Vulnerabilities > CVE-2018-7685 - Improper Verification of Cryptographic Signature vulnerability in Opensuse Libzypp
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Padding Oracle Crypto Attack An attacker is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an attacker is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an attacker is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key. Any cryptosystem can be vulnerable to padding oracle attacks if the encrypted messages are not authenticated to ensure their validity prior to decryption, and then the information about padding error is leaked to the attacker. This attack technique may be used, for instance, to break CAPTCHA systems or decrypt/modify state information stored in client side objects (e.g., hidden fields or cookies). This attack technique is a side-channel attack on the cryptosystem that uses a data leak from an improperly implemented decryption routine to completely subvert the cryptosystem. The one bit of information that tells the attacker whether a padding error during decryption has occurred, in whatever form it comes, is sufficient for the attacker to break the cryptosystem. That bit of information can come in a form of an explicit error message about a padding error, a returned blank page, or even the server taking longer to respond (a timing attack). This attack can be launched cross domain where an attacker is able to use cross-domain information leaks to get the bits of information from the padding oracle from a target system / service with which the victim is communicating. To do so an attacker sends a request containing ciphertext to the target system. Due to the browser's same origin policy, the attacker is not able to see the response directly, but can use cross-domain information leak techniques to still get the information needed (i.e., information on whether or not a padding error has occurred). For instance, this can be done using "img" tag plus the onerror()/onload() events. The attacker's JavaScript can make web browsers to load an image on the target site, and know if the image is loaded or not. This is 1-bit information needed for the padding oracle attack to work: if the image is loaded, then it is valid padding, otherwise it is not.
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2716-1.NASL description This update for libzypp, zypper provides the following fixes : Update libzypp to version 16.17.20 Security issues fixed : PackageProvider: Validate delta rpms before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) PackageProvider: Validate downloaded rpm package signatures before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) Other bugs fixed: lsof: use last seen 2020-06-01 modified 2020-06-02 plugin id 117528 published 2018-09-17 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117528 title SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2018:2716-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:2716-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(117528); script_version("1.3"); script_cvs_date("Date: 2019/09/10 13:51:49"); script_cve_id("CVE-2017-9269", "CVE-2018-7685"); script_name(english:"SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2018:2716-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for libzypp, zypper provides the following fixes : Update libzypp to version 16.17.20 Security issues fixed : PackageProvider: Validate delta rpms before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) PackageProvider: Validate downloaded rpm package signatures before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) Other bugs fixed: lsof: use '-K i' if lsof supports it (bsc#1099847, bsc#1036304) Handle http error 502 Bad Gateway in curl backend (bsc#1070851) RepoManager: Explicitly request repo2solv to generate application pseudo packages. libzypp-devel should not require cmake (bsc#1101349) HardLocksFile: Prevent against empty commit without Target having been been loaded (bsc#1096803) Avoid zombie tar processes (bsc#1076192) Update to zypper to version 1.13.45 Security issue fixed: Improve signature check callback messages (bsc#1045735, CVE-2017-9269) add/modify repo: Add options to tune the GPG check settings (bsc#1045735, CVE-2017-9269) Other bugs fixed: XML <install-summary> attribute `packages-to-change` added (bsc#1102429) </install-summary> man: Strengthen that `--config FILE' affects zypper.conf, not zypp.conf (bsc#1100028) Prevent nested calls to exit() if aborted by a signal (bsc#1092413) ansi.h: Prevent ESC sequence strings from going out of scope (bsc#1092413) Fix: zypper bash completion expands non-existing options (bsc#1049825) do not recommend cron (bsc#1079334) Improve signature check callback messages (bsc#1045735) add/modify repo: Add options to tune the GPG check settings (bsc#1045735) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1036304" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1045735" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1049825" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1070851" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1076192" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1079334" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1088705" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1091624" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1092413" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1096803" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1099847" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1100028" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1101349" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1102429" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-9269/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-7685/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20182716-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?f2be265a" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE OpenStack Cloud 7:zypper in -t patch SUSE-OpenStack-Cloud-7-2018-1905=1 SUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-1905=1 SUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-1905=1 SUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2018-1905=1 OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1905=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libzypp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libzypp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libzypp-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:zypper"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:zypper-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:zypper-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/01"); script_set_attribute(attribute:"patch_publication_date", value:"2018/09/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/17"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"2", reference:"libzypp-16.17.20-27.52.