701
1142868
1143003
1143045
1143105
1143185
1143189
1143191
1143209
1143507
1150733
1158785
1158787
1158788
1158789
1158790
1158791
1158792
1158793
1158795
1158910
1159740
1168669
1173032
1174628
1175505
CVE-2018-19636
CVE-2018-19637
CVE-2018-19638
CVE-2018-19639
CVE-2018-19640
CVE-2018-20340
CVE-2018-20855
CVE-2019-11234
CVE-2019-11235
CVE-2019-1125
CVE-2019-11810
CVE-2019-12735
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-13631
CVE-2019-13648
CVE-2019-1387
CVE-2019-14283
CVE-2019-14284
CVE-2019-19604
CVE-2019-3689
CVE-2019-7314
CVE-2019-9215
CVE-2020-12402
CVE-2020-14344
CVE-2020-6556
CVE-2020-8016
CVE-2020-8017
openSUSE-SU-2019:1475-1
openSUSE-SU-2020:0542-1
openSUSE-SU-2020:0944-1
openSUSE-SU-2020:0953-1
openSUSE-SU-2020:1260-1
SUSE-SU-2019:1122-1
SUSE-SU-2019:1456-1
SUSE-SU-2019:2070-1
SUSE-SU-2019:2781-1
SUSE-SU-2019:3311-1
SUSE-SU-2020:1581-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libu2f-host-1.1.6-lp151.2.3 is installed
  • OR libu2f-host-devel-1.1.6-lp151.2.3 is installed
  • OR libu2f-host-doc-1.1.6-lp151.2.3 is installed
  • OR libu2f-host0-1.1.6-lp151.2.3 is installed
  • OR u2f-host-1.1.6-lp151.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • libBasicUsageEnvironment1-2019.06.28-lp152.3.3 is installed
  • OR libUsageEnvironment3-2019.06.28-lp152.3.3 is installed
  • OR libgroupsock8-2019.06.28-lp152.3.3 is installed
  • OR libliveMedia66-2019.06.28-lp152.3.3 is installed
  • OR live555-2019.06.28-lp152.3.3 is installed
  • OR live555-devel-2019.06.28-lp152.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • hostinfo-1.0.1-19.5 is installed
  • OR supportutils-3.0-95.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • libX11-1.6.2-12.8 is installed
  • OR libX11-6-1.6.2-12.8 is installed
  • OR libX11-6-32bit-1.6.2-12.8 is installed
  • OR libX11-data-1.6.2-12.8 is installed
  • OR libX11-xcb1-1.6.2-12.8 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.8 is installed
  • OR libxcb-1.10-4.5 is installed
  • OR libxcb-dri2-0-1.10-4.5 is installed
  • OR libxcb-dri2-0-32bit-1.10-4.5 is installed
  • OR libxcb-dri3-0-1.10-4.5 is installed
  • OR libxcb-dri3-0-32bit-1.10-4.5 is installed
  • OR libxcb-glx0-1.10-4.5 is installed
  • OR libxcb-glx0-32bit-1.10-4.5 is installed
  • OR libxcb-present0-1.10-4.5 is installed
  • OR libxcb-present0-32bit-1.10-4.5 is installed
  • OR libxcb-randr0-1.10-4.5 is installed
  • OR libxcb-render0-1.10-4.5 is installed
  • OR libxcb-render0-32bit-1.10-4.5 is installed
  • OR libxcb-shape0-1.10-4.5 is installed
  • OR libxcb-shm0-1.10-4.5 is installed
  • OR libxcb-shm0-32bit-1.10-4.5 is installed
  • OR libxcb-sync1-1.10-4.5 is installed
  • OR libxcb-sync1-32bit-1.10-4.5 is installed
  • OR libxcb-xf86dri0-1.10-4.5 is installed
  • OR libxcb-xfixes0-1.10-4.5 is installed
  • OR libxcb-xfixes0-32bit-1.10-4.5 is installed
  • OR libxcb-xinerama0-1.10-4.5 is installed
  • OR libxcb-xkb1-1.10-4.5 is installed
  • OR libxcb-xkb1-32bit-1.10-4.5 is installed
  • OR libxcb-xv0-1.10-4.5 is installed
  • OR libxcb1-1.10-4.5 is installed
  • OR libxcb1-32bit-1.10-4.5 is installed
    • BACK