Oval Definition:	oval:org.opensuse.security:def:66789
Revision Date: 2021-01-20 Version: 1 Title: Security update for xstream (Important) Description: This update for xstream fixes the following issues: xstream was updated to version 1.4.15. - CVE-2020-26217: Fixed a remote code execution due to insecure XML deserialization when relying on blocklists (bsc#1180994). - CVE-2020-26258: Fixed a server-side request forgery vulnerability (bsc#1180146). - CVE-2020-26259: Fixed an arbitrary file deletion vulnerability (bsc#1180145). Family: unix Class: patch Status: Reference(s): 1180145 1180146 1180994 CVE-2011-2766 CVE-2017-6414 CVE-2020-26217 CVE-2020-26258 CVE-2020-26259 Platform(s): SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP2 Product(s): Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND Package Information FastCGI-2.4.0-2 is installed OR FastCGI-devel-2.4.0-2 is installed OR libfcgi0-2.4.0-2 is installed OR perl-FastCGI-2.4.0-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information libcacard-devel-2.5.3-1 is installed OR libcacard0-2.5.3-1 is installed
BACK