Oval Definition:oval:org.opensuse.security:def:66954
Revision Date:2021-10-20Version:1
Title:Security update for xstream (Important)
Description:

This update for xstream fixes the following issues:

- Upgrade to 1.4.18 - CVE-2021-39139: Fixed an issue that allowed an attacker to execute arbitrary code execution by manipulating the processed input stream with type information. (bsc#1189798) - CVE-2021-39140: Fixed an issue that allowed an attacker to execute a DoS attack by manipulating the processed input stream. (bsc#1189798) - CVE-2021-39141: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39144: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39145: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39146: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39147: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39148: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39149: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39150: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798) - CVE-2021-39151: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39152: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798) - CVE-2021-39153: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39154: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
Family:unixClass:patch
Status:Reference(s):1100369
1109160
1118367
1118368
1128220
1156205
1157051
1161168
1170667
1170713
1171313
1171740
1172958
1173307
1173311
1173983
1175443
1176092
1176674
1189798
906079
CVE-2013-6487
CVE-2014-3775
CVE-2017-3136
CVE-2018-5741
CVE-2019-6477
CVE-2020-8616
CVE-2020-8617
CVE-2020-8618
CVE-2020-8619
CVE-2020-8620
CVE-2020-8621
CVE-2020-8622
CVE-2020-8623
CVE-2020-8624
CVE-2021-39139
CVE-2021-39140
CVE-2021-39141
CVE-2021-39144
CVE-2021-39145
CVE-2021-39146
CVE-2021-39147
CVE-2021-39148
CVE-2021-39149
CVE-2021-39150
CVE-2021-39151
CVE-2021-39152
CVE-2021-39153
CVE-2021-39154
SUSE-SU-2020:2914-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • bind-9.16.6-12.32 is installed
  • OR bind-devel-9.16.6-12.32 is installed
  • OR bind-utils-9.16.6-12.32 is installed
  • OR libbind9-1600-9.16.6-12.32 is installed
  • OR libdns1605-9.16.6-12.32 is installed
  • OR libirs-devel-9.16.6-12.32 is installed
  • OR libirs1601-9.16.6-12.32 is installed
  • OR libisc1606-9.16.6-12.32 is installed
  • OR libisccc1600-9.16.6-12.32 is installed
  • OR libisccfg1600-9.16.6-12.32 is installed
  • OR libns1604-9.16.6-12.32 is installed
  • OR python3-bind-9.16.6-12.32 is installed
  • OR sysuser-shadow-2.0-4.2 is installed
  • OR sysuser-tools-2.0-4.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • libgadu-devel-1.12.2-1 is installed
  • OR libgadu3-1.12.2-1 is installed
    • BACK