Vulnerability CVE-2018-16877

Vulnerability Name:

CVE-2018-16877 (CCN-159859)

Assigned:

2018-09-11

Published:

2019-04-17

Updated:

2022-10-07

Summary:

A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

8.8 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)
7.7 High (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-287

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2018-16877

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2019:1342

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2019:1400

Source: BID
Type: Broken Link
108042

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:1278

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:1279

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16877

Source: XF
Type: UNKNOWN
pacemaker-cve201816877-priv-esc(159859)

Source: CCN
Type: pacemaker GIT Repository
High: cumulative patchset to fix CVE-2019-3885, CVE-2018-16877, CVE-2018-16878 + additional unmasked null pointer deref #1749

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/ClusterLabs/pacemaker/pull/1749

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210106 [SECURITY] [DLA 2519-1] pacemaker security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2019-e71f6f36ac

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2019-b502250ba4

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2019-e4c8de3fb7

Source: CCN
Type: oss-sec Mailing List, Wed, 17 Apr 2019 15:10:23 +0530
3 pacemaker security flaws

Source: UBUNTU
Type: Third Party Advisory
USN-3952-1

Source: CCN
Type: IBM Security Bulletin 6382912 (MQ)
IBM MQ is affected by multiple vulnerabilities in Pacemaker

Source: CCN
Type: IBM Security Bulletin 6388650 (MQ Appliance)
IBM MQ Appliance is affected by Pacemaker vulnerabilities (CVE-2018-16878, CVE-2018-16877, CVE-2019-3885)

Source: CCN
Type: IBM Security Bulletin 6558082 (WebSphere Cast Iron)
WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript.

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-16877

Vulnerable Configuration:

Configuration 1:

cpe:/a:clusterlabs:pacemaker:*:*:*:*:*:*:*:* (Version <= 2.0.0)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:fedoraproject:fedora:28:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:29:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:30:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:opensuse:leap:42.3:*:*:*:*:*:*:*

OR cpe:/o:opensuse:leap:15.0:*:*:*:*:*:*:*

Configuration 6:

cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 4:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 5:

cpe:/a:redhat:enterprise_linux:8::highavailability:*:*:*:*:*

Configuration RedHat 6:

cpe:/a:redhat:enterprise_linux:8::resilientstorage:*:*:*:*:*

Configuration CCN 1:

cpe:/a:clusterlabs:pacemaker:2.0.1:*:*:*:*:*:*:*

AND

cpe:/a:ibm:websphere_cast_iron:7.5.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect:7.5.2.0:*:*:*:professional:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.0.0:*:*:*:continuous_delivery:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.0.2:*:*:*:continuous_delivery:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.2:*:*:*:continuous_delivery:*:*:*

OR cpe:/a:ibm:mq:9.1.0:*:*:*:continuous_delivery:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.0.3:*:*:*:continuous_delivery:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.3:*:*:*:continuous_delivery:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.4:*:*:*:continuous_delivery:*:*:*

