Oval Definition:	oval:org.opensuse.security:def:64743
Revision Date: 2021-08-17 Version: 1 Title: Security update for c-ares (Important) Description: This update for c-ares fixes the following issues: Version update to git snapshot 1.17.1+20200724: - CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers (bsc#1188881) - If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause crash - Crash in sortaddrinfo() if the list size equals 0 due to an unexpected DNS response - Expand number of escaped characters in DNS replies as per RFC1035 5.1 to prevent spoofing - Use unbuffered /dev/urandom for random data to prevent early startup performance issues Family: unix Class: patch Status: Reference(s): 1103678 1137001 1146608 1151585 1169428 1169729 1173477 1173576 1174148 1174150 1174152 1188881 CVE-2011-3200 CVE-2013-4758 CVE-2013-6370 CVE-2013-6371 CVE-2014-3634 CVE-2014-3683 CVE-2015-3243 CVE-2017-18922 CVE-2019-12450 CVE-2019-14973 CVE-2019-16680 CVE-2020-11736 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-13845 CVE-2020-13846 CVE-2020-13847 CVE-2020-6457 CVE-2021-3672 openSUSE-SU-2020:0541-1 openSUSE-SU-2020:0825-1 openSUSE-SU-2020:0978-1 openSUSE-SU-2020:0982-1 openSUSE-SU-2020:1011-1 openSUSE-SU-2020:1561-1 SUSE-SU-2019:1594-1 SUSE-SU-2021:2760-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-81.0.4044.113-lp151.2.80 is installed OR chromium-81.0.4044.113-lp151.2.80 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND singularity-3.6.0-lp152.2.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND Package Information c-ares-devel-1.17.1+20200724-3.14.1 is installed OR libcares2-1.17.1+20200724-3.14.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information glib2-2.54.3-4.15 is installed OR glib2-devel-2.54.3-4.15 is installed OR glib2-lang-2.54.3-4.15 is installed OR glib2-tools-2.54.3-4.15 is installed OR libgio-2_0-0-2.54.3-4.15 is installed OR libgio-2_0-0-32bit-2.54.3-4.15 is installed OR libglib-2_0-0-2.54.3-4.15 is installed OR libglib-2_0-0-32bit-2.54.3-4.15 is installed OR libgmodule-2_0-0-2.54.3-4.15 is installed OR libgmodule-2_0-0-32bit-2.54.3-4.15 is installed OR libgobject-2_0-0-2.54.3-4.15 is installed OR libgobject-2_0-0-32bit-2.54.3-4.15 is installed OR libgthread-2_0-0-2.54.3-4.15 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information rsyslog-module-gssapi-8.33.1-3.9 is installed OR rsyslog-module-gtls-8.33.1-3.9 is installed OR rsyslog-module-mysql-8.33.1-3.9 is installed OR rsyslog-module-pgsql-8.33.1-3.9 is installed OR rsyslog-module-relp-8.33.1-3.9 is installed OR rsyslog-module-snmp-8.33.1-3.9 is installed OR rsyslog-module-udpspoof-8.33.1-3.9 is installed
BACK