Oval Definition:oval:org.opensuse.security:def:66881
Revision Date:2021-08-05Version:1
Title:Security update for apache-commons-compress (Important)
Description:

This update for apache-commons-compress fixes the following issues:

- Updated to 1.21 - CVE-2021-35515: Fixed an infinite loop when reading a specially crafted 7Z archive. (bsc#1188463) - CVE-2021-35516: Fixed an excessive memory allocation when reading a specially crafted 7Z archive. (bsc#1188464) - CVE-2021-35517: Fixed an excessive memory allocation when reading a specially crafted TAR archive. (bsc#1188465) - CVE-2021-36090: Fixed an excessive memory allocation when reading a specially crafted ZIP archive. (bsc#1188466)
Family:unixClass:patch
Status:Reference(s):1188463
1188464
1188465
1188466
CVE-2017-16899
CVE-2017-6414
CVE-2018-16140
CVE-2021-35515
CVE-2021-35516
CVE-2021-35517
CVE-2021-36090
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • libcacard-devel-2.5.3-1 is installed
  • OR libcacard0-2.5.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND transfig-3.2.6a-4.6 is installed
    • BACK