OVAL Reference oval:org.opensuse.security:def:70467

Oval Definition:

oval:org.opensuse.security:def:70467

Revision Date:	2021-08-20	Version:	1
Title:	Security update for spice-vdagent (Moderate)
Description:	This update for spice-vdagent fixes the following issues: - CVE-2020-25650: memory DoS via arbitrary entries in `active_xfers` hash table (bsc#1177780) - CVE-2020-25651: possible file transfer DoS and information leak via `active_xfers` hash map (bsc#1177781) - CVE-2020-25652: possibility to exhaust file descriptors in `vdagentd` (bsc#1177782) - CVE-2020-25653: UNIX domain socket peer PID retrieved via `SO_PEERCRED` is subject to race condition (bsc#1177783)
Family:	unix	Class:	patch
Status:		Reference(s):	1115645 1154817 1172491 1173202 1177780 1177781 1177782 1177783 CVE-2020-13790 CVE-2020-1967 CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 SUSE-SU-2020:2569-1 SUSE-SU-2021:2803-1
Platform(s):	SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP1	Product(s):
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed AND Package Information libjpeg-turbo-1.5.3-5.15 is installed OR libjpeg8-32bit-8.1.2-5.15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information cargo-doc-1.43.1-12 is installed OR rust-1.43.1-12 is installed OR rust-doc-1.43.1-12 is installed OR rust-gdb-1.43.1-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed AND spice-vdagent-0.17.0-4.3.1 is installed

BACK