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libzypp-debuginfo-16.17.20-27.52.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libzypp-debugsource-16.17.20-27.52.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"zypper-1.13.45-18.33.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"zypper-debuginfo-1.13.45-18.33.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"zypper-debugsource-1.13.45-18.33.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libzypp / zypper"); }NASL family Fedora Local Security Checks NASL id FEDORA_2018-EC9BC84FDA.NASL description Update to `libzypp-16.17.20` and `zypper-1.13.45` to resolve CVE-2018-7685. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-09-17 plugin id 117510 published 2018-09-17 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117510 title Fedora 27 : libzypp / zypper (2018-ec9bc84fda) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2018-ec9bc84fda. # include("compat.inc"); if (description) { script_id(117510); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2018-7685"); script_xref(name:"FEDORA", value:"2018-ec9bc84fda"); script_name(english:"Fedora 27 : libzypp / zypper (2018-ec9bc84fda)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Update to `libzypp-16.17.20` and `zypper-1.13.45` to resolve CVE-2018-7685. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-ec9bc84fda" ); script_set_attribute( attribute:"solution", value:"Update the affected libzypp and / or zypper packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libzypp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:zypper"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:27"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/31"); script_set_attribute(attribute:"patch_publication_date", value:"2018/09/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/17"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^27([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 27", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC27", reference:"libzypp-16.17.20-1.fc27")) flag++; if (rpm_check(release:"FC27", reference:"zypper-1.13.45-1.fc27")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libzypp / zypper"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-685.NASL description This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : - CVE-2018-7685: PackageProvider: Validate RPMs before caching (bsc#1091624, bsc#1088705) - CVE-2017-9269: Be sure bad packages do not stay in the cache (bsc#1045735) Changes in libzypp : - Update to version 17.6.4 - Automatically fetch repository signing key from gpgkey url (bsc#1088037) - lsof: use last seen 2020-06-01 modified 2020-06-02 plugin id 123296 published 2019-03-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123296 title openSUSE Security Update : libzypp / zypper (openSUSE-2019-685) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-685. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(123296); script_version("1.2"); script_cvs_date("Date: 2020/01/30"); script_cve_id("CVE-2017-9269", "CVE-2018-7685"); script_name(english:"openSUSE Security Update : libzypp / zypper (openSUSE-2019-685)"); script_summary(english:"Check for the openSUSE-2019-685 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : - CVE-2018-7685: PackageProvider: Validate RPMs before caching (bsc#1091624, bsc#1088705) - CVE-2017-9269: Be sure bad packages do not stay in the cache (bsc#1045735) Changes in libzypp : - Update to version 17.6.4 - Automatically fetch repository signing key from gpgkey url (bsc#1088037) - lsof: use '-K i' if lsof supports it (bsc#1099847,bsc#1036304) - Check for not imported keys after multi key import from rpmdb (bsc#1096217) - Flags: make it std=c++14 ready - Ignore /var, /tmp and /proc in zypper ps. (bsc#1096617) - Show GPGME version in log - Adapt to changes in libgpgme11-11.1.0 breaking the signature verification (bsc#1100427) - RepoInfo::provideKey: add report telling where we look for missing keys. - Support listing gpgkey URLs in repo files (bsc#1088037) - Add new report to request user approval for importing a package key - Handle http error 502 Bad Gateway in curl backend (bsc#1070851) - Add filesize check for downloads with known size (bsc#408814) - Removed superfluous space in translation (bsc#1102019) - Prevent the system from sleeping during a commit - RepoManager: Explicitly request repo2solv to generate application pseudo packages. - libzypp-devel should not require cmake (bsc#1101349) - Avoid zombies from ExternalProgram - Update ApiConfig - HardLocksFile: Prevent against empty commit without Target having been been loaded (bsc#1096803) - lsof: use '-K i' if lsof supports it (bsc#1099847) - Add filesize check for downloads with known size (bsc#408814) - Fix detection of metalink downloads and prevent aborting if a metalink file is larger than the expected data file. - Require libsolv-devel >= 0.6.35 during build (fixing bsc#1100095) - Make use of %license macro (bsc#1082318) Security fix in zypper : - CVE-2017-9269: Improve signature check callback messages (bsc#1045735) Changes in zypper : - Always set error status if any nr of unknown repositories are passed to lr and ref (bsc#1093103) - Notify user about unsupported rpm V3 keys in an old rpm database (bsc#1096217) - Detect read only filesystem on system modifying operations (fixes #199) - Use %license (bsc#1082318) - Handle repo aliases containing multiple ':' in the PackageArgs parser (bsc #1041178) - Fix broken display of detailed query results. - Fix broken search for items with a dash. (bsc#907538, bsc#1043166, bsc#1070770) - Disable repository operations when searching installed packages. (bsc#1084525) - Prevent nested calls to exit() if aborted by a signal. (bsc#1092413) - ansi.h: Prevent ESC sequence strings from going out of scope. (bsc#1092413) - Fix some translation errors. - Support listing gpgkey URLs in repo files (bsc#1088037) - Check for root privileges in zypper verify and si (bsc#1058515) - XML <install-summary> attribute `packages-to-change` added (bsc#1102429) - Add expert (allow-*) options to all installer commands (bsc#428822) - Sort search results by multiple columns (bsc#1066215) - man: Strengthen that `--config FILE' affects zypper.conf, not zypp.conf (bsc#1100028) - Set error status if repositories passed to lr and ref are not known (bsc#1093103) - Do not override table style in search - Fix out of bound read in MbsIterator - Add --supplements switch to search and info - Add setter functions for zypp cache related config values to ZConfig Changes in libsolv : - convert repo2solv.sh script into a binary tool - Make use of %license macro (bsc#1082318) This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1036304" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1041178" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1043166" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1045735" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1058515" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1066215" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1070770" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1070851" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1082318" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1084525" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1088037" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1088705" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1091624" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1092413" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1093103" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096217" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096617" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096803" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1099847" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1100028" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1100095" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1100427" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1101349" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1102019" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1102429" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=408814" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=428822" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=907538" ); script_set_attribute( attribute:"solution", value:"Update the affected libzypp / zypper packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-demo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-solv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-solv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-solv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ruby-solv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ruby-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-aptitude"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-log"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/01"); script_set_attribute(attribute:"patch_publication_date", value:"2019/03/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-debugsource-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-demo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-demo-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-devel-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-devel-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-tools-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-tools-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libzypp-17.6.4-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libzypp-debuginfo-17.6.4-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libzypp-debugsource-17.6.4-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libzypp-devel-17.6.4-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-solv-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-solv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python-solv-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python-solv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python3-solv-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python3-solv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"ruby-solv-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"ruby-solv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-1.14.10-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-aptitude-1.14.10-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-debuginfo-1.14.10-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-debugsource-1.14.10-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-log-1.14.10-lp150.2.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsolv-debuginfo / libsolv-debugsource / libsolv-demo / etc"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-1017.NASL description This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : - CVE-2018-7685: PackageProvider: Validate RPMs before caching (bsc#1091624, bsc#1088705) - CVE-2017-9269: Be sure bad packages do not stay in the cache (bsc#1045735) Changes in libzypp : - Update to version 17.6.4 - Automatically fetch repository signing key from gpgkey url (bsc#1088037) - lsof: use last seen 2020-06-05 modified 2018-09-17 plugin id 117524 published 2018-09-17 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117524 title openSUSE Security Update : libzypp / zypper (openSUSE-2018-1017) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2018-1017. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(117524); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-9269", "CVE-2018-7685"); script_name(english:"openSUSE Security Update : libzypp / zypper (openSUSE-2018-1017)"); script_summary(english:"Check for the openSUSE-2018-1017 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : - CVE-2018-7685: PackageProvider: Validate RPMs before caching (bsc#1091624, bsc#1088705) - CVE-2017-9269: Be sure bad packages do not stay in the cache (bsc#1045735) Changes in libzypp : - Update to version 17.6.4 - Automatically fetch repository signing key from gpgkey url (bsc#1088037) - lsof: use '-K i' if lsof supports it (bsc#1099847,bsc#1036304) - Check for not imported keys after multi key import from rpmdb (bsc#1096217) - Flags: make it std=c++14 ready - Ignore /var, /tmp and /proc in zypper ps. (bsc#1096617) - Show GPGME version in log - Adapt to changes in libgpgme11-11.1.0 breaking the signature verification (bsc#1100427) - RepoInfo::provideKey: add report telling where we look for missing keys. - Support listing gpgkey URLs in repo files (bsc#1088037) - Add new report to request user approval for importing a package key - Handle http error 502 Bad Gateway in curl backend (bsc#1070851) - Add filesize check for downloads with known size (bsc#408814) - Removed superfluous space in translation (bsc#1102019) - Prevent the system from sleeping during a commit - RepoManager: Explicitly request repo2solv to generate application pseudo packages. - libzypp-devel should not require cmake (bsc#1101349) - Avoid zombies from ExternalProgram - Update