Oval Definition:oval:org.opensuse.security:def:94190
Revision Date:2021-10-20Version:1
Title: (Important)
Description:

This update for xstream fixes the following issues:

- Upgrade to 1.4.18 - CVE-2021-39139: Fixed an issue that allowed an attacker to execute arbitrary code execution by manipulating the processed input stream with type information. (bsc#1189798) - CVE-2021-39140: Fixed an issue that allowed an attacker to execute a DoS attack by manipulating the processed input stream. (bsc#1189798) - CVE-2021-39141: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39144: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39145: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39146: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39147: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39148: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39149: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39150: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798) - CVE-2021-39151: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39152: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798) - CVE-2021-39153: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39154: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)
Family:unixClass:patch
Status:Reference(s):1189798
CVE-2014-8105
CVE-2014-8112
CVE-2015-1854
CVE-2015-3230
CVE-2016-4992
CVE-2016-5416
CVE-2017-15134
CVE-2017-15135
CVE-2018-1054
CVE-2018-10850
CVE-2018-10871
CVE-2018-1089
CVE-2018-10935
CVE-2018-14624
CVE-2018-14638
CVE-2018-14648
CVE-2019-14824
CVE-2019-3883
CVE-2021-39139
CVE-2021-39140
CVE-2021-39141
CVE-2021-39144
CVE-2021-39145
CVE-2021-39146
CVE-2021-39147
CVE-2021-39148
CVE-2021-39149
CVE-2021-39150
CVE-2021-39151
CVE-2021-39152
CVE-2021-39153
CVE-2021-39154
Platform(s):Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • 389-ds-1.4.3.9~git0.3eb8617f6-1.2 is installed
  • OR 389-ds-devel-1.4.3.9~git0.3eb8617f6-1.2 is installed
  • OR lib389-1.4.3.9~git0.3eb8617f6-1.2 is installed
  • OR libsvrcore0-1.4.3.9~git0.3eb8617f6-1.2 is installed
    • Definition Synopsis
  • Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 is installed
  • AND xstream-1.4.18-3.14.1 is installed
    • BACK