Oval Definition:oval:org.opensuse.security:def:70267
Revision Date:2021-08-16Version:1
Title:Security update for cpio (Important)
Description:

This update for cpio fixes the following issues:

It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)

UPDATE: This update was buggy and could lead to hangs, so it has been retracted. There will be a follow up update.

Family:unixClass:patch
Status:Reference(s):1172745
1174421
1189206
CVE-2015-3243
CVE-2020-15705
CVE-2021-38185
SUSE-SU-2020:2306-1
SUSE-SU-2021:2689-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • grub2-2.04-9.15 is installed
  • OR grub2-arm64-efi-2.04-9.15 is installed
  • OR grub2-i386-pc-2.04-9.15 is installed
  • OR grub2-powerpc-ieee1275-2.04-9.15 is installed
  • OR grub2-s390x-emu-2.04-9.15 is installed
  • OR grub2-snapper-plugin-2.04-9.15 is installed
  • OR grub2-systemd-sleep-plugin-2.04-9.15 is installed
  • OR grub2-x86_64-efi-2.04-9.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • rsyslog-module-gssapi-8.39.0-2 is installed
  • OR rsyslog-module-gtls-8.39.0-2 is installed
  • OR rsyslog-module-mysql-8.39.0-2 is installed
  • OR rsyslog-module-pgsql-8.39.0-2 is installed
  • OR rsyslog-module-relp-8.39.0-2 is installed
  • OR rsyslog-module-snmp-8.39.0-2 is installed
  • OR rsyslog-module-udpspoof-8.39.0-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • cpio-2.12-3.6.1 is installed
  • OR cpio-lang-2.12-3.6.1 is installed
  • OR cpio-mt-2.12-3.6.1 is installed
    • BACK