Oval Definition:oval:org.opensuse.security:def:69513
Revision Date:2021-08-16Version:1
Title:Security update for cpio (Important)
Description:

This update for cpio fixes the following issues:

It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)

UPDATE: This update was buggy and could lead to hangs, so it has been retracted. There will be a follow up update.

Family:unixClass:patch
Status:Reference(s):1149126
1149429
1151186
1152778
1153879
1154738
1163026
1189206
CVE-2019-11757
CVE-2019-11758
CVE-2019-11759
CVE-2019-11760
CVE-2019-11761
CVE-2019-11762
CVE-2019-11763
CVE-2019-11764
CVE-2019-15903
CVE-2020-5208
CVE-2021-38185
SUSE-SU-2019:2912-1
SUSE-SU-2020:0405-1
SUSE-SU-2021:2689-1
Platform(s):SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Workstation Extension 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • ipmitool-1.8.18-7.3 is installed
  • OR ipmitool-bmc-snmp-proxy-1.8.18-7.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • cpio-2.12-3.6.1 is installed
  • OR cpio-lang-2.12-3.6.1 is installed
  • OR cpio-mt-2.12-3.6.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-68.2.1-3.58 is installed
  • OR MozillaThunderbird-translations-common-68.2.1-3.58 is installed
  • OR MozillaThunderbird-translations-other-68.2.1-3.58 is installed
    • BACK