Oval Definition:oval:org.opensuse.security:def:70453
Revision Date:2021-08-16Version:1
Title:Security update for cpio (Important)
Description:

This update for cpio fixes the following issues:

It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)

UPDATE: This update was buggy and could lead to hangs, so it has been retracted. There will be a follow up update.

Family:unixClass:patch
Status:Reference(s):1172175
1172176
1172402
1189206
CVE-2020-11076
CVE-2020-11077
CVE-2020-12405
CVE-2020-12406
CVE-2020-12410
CVE-2021-38185
SUSE-SU-2020:1556-1
SUSE-SU-2021:2689-1
Platform(s):SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • MozillaFirefox-68.9.0-3.91 is installed
  • OR MozillaFirefox-devel-68.9.0-3.91 is installed
  • OR MozillaFirefox-translations-common-68.9.0-3.91 is installed
  • OR MozillaFirefox-translations-other-68.9.0-3.91 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • ruby2.5-rubygem-puma-doc-4.3.5-3.3 is installed
  • OR rubygem-puma-4.3.5-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • cpio-2.12-3.6.1 is installed
  • OR cpio-lang-2.12-3.6.1 is installed
  • OR cpio-mt-2.12-3.6.1 is installed
    • BACK