Test ID:	1.3.6.1.4.1.25623.1.1.4.2017.0004.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2017:0004-1)
Summary:	The remote host is missing an update for the 'zlib' package(s) announced via the SUSE-SU-2017:0004-1 advisory.
Description:	Summary: The remote host is missing an update for the 'zlib' package(s) announced via the SUSE-SU-2017:0004-1 advisory. Vulnerability Insight: This update for zlib fixes the following issues: CVE-2016-9843: Big-endian out-of-bounds pointer (bsc#1013882) CVE-2016-9842: Undefined Left Shift of Negative Number (bsc#1003580) CVE-2016-9840 CVE-2016-9841: Out-of-bounds pointer arithmetic in inftrees.c (bsc#1003579) Incompatible declarations for external linkage function deflate (bsc#1003577) Affected Software/OS: 'zlib' package(s) on SUSE Linux Enterprise Desktop 12-SP1, SUSE Linux Enterprise Server 12-SP1, SUSE Linux Enterprise Server for SAP Applications 12-SP1. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9840 BugTraq ID: 95131 http://www.securityfocus.com/bid/95131 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://bugzilla.redhat.com/show_bug.cgi?id=1402345 https://github.com/madler/zlib/commit/6a043145ca6e9c55184013841a67b2fef87e44c0 https://support.apple.com/HT208112 https://support.apple.com/HT208113 https://support.apple.com/HT208115 https://support.apple.com/HT208144 https://security.gentoo.org/glsa/201701-56 https://security.gentoo.org/glsa/202007-54 https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib https://wiki.mozilla.org/images/0/09/Zlib-report.pdf https://www.oracle.com/security-alerts/cpujul2020.html https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html http://www.openwall.com/lists/oss-security/2016/12/05/21 RedHat Security Advisories: RHSA-2017:1220 https://access.redhat.com/errata/RHSA-2017:1220 RedHat Security Advisories: RHSA-2017:1221 https://access.redhat.com/errata/RHSA-2017:1221 RedHat Security Advisories: RHSA-2017:1222 https://access.redhat.com/errata/RHSA-2017:1222 RedHat Security Advisories: RHSA-2017:2999 https://access.redhat.com/errata/RHSA-2017:2999 RedHat Security Advisories: RHSA-2017:3046 https://access.redhat.com/errata/RHSA-2017:3046 RedHat Security Advisories: RHSA-2017:3047 https://access.redhat.com/errata/RHSA-2017:3047 RedHat Security Advisories: RHSA-2017:3453 https://access.redhat.com/errata/RHSA-2017:3453 http://www.securitytracker.com/id/1039427 SuSE Security Announcement: openSUSE-SU-2016:3202 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html SuSE Security Announcement: openSUSE-SU-2017:0077 (Google Search) http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html SuSE Security Announcement: openSUSE-SU-2017:0080 (Google Search) http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html https://usn.ubuntu.com/4246-1/ https://usn.ubuntu.com/4292-1/ Common Vulnerability Exposure (CVE) ID: CVE-2016-9841 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html https://bugzilla.redhat.com/show_bug.cgi?id=1402346 https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb https://security.netapp.com/advisory/ntap-20171019-0001/ http://www.securitytracker.com/id/1039596 Common Vulnerability Exposure (CVE) ID: CVE-2016-9842 https://bugzilla.redhat.com/show_bug.cgi?id=1402348 https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958 Common Vulnerability Exposure (CVE) ID: CVE-2016-9843 https://bugzilla.redhat.com/show_bug.cgi?id=1402351 https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811 https://security.netapp.com/advisory/ntap-20181018-0002/ http://www.securitytracker.com/id/1041888
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.