Oval Definition:oval:org.opensuse.security:def:64927
Revision Date:2020-12-01Version:1
Title:Security update for permissions (Moderate)
Description:

This update for permissions fixes the following issues:

- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary (bsc#1093414). - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links (bsc#1150734). - Fixed a regression which caused sagmentation fault (bsc#1157198).
Family:unixClass:patch
Status:Reference(s):1065600
1065729
1093414
1150734
1155798
1157198
1165548
1165692
1168468
1168554
1171675
1171688
1172177
1172182
1172184
1172186
1173351
1173389
1174003
1174091
1174098
1175599
1175621
1175718
1175807
1176019
1176381
1176400
1176588
1176907
1176979
1177090
1177109
1177121
1177193
1177194
1177206
1177258
1177271
1177283
1177284
1177285
1177286
1177297
1177384
1177511
1177617
1177681
1177683
1177687
1177694
1177697
1177719
1177724
1177725
1177726
802154
954532
CVE-2019-16770
CVE-2019-20907
CVE-2019-3688
CVE-2019-3690
CVE-2019-5418
CVE-2019-5419
CVE-2019-5420
CVE-2020-11076
CVE-2020-11077
CVE-2020-11996
CVE-2020-12351
CVE-2020-12352
CVE-2020-15169
CVE-2020-24490
CVE-2020-25212
CVE-2020-25641
CVE-2020-25643
CVE-2020-25645
CVE-2020-5247
CVE-2020-5249
CVE-2020-5267
CVE-2020-8164
CVE-2020-8165
CVE-2020-8166
CVE-2020-8167
CVE-2020-8184
CVE-2020-8185
openSUSE-SU-2020:1063-1
openSUSE-SU-2020:1698-1
SUSE-SU-2020:2277-1
Platform(s):openSUSE Leap 15.2
SUSE Linux Enterprise Module for Basesystem 15 SP1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • tomcat-9.0.36-lp152.2.3 is installed
  • OR tomcat-admin-webapps-9.0.36-lp152.2.3 is installed
  • OR tomcat-docs-webapp-9.0.36-lp152.2.3 is installed
  • OR tomcat-el-3_0-api-9.0.36-lp152.2.3 is installed
  • OR tomcat-embed-9.0.36-lp152.2.3 is installed
  • OR tomcat-javadoc-9.0.36-lp152.2.3 is installed
  • OR tomcat-jsp-2_3-api-9.0.36-lp152.2.3 is installed
  • OR tomcat-jsvc-9.0.36-lp152.2.3 is installed
  • OR tomcat-lib-9.0.36-lp152.2.3 is installed
  • OR tomcat-servlet-4_0-api-9.0.36-lp152.2.3 is installed
  • OR tomcat-webapps-9.0.36-lp152.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • permissions-20181116-9.12 is installed
  • OR permissions-zypp-plugin-20181116-9.12 is installed
    • BACK