Oval Definition:oval:org.opensuse.security:def:78440
Revision Date:2016-09-27Version:1
Title:Security update for flex, at, bogofilter, cyrus-imapd, kdelibs4, libQtWebKit4, libbonobo, mdbtools, netpbm, openslp, sgmltool, virtuoso, libqt5-qtwebkit (Moderate)
Description:



Various packages included vulnerable parsers generated by 'flex'.

This update provides a fixed 'flex' package and also rebuilds of packages that might have security issues caused by the auto generated code.

Flex itself was updated to fix a buffer overflow in the generated scanner (bsc#990856, CVE-2016-6354)

Packages that were rebuilt with the fixed flex: - at - bogofilter - cyrus-imapd - kdelibs4 - libQtWebKit4 - libbonobo - mdbtools - netpbm - openslp - sgmltool - virtuoso

Also libqt5-qtwebkit received an additional security fix: - CVE-2015-8079: QtWebKit logs visited URLs to WebpageIcons.db in private browsing mode (bsc#954210).
Family:unixClass:patch
Status:Reference(s):954210
990856
CVE-2015-8079
CVE-2016-6354
SUSE-SU-2016:2397-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • at-3.1.14-7.3 is installed
  • OR bogofilter-1.2.4-5.3 is installed
  • OR libQtWebKit4-4.8.6+2.3.3-3.1 is installed
  • OR libQtWebKit4-32bit-4.8.6+2.3.3-3.1 is installed
  • OR libbonobo-2.32.1-16.1 is installed
  • OR libbonobo-32bit-2.32.1-16.1 is installed
  • OR libbonobo-lang-2.32.1-16.1 is installed
  • OR libkde4-4.12.0-7.3 is installed
  • OR libkde4-32bit-4.12.0-7.3 is installed
  • OR libkdecore4-4.12.0-7.3 is installed
  • OR libkdecore4-32bit-4.12.0-7.3 is installed
  • OR libksuseinstall1-4.12.0-7.3 is installed
  • OR libksuseinstall1-32bit-4.12.0-7.3 is installed
  • OR libnetpbm11-10.66.3-4.1 is installed
  • OR libnetpbm11-32bit-10.66.3-4.1 is installed
  • OR netpbm-10.66.3-4.1 is installed
  • OR openslp-2.0.0-11.1 is installed
  • OR openslp-32bit-2.0.0-11.1 is installed
    • BACK