Oval Definition:	oval:org.opensuse.security:def:63726
Revision Date: 2020-12-01 Version: 1 Title: Security update for libu2f-host (Moderate) Description: This update for libu2f-host and pam_u2f to version 1.0.8 fixes the following issues: Security issues fixed for libu2f-host: - CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response (bsc#1128140). - CVE-2018-20340: Fixed an unchecked buffer, which could allow a buffer overflow with a custom made malicious USB device (bsc#1124781). Security issues fixed for pam_u2f: - CVE-2019-12209: Fixed an issue where symlinks in the user's directory were followed (bsc#1135729). - CVE-2019-12210: Fixed file descriptor leaks (bsc#1135727). Family: unix Class: patch Status: Reference(s): 1124781 1124937 1128140 1133375 1135727 1135729 1138459 1139937 1141853 1146068 1146211 1146212 1146213 1151781 1151782 1151783 1151784 1151785 1151786 1159105 1159646 1172356 1173376 1173377 1173378 1173380 1174543 1176262 CVE-2018-20340 CVE-2018-20843 CVE-2018-20852 CVE-2019-10160 CVE-2019-12209 CVE-2019-12210 CVE-2019-14980 CVE-2019-15139 CVE-2019-15140 CVE-2019-15141 CVE-2019-16708 CVE-2019-16709 CVE-2019-16710 CVE-2019-16711 CVE-2019-16712 CVE-2019-16713 CVE-2019-17571 CVE-2019-20916 CVE-2019-6212 CVE-2019-6215 CVE-2019-6216 CVE-2019-6217 CVE-2019-6226 CVE-2019-6227 CVE-2019-6229 CVE-2019-6233 CVE-2019-6234 CVE-2019-9578 CVE-2019-9928 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 openSUSE-SU-2019:1777-1 openSUSE-SU-2020:0678-1 openSUSE-SU-2020:1190-1 openSUSE-SU-2020:1613-1 SUSE-SU-2019:0511-1 SUSE-SU-2019:1749-1 SUSE-SU-2019:2091-1 SUSE-SU-2019:2785-1 SUSE-SU-2020:0054-1 SUSE-SU-2020:0102-1 SUSE-SU-2020:1891-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information expat-2.2.5-lp151.3.3 is installed OR libexpat-devel-2.2.5-lp151.3.3 is installed OR libexpat-devel-32bit-2.2.5-lp151.3.3 is installed OR libexpat1-2.2.5-lp151.3.3 is installed OR libexpat1-32bit-2.2.5-lp151.3.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information xen-4.13.1_06-lp152.2.6 is installed OR xen-devel-4.13.1_06-lp152.2.6 is installed OR xen-doc-html-4.13.1_06-lp152.2.6 is installed OR xen-libs-4.13.1_06-lp152.2.6 is installed OR xen-libs-32bit-4.13.1_06-lp152.2.6 is installed OR xen-tools-4.13.1_06-lp152.2.6 is installed OR xen-tools-domU-4.13.1_06-lp152.2.6 is installed OR xen-tools-xendomains-wait-disk-4.13.1_06-lp152.2.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libu2f-host-1.1.6-3.5 is installed OR libu2f-host0-1.1.6-3.5 is installed OR pam_u2f-1.0.8-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information xen-4.11.4_04-2.30 is installed OR xen-doc-html-4.11.4_04-2.30 is installed OR xen-libs-4.11.4_04-2.30 is installed OR xen-libs-32bit-4.11.4_04-2.30 is installed OR xen-tools-4.11.4_04-2.30 is installed OR xen-tools-domU-4.11.4_04-2.30 is installed
BACK