Oval Definition:oval:org.opensuse.security:def:65640
Revision Date:2021-06-02Version:1
Title:Security update for xstream (Important)
Description:

This update for xstream fixes the following issues:

- Upgrade to 1.4.16 - CVE-2021-21351: remote attacker to load and execute arbitrary code (bsc#1184796) - CVE-2021-21349: SSRF can lead to a remote attacker to request data from internal resources (bsc#1184797) - CVE-2021-21350: arbitrary code execution (bsc#1184380) - CVE-2021-21348: remote attacker could cause denial of service by consuming maximum CPU time (bsc#1184374) - CVE-2021-21347: remote attacker to load and execute arbitrary code from a remote host (bsc#1184378) - CVE-2021-21344: remote attacker could load and execute arbitrary code from a remote host (bsc#1184375) - CVE-2021-21342: server-side forgery (bsc#1184379) - CVE-2021-21341: remote attacker could cause a denial of service by allocating 100% CPU time (bsc#1184377) - CVE-2021-21346: remote attacker could load and execute arbitrary code (bsc#1184373) - CVE-2021-21345: remote attacker with sufficient rights could execute commands (bsc#1184372) - CVE-2021-21343: replace or inject objects, that result in the deletion of files on the local host (bsc#1184376)
Family:unixClass:patch
Status:Reference(s):1062631
1131644
1131868
1131870
1131871
1131872
1131874
1133640
1144443
1146025
1150934
1156920
1157627
1165849
1166933
1167331
1172053
1172189
1172795
1172796
1184372
1184373
1184374
1184375
1184376
1184377
1184378
1184379
1184380
1184796
1184797
930077
930078
930079
CVE-2015-4141
CVE-2015-4142
CVE-2015-4143
CVE-2015-8041
CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13086
CVE-2017-13087
CVE-2017-13088
CVE-2018-14526
CVE-2019-11555
CVE-2019-13377
CVE-2019-16275
CVE-2019-9494
CVE-2019-9495
CVE-2019-9497
CVE-2019-9498
CVE-2019-9499
CVE-2020-12802
CVE-2020-12803
CVE-2021-21341
CVE-2021-21342
CVE-2021-21343
CVE-2021-21344
CVE-2021-21345
CVE-2021-21346
CVE-2021-21347
CVE-2021-21348
CVE-2021-21349
CVE-2021-21350
CVE-2021-21351
SUSE-SU-2021:1840-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Development Tools 15 SP3
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libreoffice-6.4.5.2-8.22 is installed
  • OR libreoffice-gdb-pretty-printers-6.4.5.2-8.22 is installed
  • OR libreoffice-glade-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-am-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-ast-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-be-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-bn_IN-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-bo-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-brx-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-bs-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-ca_valencia-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-dgo-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-en_GB-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-en_ZA-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-fy-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-gd-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-gug-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-hsb-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-id-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-is-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-ka-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-kab-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-km-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-kmr_Latn-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-kok-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-ks-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-lb-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-lo-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-mk-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-mn-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-mni-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-my-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-ne-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-oc-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-om-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-rw-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-sa_IN-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-sat-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-sd-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-sid-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-sq-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-sw_TZ-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-tg-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-tt-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-ug-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-uz-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-vec-6.4.5.2-8.22 is installed
  • OR libreoffice-l10n-vi-6.4.5.2-8.22 is installed
  • OR libreoffice-sdk-6.4.5.2-8.22 is installed
  • OR libreoffice-sdk-doc-6.4.5.2-8.22 is installed
  • OR libreofficekit-devel-6.4.5.2-8.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP3 is installed
  • AND xstream-1.4.16-3.8.1 is installed
    • BACK