Oval Definition:oval:org.opensuse.security:def:94031
Revision Date:2022-06-02Version:1
Title: (Moderate)
Description:

This update for patch fixes the following issues:

Security issues fixed:

- CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (bsc#1142041). - CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leading to a crash (bsc#1080985).

Bugfixes:

- Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn't apply, leading to a segmentation fault (bsc#1111572). - Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (bsc#1198106).
Family:unixClass:patch
Status:Reference(s):1080985
1111572
1142041
1198106
CVE-2017-12596
CVE-2017-14988
CVE-2017-9110
CVE-2017-9111
CVE-2017-9112
CVE-2017-9113
CVE-2017-9114
CVE-2017-9115
CVE-2017-9116
CVE-2018-18444
CVE-2018-6952
CVE-2019-13636
CVE-2020-11758
CVE-2020-11760
CVE-2020-11761
CVE-2020-11762
CVE-2020-11763
CVE-2020-11764
CVE-2020-11765
Platform(s):Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • libIlmImf-2_2-23-2.2.1-3.14.1 is installed
  • OR libIlmImfUtil-2_2-23-2.2.1-3.14.1 is installed
  • OR openexr-devel-2.2.1-3.14.1 is installed
    • Definition Synopsis
  • Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure is installed
  • AND patch-2.7.6-150000.5.3.1 is installed
    • BACK