Oval Definition:	oval:org.opensuse.security:def:64692
Revision Date: 2021-05-25 Version: 1 Title: Security update for libu2f-host (Moderate) Description: This update for libu2f-host fixes the following issues: This update ships the u2f-host package (jsc#ECO-3687 bsc#1184648) Version 1.1.10 (released 2019-05-15) * - Add new devices to udev rules. - Fix a potentially uninitialized buffer (CVE-2019-9578, bsc#1128140) Version 1.1.9 (released 2019-03-06) - Fix CID copying from the init response, which broke compatibility with some devices. Version 1.1.8 (released 2019-03-05) - Add udev rules - Drop 70-old-u2f.rules and use 70-u2f.rules for everything - Use a random nonce for setting up CID to prevent fingerprinting - CVE-2019-9578: Parse the response to init in a more stable way to prevent leakage of uninitialized stack memory back to the device (bsc#1128140). Version 1.1.7 (released 2019-01-08) - Fix for trusting length from device in device init. - Fix for buffer overflow when receiving data from device. (YSA-2019-01, CVE-2018-20340, bsc#1124781) - Add udev rules for some new devices. - Add udev rule for Feitian ePass FIDO - Add a timeout to the register and authenticate actions. Family: unix Class: patch Status: Reference(s): 1124781 1128140 1159928 1161517 1161521 1162198 1164692 1164825 1164860 1167209 1171999 1172760 1174091 1175155 1184648 CVE-2013-4314 CVE-2013-7447 CVE-2018-20340 CVE-2019-11048 CVE-2019-17569 CVE-2019-19956 CVE-2019-20388 CVE-2019-20907 CVE-2019-9578 CVE-2020-10648 CVE-2020-17489 CVE-2020-1935 CVE-2020-1938 CVE-2020-7595 CVE-2020-8432 openSUSE-SU-2020:0345-1 openSUSE-SU-2020:0681-1 openSUSE-SU-2020:0847-1 openSUSE-SU-2020:1265-1 openSUSE-SU-2020:1861-1 openSUSE-SU-2020:1869-1 SUSE-SU-2021:1755-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information tomcat-9.0.31-lp151.3.12 is installed OR tomcat-admin-webapps-9.0.31-lp151.3.12 is installed OR tomcat-docs-webapp-9.0.31-lp151.3.12 is installed OR tomcat-el-3_0-api-9.0.31-lp151.3.12 is installed OR tomcat-embed-9.0.31-lp151.3.12 is installed OR tomcat-javadoc-9.0.31-lp151.3.12 is installed OR tomcat-jsp-2_3-api-9.0.31-lp151.3.12 is installed OR tomcat-jsvc-9.0.31-lp151.3.12 is installed OR tomcat-lib-9.0.31-lp151.3.12 is installed OR tomcat-servlet-4_0-api-9.0.31-lp151.3.12 is installed OR tomcat-webapps-9.0.31-lp151.3.12 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information libpython3_6m1_0-3.6.10-lp152.4.6 is installed OR libpython3_6m1_0-32bit-3.6.10-lp152.4.6 is installed OR python3-3.6.10-lp152.4.6 is installed OR python3-32bit-3.6.10-lp152.4.6 is installed OR python3-base-3.6.10-lp152.4.6 is installed OR python3-base-32bit-3.6.10-lp152.4.6 is installed OR python3-curses-3.6.10-lp152.4.6 is installed OR python3-dbm-3.6.10-lp152.4.6 is installed OR python3-devel-3.6.10-lp152.4.6 is installed OR python3-doc-3.6.10-lp152.4.6 is installed OR python3-idle-3.6.10-lp152.4.6 is installed OR python3-testsuite-3.6.10-lp152.4.6 is installed OR python3-tk-3.6.10-lp152.4.6 is installed OR python3-tools-3.6.10-lp152.4.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND Package Information libu2f-host-devel-1.1.10-3.9.1 is installed OR libu2f-host0-1.1.10-3.9.1 is installed OR u2f-host-1.1.10-3.9.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND python2-pyOpenSSL-17.5.0-3.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information gnome-photos-3.26.3-4.3 is installed OR gnome-photos-lang-3.26.3-4.3 is installed OR gnome-shell-search-provider-gnome-photos-3.26.3-4.3 is installed
BACK