ApiConfig - HardLocksFile: Prevent against empty commit without Target having been been loaded (bsc#1096803) - lsof: use '-K i' if lsof supports it (bsc#1099847) - Add filesize check for downloads with known size (bsc#408814) - Fix detection of metalink downloads and prevent aborting if a metalink file is larger than the expected data file. - Require libsolv-devel >= 0.6.35 during build (fixing bsc#1100095) - Make use of %license macro (bsc#1082318) Security fix in zypper : - CVE-2017-9269: Improve signature check callback messages (bsc#1045735) Changes in zypper : - Always set error status if any nr of unknown repositories are passed to lr and ref (bsc#1093103) - Notify user about unsupported rpm V3 keys in an old rpm database (bsc#1096217) - Detect read only filesystem on system modifying operations (fixes #199) - Use %license (bsc#1082318) - Handle repo aliases containing multiple ':' in the PackageArgs parser (bsc #1041178) - Fix broken display of detailed query results. - Fix broken search for items with a dash. (bsc#907538, bsc#1043166, bsc#1070770) - Disable repository operations when searching installed packages. (bsc#1084525) - Prevent nested calls to exit() if aborted by a signal. (bsc#1092413) - ansi.h: Prevent ESC sequence strings from going out of scope. (bsc#1092413) - Fix some translation errors. - Support listing gpgkey URLs in repo files (bsc#1088037) - Check for root privileges in zypper verify and si (bsc#1058515) - XML <install-summary> attribute `packages-to-change` added (bsc#1102429) - Add expert (allow-*) options to all installer commands (bsc#428822) - Sort search results by multiple columns (bsc#1066215) - man: Strengthen that `--config FILE' affects zypper.conf, not zypp.conf (bsc#1100028) - Set error status if repositories passed to lr and ref are not known (bsc#1093103) - Do not override table style in search - Fix out of bound read in MbsIterator - Add --supplements switch to search and info - Add setter functions for zypp cache related config values to ZConfig Changes in libsolv : - convert repo2solv.sh script into a binary tool - Make use of %license macro (bsc#1082318) This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1036304" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1041178" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1043166" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1045735" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1058515" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1066215" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1070770" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1070851" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1082318" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1084525" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1088037" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1088705" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1091624" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1092413" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1093103" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096217" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096617" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096803" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1099847" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1100028" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1100095" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1100427" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1101349" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1102019" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1102429" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=408814" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=428822" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=907538" ); script_set_attribute( attribute:"solution", value:"Update the affected libzypp / zypper packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-demo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsolv-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-solv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-solv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-solv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ruby-solv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ruby-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-aptitude"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-log"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"patch_publication_date", value:"2018/09/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-debugsource-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-demo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-demo-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-devel-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-devel-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-tools-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsolv-tools-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libzypp-17.6.4-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libzypp-debuginfo-17.6.4-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libzypp-debugsource-17.6.4-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libzypp-devel-17.6.4-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-solv-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"perl-solv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python-solv-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python-solv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python3-solv-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python3-solv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"ruby-solv-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"ruby-solv-debuginfo-0.6.35-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-1.14.10-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-aptitude-1.14.10-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-debuginfo-1.14.10-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-debugsource-1.14.10-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"zypper-log-1.14.10-lp150.2.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libsolv-debuginfo / libsolv-debugsource / libsolv-demo / etc"); }NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-1054.NASL description This update for libzypp, zypper fixes the following issues : Update libzypp to version 16.17.20 : Security issues fixed : - PackageProvider: Validate delta rpms before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) - PackageProvider: Validate downloaded rpm package signatures before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) Other bugs fixed : - lsof: use last seen 2020-06-05 modified 2018-09-27 plugin id 117796 published 2018-09-27 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117796 title openSUSE Security Update : libzypp / zypper (openSUSE-2018-1054) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2018-1054. