Oval Definition:	oval:org.opensuse.security:def:64555
Revision Date: 2021-08-17 Version: 1 Title: Security update for c-ares (Important) Description: This update for c-ares fixes the following issues: Version update to git snapshot 1.17.1+20200724: - CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers (bsc#1188881) - If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause crash - Crash in sortaddrinfo() if the list size equals 0 due to an unexpected DNS response - Expand number of escaped characters in DNS replies as per RFC1035 5.1 to prevent spoofing - Use unbuffered /dev/urandom for random data to prevent early startup performance issues Family: unix Class: patch Status: Reference(s): 1040973 1068873 1088424 1097599 1097600 1109175 1109176 1109299 1115364 1117513 1142684 1158880 1160903 1160905 1163484 1163588 1164828 1167816 1170940 1172760 1173674 1174457 1175155 1188881 CVE-2017-1000126 CVE-2017-10686 CVE-2017-11111 CVE-2017-14228 CVE-2017-17810 CVE-2017-17811 CVE-2017-17812 CVE-2017-17813 CVE-2017-17814 CVE-2017-17815 CVE-2017-17816 CVE-2017-17817 CVE-2017-17818 CVE-2017-17819 CVE-2017-17820 CVE-2017-9239 CVE-2018-12264 CVE-2018-12265 CVE-2018-17229 CVE-2018-17230 CVE-2018-17282 CVE-2018-19108 CVE-2018-19607 CVE-2018-7728 CVE-2018-7729 CVE-2018-7730 CVE-2018-7731 CVE-2018-9305 CVE-2019-13114 CVE-2019-18902 CVE-2020-15503 CVE-2020-15917 CVE-2020-17489 CVE-2020-1983 CVE-2020-6407 CVE-2020-6418 CVE-2020-7216 CVE-2021-3672 openSUSE-SU-2020:0165-1 openSUSE-SU-2020:0259-1 openSUSE-SU-2020:0482-1 openSUSE-SU-2020:0756-1 openSUSE-SU-2020:1128-1 openSUSE-SU-2020:1139-1 openSUSE-SU-2020:1861-1 SUSE-SU-2021:2760-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information wicked-0.6.60-lp151.2.6 is installed OR wicked-service-0.6.60-lp151.2.6 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information libraw-0.18.9-lp152.5.3 is installed OR libraw-devel-0.18.9-lp152.5.3 is installed OR libraw-devel-static-0.18.9-lp152.5.3 is installed OR libraw-tools-0.18.9-lp152.5.3 is installed OR libraw16-0.18.9-lp152.5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information c-ares-devel-1.17.1+20200724-3.14.1 is installed OR libcares2-1.17.1+20200724-3.14.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libexempi-devel-2.4.5-1 is installed OR libexempi3-2.4.5-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND nasm-2.13.02-1 is installed
BACK