OR cpe:/a:ibm:mq_appliance:9.1.5:*:*:*:continuous_delivery:*:*:*

OR cpe:/a:ibm:mq:9.2.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201816877	V	CVE-2018-16877	2022-09-02
oval:org.opensuse.security:def:6346	P	Security update for libEMF (Moderate) (in QA)	2022-08-29
oval:org.opensuse.security:def:19	P	btrfsmaintenance-0.4.2-1.11 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:6324	P	Security update for libreoffice (Moderate)	2022-04-04
oval:org.opensuse.security:def:112753	P	libpacemaker-devel-2.1.0+20210816.c6a4f6e6c-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:10443	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:7297	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2021-12-15
oval:org.opensuse.security:def:10375	P	Security update for mariadb (Moderate)	2021-12-06
oval:org.opensuse.security:def:4235	P	Security update for wireshark (Moderate)	2021-12-06
oval:org.opensuse.security:def:10367	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:10666	P	Security update for the Linux Kernel (Important)	2021-11-19
oval:org.opensuse.security:def:4162	P	Security update for flatpak (Important)	2021-10-20
oval:org.opensuse.security:def:7275	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP3) (Important)	2021-10-12
oval:org.opensuse.security:def:106225	P	libpacemaker-devel-2.1.0+20210816.c6a4f6e6c-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:6454	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:4149	P	Security update for openexr (Important)	2021-08-20
oval:org.opensuse.security:def:67542	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:13929	P	libmpfr4-3.1.2-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13983	P	mailman-2.1.17-1.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13968	P	libudisks2-0-2.1.3-1.13 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13907	P	libhivex0-1.3.10-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13997	P	pam-modules-12.1-23.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13946	P	libproxy1-0.4.13-16.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14005	P	perl-LWP-Protocol-https-6.04-5.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13975	P	libvte9-0.28.2-19.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:10688	P	Security update for MozillaThunderbird (Important)	2021-07-22
oval:org.opensuse.security:def:4141	P	Security update for caribou (Important)	2021-07-20
oval:org.opensuse.security:def:4204	P	Security update for MozillaFirefox (Important)	2021-07-19
oval:org.opensuse.security:def:6473	P	Security update for the Linux Kernel (Important)	2021-06-28
oval:org.opensuse.security:def:13324	P	java-1_7_0-openjdk-1.7.0.6-33.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11326	P	java-1_7_0-openjdk-plugin-1.5.1-1.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13279	P	cups-filters-1.0.58-2.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13345	P	libXtst6-1.2.2-3.59 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70895	P	ecryptfs-utils-111-2.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13315	P	gv-3.7.4-1.36 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13269	P	bzip2-1.0.6-27.1129 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13254	P	accountsservice-0.6.35-1.126 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13332	P	libMagickCore-6_Q16-1-6.8.8.1-5.21 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13256	P	ant-1.9.4-1.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13323	P	jakarta-commons-fileupload-1.1.1-120.113 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13308	P	gnome-keyring-3.10.1-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13295	P	fetchmail-6.3.26-5.18 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11348	P	libXvMC1-1.0.8-3.57 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13271	P	clamav-0.98.4-1.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13337	P	libXfixes3-32bit-5.0.1-3.53 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13286	P	dhcp-4.2.6-7.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70782	P	Security update for MozillaThunderbird (Moderate)	2021-06-04
oval:org.opensuse.security:def:5043	P	Security update for curl (Moderate)	2021-05-26
oval:org.opensuse.security:def:4383	P	Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP5) (Important)	2021-04-07
oval:org.opensuse.security:def:10675	P	Security update for evolution-data-server (Moderate)	2021-03-24
oval:org.opensuse.security:def:10397	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:6316	P	Security update for ImageMagick (Moderate)	2021-02-25
oval:org.opensuse.security:def:10599	P	Security update for MozillaThunderbird (Important)	2021-01-29
oval:org.opensuse.security:def:5021	P	Security update for openldap2 (Moderate)	2021-01-14
oval:org.opensuse.security:def:4369	P	Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)	2020-12-07
oval:org.opensuse.security:def:13071	P	libspice-server1-0.12.8-12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13246	P	apache2-mod_wsgi-4.4.13-2.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12986	P	libfreetype6-2.6.3-7.15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13098	P	libwsman1-2.4.11-21.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13124	P	openvpn-2.3.8-16.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12994	P	libgssglue1-0.4-3.76 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13024	P	libmpfr4-3.1.2-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13171	P	rtkit-0.11_git201205151338-8.14 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13051	P	libprocps3-3.3.9-11.18.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:89539	P	libpacemaker-devel-2.0.1+20190417.13d370ca9-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13205	P	update-alternatives-1.18.4-14.216 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13109	P	logrotate-3.11.0-2.14.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13013	P	libksba8-1.3.0-23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12978	P	libdjvulibre21-3.5.25.3-5.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13152	P	python-cryptography-1.3.1-7.13.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103194	P	libpacemaker-devel-2.0.1+20190417.13d370ca9-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13029	P	libneon27-0.30.0-3.64 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13180	P	spice-vdagent-0.16.0-8.5.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13062	P	libruby2_1-2_1-2.1.9-18.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13179	P	socat-1.7.2.4-3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:96504	P	libpacemaker-devel-2.0.1+20190417.13d370ca9-1.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13243	P	cpp5-5.3.1+r233831-9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13137	P	perl-Archive-Zip-1.34-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13021	P	libmicrohttpd10-0.9.30-5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13105	P	libykcs11-1-1.5.0-3.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13247	P	libpython3_4m1_0-3.4.1-2.14 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13016	P	libldb1-1.5.4-1.