Oval Definition:oval:org.opensuse.security:def:4770
Revision Date:2020-12-02Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue (bsc#1126455) - CVE-2019-3812: Fixed OOB memory access and information leak in virtual monitor interface (bsc#1125721) - CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) - Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature 'md-clear' (bsc#1111331)

Other bugs fixed:

- Use a new approach to handling the file input to -smbios option, which accepts either legacy or per-spec formats regardless of the machine type.
Family:unixClass:patch
Status:Reference(s):1024718
1046299
1050242
1050244
1051510
1055120
1055121
1055186
1058115
1060463
1061840
1065600
1065729
1068273
1071995
1078248
1079935
1082387
1082555
1082653
1083647
1085030
1085535
1086196
1086282
1086283
1086423
1087978
1088386
1089350
1090888
1091405
1091800
1094244
1097593
1097755
1100132
1102875
1102877
1102879
1102882
1102896
1103257
1103356
1103925
1104124
1104353
1104427
1104824
1104967
1105168
1105428
1106105
1106110
1106237
1106240
1106615
1106913
1107256
1107385
1107866
1108270
1108468
1109044
1109272
1109772
1109806
1109911
1110006
1110558
1110998
1111040
1111062
1111174
1111183
1111188
1111331
1111469
1111666
1111696
1111795
1111809
1111921
1112878
1112963
1113295
1113408
1113412
1113501
1113667
1113677
1113722
1113751
1113769
1113780
1113956
1113972
1114015
1114178
1114279
1114385
1114576
1114577
1114578
1114579
1114580
1114581
1114582
1114583
1114584
1114585
1114839
1114871
1115074
1115269
1115431
1115433
1115440
1115567
1115709
1115976
1116040
1116183
1116336
1116692
1116693
1116698
1116699
1116700
1116701
1116803
1116841
1116862
1116863
1116876
1116877
1116878
1116891
1116895
1116899
1116950
1117115
1117162
1117165
1117168
1117172
1117174
1117181
1117184
1117186
1117188
1117189
1117349
1117561
1117656
1117788
1117789
1117790
1117791
1117792
1117794
1117795
1117796
1117798
1117799
1117801
1117802
1117803
1117804
1117805
1117806
1117807
1117808
1117815
1117816
1117817
1117818
1117819
1117820
1117821
1117822
1117953
1118102
1118136
1118137
1118138
1118140
1118152
1118215
1118316
1118319
1118338
1118428
1118484
1118505
1118752
1118760
1118761
1118762
1118766
1118767
1118768
1118769
1118771
1118772
1118773
1118774
1118775
1118798
1118809
1118962
1119017
1119086
1119105
1119212
1119322
1119410
1119714
1119749
1119804
1119946
1119962
1119968
1120036
1120046
1120053
1120054
1120055
1120058
1120088
1120092
1120094
1120096
1120097
1120173
1120214
1120223
1120228
1120230
1120232
1120234
1120235
1120238
1120386
1120594
1120598
1120600
1120601
1120602
1120603
1120604
1120606
1120612
1120613
1120614
1120615
1120616
1120617
1120618
1120620
1120621
1120632
1120633
1120743
1120954
1121017
1121058
1121263
1121273
1121477
1121483
1121599
1121621
1121714
1121715
1121973
1122706
1122983
1123156
1125230
1125721
1126455
1129622
1130675
1137325
1142685
1145051
1145929
1148643
1148868
1150711
1155690
1156202
1157424
1158983
1159037
1159198
1159199
1160682
1161066
1161561
1161951
1162171
1163018
1163403
1163897
1163985
1164284
1164777
1164780
1164893
1165019
1165182
1165185
1165211
1165776
1165823
1165949
1166240
1166780
1166860
1166861
1166862
1166864
1166866
1166867
1166868
1166870
1166940
1166982
1167005
1167152
1167216
1167288
1167290
1167316
1167421
1167423
1167627
1167629
1168075
1168140
1168142
1168143
1168202
1168273
1168276
1168295
1168367
