Oval Definition:oval:org.opensuse.security:def:74738
Revision Date:2021-10-20Version:1
Title:Security update for xstream (Important)
Description:

This update for xstream fixes the following issues:

- Upgrade to 1.4.18 - CVE-2021-39139: Fixed an issue that allowed an attacker to execute arbitrary code execution by manipulating the processed input stream with type information. (bsc#1189798) - CVE-2021-39140: Fixed an issue that allowed an attacker to execute a DoS attack by manipulating the processed input stream. (bsc#1189798) - CVE-2021-39141: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39144: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39145: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39146: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39147: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39148: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39149: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39150: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798) - CVE-2021-39151: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39152: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798) - CVE-2021-39153: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39154: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
Family:unixClass:patch
Status:Reference(s):1163889
1171572
1171579
1189798
CVE-2020-8154
CVE-2020-8155
CVE-2020-8955
CVE-2021-39139
CVE-2021-39140
CVE-2021-39141
CVE-2021-39144
CVE-2021-39145
CVE-2021-39146
CVE-2021-39147
CVE-2021-39148
CVE-2021-39149
CVE-2021-39150
CVE-2021-39151
CVE-2021-39152
CVE-2021-39153
CVE-2021-39154
openSUSE-SU-2020:0248-1
openSUSE-SU-2020:0670-1
SUSE-SU-2021:3476-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Development Tools 15 SP3
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • weechat-2.1-lp151.3.3 is installed
  • OR weechat-aspell-2.1-lp151.3.3 is installed
  • OR weechat-devel-2.1-lp151.3.3 is installed
  • OR weechat-guile-2.1-lp151.3.3 is installed
  • OR weechat-lang-2.1-lp151.3.3 is installed
  • OR weechat-lua-2.1-lp151.3.3 is installed
  • OR weechat-perl-2.1-lp151.3.3 is installed
  • OR weechat-python-2.1-lp151.3.3 is installed
  • OR weechat-ruby-2.1-lp151.3.3 is installed
  • OR weechat-tcl-2.1-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP3 is installed
  • AND xstream-1.4.18-3.14.1 is installed
    • BACK