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13160	P	python-requests-2.18.2-8.4.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12805	P	libpacemaker3-1.1.21+20190809.bf34b44fa-1.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13218	P	xlockmore-5.43-5.30 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12948	P	libXdmcp6-1.1.1-12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13090	P	libvirt-5.1.0-11.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4026	P	libpacemaker-devel-1.1.21+20190809.bf34b44fa-1.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13086	P	libupsclient1-2.7.4-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12956	P	libXpm4-3.5.11-5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13145	P	perl-YAML-LibYAML-0.38-10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13143	P	perl-Tk-804.031-5.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13043	P	libpcre1-32bit-8.39-8.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16862	P	libpacemaker-devel-1.1.21+20190809.bf34b44fa-1.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4344	P	Security update for the Linux Kernel (Live Patch 12 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4324	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4379	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:6439	P	Security update for java-1_8_0-openjdk (Important)	2020-12-02
oval:org.opensuse.security:def:4263	P	Security update for the Linux Kernel (Live Patch 2 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4376	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4247	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:18016	P	Security update for dovecot22 (Moderate)	2020-12-01
oval:org.opensuse.security:def:18215	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:18974	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:17894	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:6615	P	gnome-keyring on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17804	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:18213	P	Security update for gdk-pixbuf (Low)	2020-12-01
oval:org.opensuse.security:def:18314	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:18768	P	Security update for pacemaker (Important)	2020-12-01
oval:org.opensuse.security:def:17765	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17980	P	Security update for libquicktime (Moderate)	2020-12-01
oval:org.opensuse.security:def:17860	P	Security update for pcre (Moderate)	2020-12-01
oval:org.opensuse.security:def:64195	P	libpacemaker-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17747	P	Security update for libarchive (Moderate)	2020-12-01
oval:org.opensuse.security:def:18103	P	Security update for libXdmcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:18302	P	Security update for libmicrohttpd (Moderate)	2020-12-01
oval:org.opensuse.security:def:10524	P	libnettle-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18013	P	Security update for firebird (Moderate)	2020-12-01
oval:org.opensuse.security:def:18104	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:17949	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:18913	P	Security update for pacemaker (Important)	2020-12-01
oval:org.opensuse.security:def:17852	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:18742	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:17662	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:18067	P	Security update for libgme (Important)	2020-12-01
oval:org.opensuse.security:def:6606	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10505	P	libid3tag-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17981	P	Recommended update for dbus-1 (Low)	2020-12-01
oval:org.opensuse.security:def:18082	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17892	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:64108	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:6392	P	libjpeg-turbo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18158	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:18249	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17628	P	Security update for mpfr (Moderate)	2020-12-01
oval:org.opensuse.security:def:18036	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:6573	P	cracklib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6637	P	hyper-v on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:19000	P	Security update for pacemaker (Important)	2020-12-01
oval:org.opensuse.security:def:10490	P	libcurl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17871	P	Security update for pcre (Moderate)	2020-12-01
oval:org.opensuse.security:def:18070	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:18887	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:17807	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:18126	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:18227	P	Security update for util-linux (Important)	2020-12-01
oval:org.opensuse.security:def:17620	P	Security update for libwmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:17979	P	Security update for bind (Moderate)	2020-12-01
oval:org.opensuse.security:def:6548	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6624	P	gstreamer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67442	P	Security update for SUSE Manager Proxy 4.1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17835	P	Security update for openslp (Moderate)	2020-12-01
oval:org.opensuse.security:def:18245	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:18336	P	Security update for ghostscript (Moderate)	2020-12-01
oval:org.opensuse.security:def:17773	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:10624	P	ant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:125070	P	Security update for pacemaker (Important)	2019-09-02
oval:org.opensuse.security:def:125957	P	Security update for pacemaker (Important)	2019-09-02
oval:com.redhat.rhsa:def:20191278	P	RHSA-2019:1278: pacemaker security update (Important)	2019-05-27
oval:com.redhat.rhsa:def:20191279	P	RHSA-2019:1279: pacemaker security and bug fix update (Important)	2019-05-27
oval:org.opensuse.security:def:125062	P	Security update for pacemaker (Important)	2019-04-26
oval:org.opensuse.security:def:125870	P	Security update for pacemaker (Important)	2019-04-26
oval:com.ubuntu.xenial:def:2018168770000000	V	CVE-2018-16877 on Ubuntu 16.04 LTS (xenial) - medium.	2019-04-18
oval:com.ubuntu.cosmic:def:201816877000	V	CVE-2018-16877 on Ubuntu 18.10 (cosmic) - medium.	2019-04-18
oval:com.ubuntu.bionic:def:201816877000	V	CVE-2018-16877 on Ubuntu 18.04 LTS (bionic) - medium.	2019-04-18
oval:com.ubuntu.cosmic:def:2018168770000000	V	CVE-2018-16877 on Ubuntu 18.10 (cosmic) - medium.	2019-04-18
oval:com.ubuntu.xenial:def:201816877000	V	CVE-2018-16877 on Ubuntu 16.04 LTS (xenial) - medium.	2019-04-18
oval:com.ubuntu.bionic:def:2018168770000000	V	CVE-2018-16877 on Ubuntu 18.04 LTS (bionic) - medium.	2019-04-18
oval:com.ubuntu.disco:def:2018168770000000	V	CVE-2018-16877 on Ubuntu 19.04 (disco) - medium.	2019-04-18
oval:com.ubuntu.trusty:def:201816877000	V	CVE-2018-16877 on Ubuntu 14.04 LTS (trusty) - medium.	2019-04-18

BACK