Oval Definition:	oval:org.opensuse.security:def:6465
Revision Date: 2021-03-08 Version: 1 Title: Security update for openldap2 (Important) Description: This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. Family: unix Class: patch Status: Reference(s): 1182279 1182408 1182411 1182412 1182413 1182415 1182416 1182417 1182418 1182419 1182420 CVE-2009-2625 CVE-2009-3560 CVE-2009-3720 CVE-2009-4029 CVE-2011-0461 CVE-2011-3848 CVE-2011-3872 CVE-2012-0786 CVE-2012-0876 CVE-2012-1147 CVE-2012-1148 CVE-2012-2396 CVE-2012-2738 CVE-2012-3864 CVE-2012-3865 CVE-2012-3866 CVE-2012-3867 CVE-2012-6702 CVE-2013-1985 CVE-2013-1988 CVE-2013-3567 CVE-2013-4761 CVE-2013-4956 CVE-2013-6393 CVE-2014-0467 CVE-2014-1829 CVE-2014-1830 CVE-2014-2525 CVE-2014-3158 CVE-2014-3248 CVE-2014-3253 CVE-2014-3675 CVE-2014-3676 CVE-2014-3677 CVE-2014-8119 CVE-2014-9116 CVE-2014-9130 CVE-2015-1283 CVE-2015-2296 CVE-2016-0718 CVE-2016-5300 CVE-2016-9063 CVE-2017-10689 CVE-2017-2295 CVE-2017-7555 CVE-2017-9233 CVE-2018-11212 CVE-2018-20843 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2814 CVE-2018-2825 CVE-2018-2826 CVE-2018-2940 CVE-2018-2952 CVE-2018-2972 CVE-2018-2973 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3150 CVE-2018-3157 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2019-15903 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2745 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2818 CVE-2019-2821 CVE-2019-7317 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2021-27212 SUSE-SU-2021:0723-1 Platform(s): openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree openSUSE Leap 42.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise for SAP 12 SP2 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy 15 SP2 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 12 SP2 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information kde4-kgreeter-plugins-4.3.5-0.12.20.1 is installed OR kdebase4-wallpapers-4.3.5-0.11.20.1 is installed OR kdebase4-workspace-4.3.5-0.12.20.1 is installed OR kdebase4-workspace-ksysguardd-4.3.5-0.12.20.1 is installed OR kdm-4.3.5-0.12.20.1 is installed OR kwin-4.3.5-0.12.20.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-38.5.0esr-28.2 is installed OR MozillaFirefox-translations-38.5.0esr-28.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND perl-YAML-LibYAML-0.38-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libsndfile-1.0.25-25 is installed OR libsndfile1-1.0.25-25 is installed OR libsndfile1-32bit-1.0.25-25 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND mutt-1.6.0-54 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libtag1-1.9.1-1 is installed OR libtag1-32bit-1.9.1-1 is installed OR libtag_c0-1.9.1-1 is installed OR libtag_c0-32bit-1.9.1-1 is installed OR taglib-1.9.1-1 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information kernel-default-3.12.74-60.64.93 is installed OR kernel-default-base-3.12.74-60.64.93 is installed OR kernel-default-devel-3.12.74-60.64.93 is installed OR kernel-devel-3.12.74-60.64.93 is installed OR kernel-macros-3.12.74-60.64.93 is installed OR kernel-source-3.12.74-60.64.93 is installed OR kernel-syms-3.12.74-60.64.93 is installed OR kernel-xen-3.12.74-60.64.93 is installed OR kernel-xen-base-3.12.74-60.64.93 is installed OR kernel-xen-devel-3.12.74-60.64.93 is installed OR kgraft-patch-3_12_74-60_64_93-default-1-2.5 is installed OR kgraft-patch-3_12_74-60_64_93-xen-1-2.5 is installed OR kgraft-patch-SLE12-SP1_Update_28-1-2.5 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 SP2 is installed AND Package Information compat-openssl098-0.9.8j-105 is installed OR libopenssl0_9_8-0.9.8j-105 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND python-requests-2.11.1-6.28 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.13 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.13 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy 15 SP2 is installed AND Package Information openldap2-2.4.46-9.48.1 is installed OR openldap2-back-meta-2.4.46-9.48.1 is installed OR openldap2-back-perl-2.4.46-9.48.1 is installed OR openldap2-ppolicy-check-password-1.2-9.48.1 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_138-94_39-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_14-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information python2-salt-2018.3.0-46.28 is installed OR salt-2018.3.0-46.28 is installed OR salt-api-2018.3.0-46.28 is installed OR salt-bash-completion-2018.3.0-46.28 is installed OR salt-cloud-2018.3.0-46.28 is installed OR salt-doc-2018.3.0-46.28 is installed OR salt-master-2018.3.0-46.28 is installed OR salt-minion-2018.3.0-46.28 is installed OR salt-proxy-2018.3.0-46.28 is installed OR salt-ssh-2018.3.0-46.28 is installed OR salt-syndic-2018.3.0-46.28 is installed OR salt-zsh-completion-2018.3.0-46.28 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND docker-1.6.2-31 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-openssl098-0.9.8j-73 is installed OR libopenssl0_9_8-0.9.8j-73 is installed OR libopenssl0_9_8-32bit-0.9.8j-73 