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(117796); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2018-7685"); script_name(english:"openSUSE Security Update : libzypp / zypper (openSUSE-2018-1054)"); script_summary(english:"Check for the openSUSE-2018-1054 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for libzypp, zypper fixes the following issues : Update libzypp to version 16.17.20 : Security issues fixed : - PackageProvider: Validate delta rpms before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) - PackageProvider: Validate downloaded rpm package signatures before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) Other bugs fixed : - lsof: use '-K i' if lsof supports it (bsc#1099847, bsc#1036304) - Handle http error 502 Bad Gateway in curl backend (bsc#1070851) - RepoManager: Explicitly request repo2solv to generate application pseudo packages. - libzypp-devel should not require cmake (bsc#1101349) - HardLocksFile: Prevent against empty commit without Target having been been loaded (bsc#1096803) - Avoid zombie tar processes (bsc#1076192) Update to zypper to version 1.13.45 : Other bugs fixed : - XML <install-summary> attribute `packages-to-change` added (bsc#1102429) - man: Strengthen that `--config FILE' affects zypper.conf, not zypp.conf (bsc#1100028) - Prevent nested calls to exit() if aborted by a signal (bsc#1092413) - ansi.h: Prevent ESC sequence strings from going out of scope (bsc#1092413) - Fix: zypper bash completion expands non-existing options (bsc#1049825) This update was imported from the SUSE:SLE-12-SP3:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1036304" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1049825" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1070851" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1076192" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1088705" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1091624" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1092413" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096803" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1099847" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1100028" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1101349" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1102429" ); script_set_attribute( attribute:"solution", value:"Update the affected libzypp / zypper packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libzypp-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-aptitude"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:zypper-log"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3"); script_set_attribute(attribute:"patch_publication_date", value:"2018/09/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE42.3", reference:"libzypp-16.17.20-27.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"libzypp-debuginfo-16.17.20-27.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"libzypp-debugsource-16.17.20-27.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"libzypp-devel-16.17.20-27.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"zypper-1.13.45-20.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"zypper-aptitude-1.13.45-20.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"zypper-debuginfo-1.13.45-20.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"zypper-debugsource-1.13.45-20.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"zypper-log-1.13.45-20.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libzypp / libzypp-debuginfo / libzypp-debugsource / libzypp-devel / etc"); }NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2555-1.NASL description This update for libzypp, zypper provides the following fixes : libzypp security fixes : CVE-2018-7685: Validate RPMs before caching (bsc#1091624, bsc#1088705) CVE-2017-9269: Be sure bad packages do not stay in the cache (bsc#1045735) CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix repo gpg check workflows, mainly for unsigned repos and packages (bsc#1045735, bsc#1038984) libzypp changes : RepoManager: Explicitly request repo2solv to generate application pseudo packages. Prefer calling last seen 2020-06-01 modified 2020-06-02 plugin id 112200 published 2018-08-31 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/112200 title SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2018:2555-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:2555-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(112200); script_version("1.3"); script_cvs_date("Date: 2019/09/10 13:51:49"); script_cve_id("CVE-2017-7435", "CVE-2017-7436", "CVE-2017-9269", "CVE-2018-7685"); script_name(english:"SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2018:2555-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for libzypp, zypper provides the following fixes : libzypp security fixes : CVE-2018-7685: Validate RPMs before caching (bsc#1091624, bsc#1088705) CVE-2017-9269: Be sure bad packages do not stay in the cache (bsc#1045735) CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix repo gpg check workflows, mainly for unsigned repos and packages (bsc#1045735, bsc#1038984) libzypp changes : RepoManager: Explicitly request repo2solv to generate application pseudo packages. Prefer calling 'repo2solv' rather than 'repo2solv.sh'. libzypp-devel should not require cmake. (bsc#1101349) HardLocksFile: Prevent against empty commit without Target having been loaded. (bsc#1096803) Avoid zombie tar processes. (bsc#1076192) man: Make sure that '--config FILE' affects zypper.conf, not zypp.conf. (bsc#1100028) ansi.h: Prevent ESC sequence strings from going out of scope. (bsc#1092413) RepoInfo: add enum GpgCheck for convenient gpgcheck mode handling (bsc#1045735) repo refresh: Re-probe if the repository type changes (bsc#1048315) Use common workflow for downloading packages and srcpackages. This includes a common way of handling and reporting gpg signature and checks. (bsc#1037210) PackageProvider: as well support downloading SrcPackage (for bsc#1037210) Adapt to work with GnuPG 2.1.23 (bsc#1054088) Use 'gpg --list-packets' to determine the keyid to verify a signature. Handle http error 502 Bad Gateway in curl backend (bsc#1070851) zypper security fixes : Improve signature check callback messages (bsc#1045735, CVE-2017-9269) add/modify repo: Add options