Oval Definition:	oval:org.opensuse.security:def:64721
Revision Date: 2021-06-23 Version: 1 Title: Security update for cryptctl (Important) Description: This update for cryptctl fixes the following issues: Update to version 2.4: - CVE-2019-18906: Client side password hashing was equivalent to clear text password storage (bsc#1186226) - First step to use plain text password instead of hashed password. - Move repository into the SUSE github organization - in RPC server, if client comes from localhost, remember its ipv4 localhost address instead of ipv6 address - tell a record to clear expired pending commands upon saving a command result; introduce pending commands RPC test case - avoid hard coding 127.0.0.1 in host ID of alive message test; let system administrator mount and unmount disks by issuing these two commands on key server. Family: unix Class: patch Status: Reference(s): 1132091 1143436 1166751 1168630 1168669 1171655 1172491 1173029 1173032 1173063 1173107 1173187 1173188 1173251 1173254 1173292 1186226 CVE-2010-1674 CVE-2010-1675 CVE-2013-2236 CVE-2016-1245 CVE-2016-2342 CVE-2016-4049 CVE-2017-16227 CVE-2017-5495 CVE-2018-5378 CVE-2018-5379 CVE-2018-5380 CVE-2018-5381 CVE-2019-11023 CVE-2019-18906 CVE-2019-3881 CVE-2020-0556 CVE-2020-12402 CVE-2020-13696 CVE-2020-13790 CVE-2020-6505 CVE-2020-6506 CVE-2020-6507 CVE-2020-6509 CVE-2020-6819 CVE-2020-6820 openSUSE-SU-2020:0461-1 openSUSE-SU-2020:0784-1 openSUSE-SU-2020:0861-1 openSUSE-SU-2020:0872-1 openSUSE-SU-2020:0893-1 openSUSE-SU-2020:0953-1 openSUSE-SU-2020:1458-1 SUSE-SU-2019:1267-2 SUSE-SU-2021:2136-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information MozillaFirefox-68.6.1-lp151.2.39 is installed OR MozillaFirefox-branding-upstream-68.6.1-lp151.2.39 is installed OR MozillaFirefox-buildsymbols-68.6.1-lp151.2.39 is installed OR MozillaFirefox-devel-68.6.1-lp151.2.39 is installed OR MozillaFirefox-translations-common-68.6.1-lp151.2.39 is installed OR MozillaFirefox-translations-other-68.6.1-lp151.2.39 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information libjpeg-turbo-1.5.3-lp152.8.3 is installed OR libjpeg62-62.2.0-lp152.8.3 is installed OR libjpeg62-32bit-62.2.0-lp152.8.3 is installed OR libjpeg62-devel-62.2.0-lp152.8.3 is installed OR libjpeg62-devel-32bit-62.2.0-lp152.8.3 is installed OR libjpeg62-turbo-1.5.3-lp152.8.3 is installed OR libjpeg8-8.1.2-lp152.8.3 is installed OR libjpeg8-32bit-8.1.2-lp152.8.3 is installed OR libjpeg8-devel-8.1.2-lp152.8.3 is installed OR libjpeg8-devel-32bit-8.1.2-lp152.8.3 is installed OR libturbojpeg0-8.1.2-lp152.8.3 is installed OR libturbojpeg0-32bit-8.1.2-lp152.8.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND cryptctl-2.4-4.5.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information graphviz-2.40.1-6.3 is installed OR graphviz-devel-2.40.1-6.3 is installed OR graphviz-plugins-core-2.40.1-6.3 is installed OR libgraphviz6-2.40.1-6.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information libfpm_pb0-1.1.1-2 is installed OR libospf0-1.1.1-2 is installed OR libospfapiclient0-1.1.1-2 is installed OR libquagga_pb0-1.1.1-2 is installed OR libzebra1-1.1.1-2 is installed OR quagga-1.1.1-2 is installed OR quagga-devel-1.1.1-2 is installed
BACK