Oval Definition:oval:org.opensuse.security:def:63857
Revision Date:2020-12-01Version:1
Title:Security update for curl (Important)
Description:

This update for curl fixes the following issues:

Security issues fixed:

- CVE-2019-3822: Fixed a NTLMv2 type-3 header stack buffer overflow (bsc#1123377). - CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response (bsc#1123378). - CVE-2018-16890: Fixed an out-of-bounds buffer read in NTLM type2 (bsc#1123371). - CVE-2018-16842: Fixed an out-of-bounds read in tool_msgs.c (bsc#1113660). - CVE-2018-16840: Fixed a use-after-free in handle close (bsc#1113029). - CVE-2018-16839: Fixed an SASL password overflow caused by an integer overflow (bsc#1112758).

Family:unixClass:patch
Status:Reference(s):1082007
1082008
1082009
1082010
1082011
1082014
1082058
1087433
1087434
1087436
1087437
1087440
1087441
1096974
1096984
1112530
1112532
1112758
1113029
1113160
1113660
1123371
1123377
1123378
1126117
1126118
1126119
1130028
1130611
1130617
1130620
1130622
1130623
1130627
1133790
1138822
1139924
1142038
1148177
1151782
1153090
1153277
1154940
1154968
1155372
1159723
1159729
1160613
1160614
1163871
1165787
1165921
1167890
1168310
1168930
1170231
1170557
1170824
1171687
1172462
1174157
1175259
1178434
CVE-2017-17742
CVE-2018-1000073
CVE-2018-1000074
CVE-2018-1000075
CVE-2018-1000076
CVE-2018-1000077
CVE-2018-1000078
CVE-2018-1000079
CVE-2018-10360
CVE-2018-16395
CVE-2018-16396
CVE-2018-16839
CVE-2018-16840
CVE-2018-16842
CVE-2018-16890
CVE-2018-6914
CVE-2018-8777
CVE-2018-8778
CVE-2018-8779
CVE-2018-8780
CVE-2019-10072
CVE-2019-10215
CVE-2019-12418
CVE-2019-15043
CVE-2019-16709
CVE-2019-17563
CVE-2019-17639
CVE-2019-3822
CVE-2019-3823
CVE-2019-8320
CVE-2019-8321
CVE-2019-8322
CVE-2019-8323
CVE-2019-8324
CVE-2019-8325
CVE-2019-8905
CVE-2019-8906
CVE-2019-8907
CVE-2019-9232
CVE-2019-9433
CVE-2020-10188
CVE-2020-11022
CVE-2020-11023
CVE-2020-12245
CVE-2020-13379
CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
CVE-2020-5260
openSUSE-SU-2019:1771-1
openSUSE-SU-2019:2317-1
openSUSE-SU-2020:0038-1
openSUSE-SU-2020:1105-1
openSUSE-SU-2020:1888-1
SUSE-SU-2019:0339-1
SUSE-SU-2019:0839-1
SUSE-SU-2020:0459-1
SUSE-SU-2020:0992-1
SUSE-SU-2020:1533-1
SUSE-SU-2020:2461-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libruby2_5-2_5-2.5.5-lp151.4.3 is installed
  • OR ruby-bundled-gems-rpmhelper-0.0.2-lp151.2 is installed
  • OR ruby2.5-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-devel-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-devel-extra-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-doc-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-doc-ri-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-stdlib-2.5.5-lp151.4.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND dracut-saltboot-0.1.1590413773.a959db7-lp152.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • curl-7.60.0-4.3 is installed
  • OR libcurl4-7.60.0-4.3 is installed
  • OR libcurl4-32bit-7.60.0-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-30.72 is installed
    • BACK