to tune the GPG check settings (bsc#1045735, CVE-2017-9269) Adapt download callback to report and handle unsigned packages (bsc#1038984, CVE-2017-7436) zypper changes : download: fix crash when non-package types are passed as argument (bsc#1037210) XML <install-summary> attribute `packages-to-change` added (bsc#1102429) </install-summary> Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1037210" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1038984" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1045735" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1048315" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1054088" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1070851" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1076192" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1088705" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1091624" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1092413" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1096803" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1100028" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1101349" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1102429" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7435/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7436/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-9269/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-7685/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20182555-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a9b69723" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1792=1 SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1792=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libzypp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libzypp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libzypp-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:zypper"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:zypper-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:zypper-debugsource"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/01"); script_set_attribute(attribute:"patch_publication_date", value:"2018/08/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/31"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"1", reference:"libzypp-15.25.17-46.22.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libzypp-debuginfo-15.25.17-46.22.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libzypp-debugsource-15.25.17-46.22.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"zypper-1.12.59-46.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"zypper-debuginfo-1.12.59-46.10.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"zypper-debugsource-1.12.59-46.10.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libzypp / zypper"); }NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2688-1.NASL description This update for libzypp, zypper fixes the following issues : libzypp security fixes : PackageProvider: Validate delta rpms before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) PackageProvider: Validate downloaded rpm package signatures before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) Be sure bad packages do not stay in the cache (bsc#1045735, CVE-2017-9269) Fix repo gpg check workflows, mainly for unsigned repos and packages (bsc#1045735, bsc#1038984, CVE-2017-7435, CVE-2017-7436, CVE-2017-9269) libzypp other changes/bugs fixed: Update to version 14.45.17 RepoInfo: add enum GpgCheck for convenient gpgcheck mode handling (bsc#1045735) repo refresh: Re-probe if the repository type changes (bsc#1048315) Use common workflow for downloading packages and srcpackages. This includes a common way of handling and reporting gpg signature and checks. (bsc#1037210) PackageProvider: as well support downloading SrcPackage (for bsc#1037210) Adapt to work with GnuPG 2.1.23 (bsc#1054088) repo refresh: Re-probe if the repository type changes (bsc#1048315) Handle http error 502 Bad Gateway in curl backend (bsc#1070851) RepoManager: Explicitly request repo2solv to generate application pseudo packages. Prefer calling last seen 2020-06-01 modified 2020-06-02 plugin id 117453 published 2018-09-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117453 title SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2018:2688-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2814-1.NASL description This update for libzypp, zypper fixes the following issues : Update libzypp to version 16.17.20 : Security issues fixed : PackageProvider: Validate deta rpms before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) PackageProvider: Validate downloaded rpm package signatures before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) Other bugs fixed: lsof: use last seen 2020-06-01 modified 2020-06-02 plugin id 117694 published 2018-09-25 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117694 title SUSE SLED12 / SLES12 Security Update : libzypp, zypper (SUSE-SU-2018:2814-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2716-2.NASL description This update for libzypp, zypper provides the following fixes : Update libzypp to version 16.17.20 Security issues fixed : PackageProvider: Validate delta rpms before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) PackageProvider: Validate downloaded rpm package signatures before caching (bsc#1091624, bsc#1088705, CVE-2018-7685) Other bugs fixed: lsof: use last seen 2020-06-01 modified 2020-06-02 plugin id 118289 published 2018-10-22 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118289 title SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2018:2716-2) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2690-1.NASL description This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : CVE-2018-7685: PackageProvider: Validate RPMs before caching (bsc#1091624, bsc#1088705) CVE-2017-9269: Be sure bad packages do not stay in the cache (bsc#1045735) Changes in libzypp: Update to version 17.6.4 Automatically fetch repository signing key from gpgkey url (bsc#1088037) lsof: use last seen 2020-03-19 modified 2019-01-02 plugin id 120097 published 2019-01-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120097 title SUSE SLED15 / SLES15 Security Update : libzypp, zypper (SUSE-SU-2018:2690-1)
References
- http://lists.suse.com/pipermail/sle-security-updates/2018-August/004510.html
- http://lists.suse.com/pipermail/sle-security-updates/2018-August/004510.html
- https://bugzilla.suse.com/show_bug.cgi?id=1091624
- https://bugzilla.suse.com/show_bug.cgi?id=1091624
- https://www.suse.com/de-de/security/cve/CVE-2018-7685/
- https://www.suse.com/de-de/security/cve/CVE-2018-7685/