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.39-47 is installed OR kernel-ec2-devel-3.12.39-47 is installed OR kernel-ec2-extra-3.12.39-47 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-33 is installed OR php5-5.5.14-33 is installed OR php5-bcmath-5.5.14-33 is installed OR php5-bz2-5.5.14-33 is installed OR php5-calendar-5.5.14-33 is installed OR php5-ctype-5.5.14-33 is installed OR php5-curl-5.5.14-33 is installed OR php5-dba-5.5.14-33 is installed OR php5-dom-5.5.14-33 is installed OR php5-enchant-5.5.14-33 is installed OR php5-exif-5.5.14-33 is installed OR php5-fastcgi-5.5.14-33 is installed OR php5-fileinfo-5.5.14-33 is installed OR php5-fpm-5.5.14-33 is installed OR php5-ftp-5.5.14-33 is installed OR php5-gd-5.5.14-33 is installed OR php5-gettext-5.5.14-33 is installed OR php5-gmp-5.5.14-33 is installed OR php5-iconv-5.5.14-33 is installed OR php5-intl-5.5.14-33 is installed OR php5-json-5.5.14-33 is installed OR php5-ldap-5.5.14-33 is installed OR php5-mbstring-5.5.14-33 is installed OR php5-mcrypt-5.5.14-33 is installed OR php5-mysql-5.5.14-33 is installed OR php5-odbc-5.5.14-33 is installed OR php5-opcache-5.5.14-33 is installed OR php5-openssl-5.5.14-33 is installed OR php5-pcntl-5.5.14-33 is installed OR php5-pdo-5.5.14-33 is installed OR php5-pear-5.5.14-33 is installed OR php5-pgsql-5.5.14-33 is installed OR php5-posix-5.5.14-33 is installed OR php5-pspell-5.5.14-33 is installed OR php5-shmop-5.5.14-33 is installed OR php5-snmp-5.5.14-33 is installed OR php5-soap-5.5.14-33 is installed OR php5-sockets-5.5.14-33 is installed OR php5-sqlite-5.5.14-33 is installed OR php5-suhosin-5.5.14-33 is installed OR php5-sysvmsg-5.5.14-33 is installed OR php5-sysvsem-5.5.14-33 is installed OR php5-sysvshm-5.5.14-33 is installed OR php5-tokenizer-5.5.14-33 is installed OR php5-wddx-5.5.14-33 is installed OR php5-xmlreader-5.5.14-33 is installed OR php5-xmlrpc-5.5.14-33 is installed OR php5-xmlwriter-5.5.14-33 is installed OR php5-xsl-5.5.14-33 is installed OR php5-zip-5.5.14-33 is installed OR php5-zlib-5.5.14-33 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2 is installed AND Package Information salt-2016.11.4-46.7 is installed OR salt-minion-2016.11.4-46.7 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND syslog-ng-2.0.9-27.32.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.28.2 is installed OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information bzip2-1.0.6-27 is installed OR bzip2-doc-1.0.6-27 is installed OR libbz2-1-1.0.6-27 is installed OR libbz2-1-32bit-1.0.6-27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information augeas-1.2.0-3 is installed OR augeas-lenses-1.2.0-3 is installed OR libaugeas0-1.2.0-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information bzip2-1.0.6-29 is installed OR bzip2-doc-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_perl-2.0.8-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_49-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_49-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_14-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information MozillaFirefox-45.5.0esr-88 is installed OR MozillaFirefox-translations-45.5.0esr-88 is installed OR libfreebl3-3.21.3-50 is installed OR libfreebl3-hmac-3.21.3-50 is installed OR libsoftokn3-3.21.3-50 is installed OR libsoftokn3-hmac-3.21.3-50 is installed OR mozilla-nss-3.21.3-50 is installed OR mozilla-nss-certs-3.21.3-50 is installed OR mozilla-nss-sysinit-3.21.3-50 is installed OR mozilla-nss-tools-3.21.3-50 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information php53-devel-5.3.8-0.43.1 is installed OR php53-imap-5.3.8-0.43.1 is installed OR php53-posix-5.3.8-0.43.1 is installed OR php53-readline-5.3.8-0.43.1 is installed OR php53-sockets-5.3.8-0.43.1 is installed OR php53-sqlite-5.3.8-0.43.1 is installed OR php53-tidy-5.3.8-0.43.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information curl-7.19.7-1.46.1 is installed OR libcurl-devel-7.19.7-1.46.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND LibVNCServer-devel-0.9.1-154.24 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information dbus-1-1.8.16-14 is installed OR dbus-1-devel-1.8.16-14 is installed OR dbus-1-devel-doc-1.8.16-14 is installed OR dbus-1-x11-1.8.16-14 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND cups-devel-1.7.5-9 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND LibVNCServer-devel-0.9.9-16 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information FastCGI-2.4.0-168 is installed OR FastCGI-devel-2.4.0-168 is installed OR perl-FastCGI-2.4.0-168 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information avahi-compat-howl-devel-0.6.32-30 is installed OR avahi-compat-mDNSResponder-devel-0.6.32-30 is installed OR libavahi-devel-0.6.32-30 is installed OR libhowl0-0.6.32-30 is installed OR python-avahi-0.6.32-30 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information libmysqlclient_r18-10.0.28-17.2 is installed OR libmysqlclient_r18-32bit-10.0.28-17.2 is installed OR mariadb-10.0.28-17.2 is installed
BACK