1168424
1168443
1168486
1168552
1168760
1168762
1168763
1168764
1168765
1168829
1168854
1168881
1168884
1168952
1169013
1169057
1169307
1169308
1169390
1169392
1169514
1169625
1169679
1169748
1170940
1171441
1171443
1171444
1171445
1171446
1171447
1171474
1171924
1171928
1172205
1172515
1173247
1173605
1174200
1176315
CVE-2012-2391
CVE-2013-0262
CVE-2013-0263
CVE-2013-0269
CVE-2013-0276
CVE-2013-0277
CVE-2013-1912
CVE-2013-2175
CVE-2014-6269
CVE-2016-5824
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-12232
CVE-2018-12405
CVE-2018-14625
CVE-2018-15587
CVE-2018-16862
CVE-2018-16884
CVE-2018-17466
CVE-2018-18281
CVE-2018-18397
CVE-2018-18492
CVE-2018-18493
CVE-2018-18494
CVE-2018-18498
CVE-2018-18500
CVE-2018-18501
CVE-2018-18505
CVE-2018-18710
CVE-2018-19407
CVE-2018-19824
CVE-2018-19854
CVE-2018-19985
CVE-2018-20169
CVE-2018-20815
CVE-2018-9568
CVE-2019-11091
CVE-2019-19770
CVE-2019-20372
CVE-2019-20382
CVE-2019-3701
CVE-2019-3812
CVE-2019-3813
CVE-2019-6778
CVE-2019-8934
CVE-2019-9458
CVE-2019-9824
CVE-2020-0543
CVE-2020-10942
CVE-2020-11017
CVE-2020-11018
CVE-2020-11019
CVE-2020-11038
CVE-2020-11039
CVE-2020-11040
CVE-2020-11041
CVE-2020-11043
CVE-2020-11085
CVE-2020-11086
CVE-2020-11087
CVE-2020-11088
CVE-2020-11089
CVE-2020-11095
CVE-2020-11096
CVE-2020-11097
CVE-2020-11098
CVE-2020-11099
CVE-2020-11494
CVE-2020-11521
CVE-2020-11522
CVE-2020-11523
CVE-2020-11524
CVE-2020-11525
CVE-2020-11526
CVE-2020-11669
CVE-2020-11739
CVE-2020-11740
CVE-2020-11741
CVE-2020-11742
CVE-2020-11743
CVE-2020-13396
CVE-2020-13397
CVE-2020-13398
CVE-2020-1711
CVE-2020-1720
CVE-2020-17507
CVE-2020-1983
CVE-2020-4030
CVE-2020-4031
CVE-2020-4032
CVE-2020-4033
CVE-2020-7039
CVE-2020-8608
CVE-2020-8834
CVE-2020-9484
SUSE-SU-2019:0224-1
SUSE-SU-2019:0242-1
SUSE-SU-2019:0338-1
SUSE-SU-2019:1239-1
SUSE-SU-2019:1266-1
SUSE-SU-2020:1146-1
SUSE-SU-2020:1171-1
SUSE-SU-2020:1364-1
SUSE-SU-2020:1523-1
SUSE-SU-2020:1634-1
SUSE-SU-2020:2068-1
SUSE-SU-2020:2149-1
SUSE-SU-2020:2748-1
Platform(s):SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 5
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND haproxy-1.5.4-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • cups-filters-1.0.58-2 is installed
  • OR cups-filters-cups-browsed-1.0.58-2 is installed
  • OR cups-filters-foomatic-rip-1.0.58-2 is installed
  • OR cups-filters-ghostscript-1.0.58-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • bash-4.2-75 is installed
  • OR bash-doc-4.2-75 is installed
  • OR bash-lang-4.2-75 is installed
  • OR libreadline6-6.2-75 is installed
  • OR libreadline6-32bit-6.2-75 is installed
  • OR readline-doc-6.2-75 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • accountsservice-0.6.42-14 is installed
  • OR accountsservice-lang-0.6.42-14 is installed
  • OR libaccountsservice0-0.6.42-14 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • cups-filters-1.0.58-17 is installed
  • OR cups-filters-cups-browsed-1.0.58-17 is installed
  • OR cups-filters-foomatic-rip-1.0.58-17 is installed
  • OR cups-filters-ghostscript-1.0.58-17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 is installed
  • AND Package Information
  • ctdb-4.2.4-18.35.1 is installed
  • OR samba-4.2.4-18.35.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND python-requests-2.8.1-6.11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND Package Information
  • libpacemaker3-1.1.16-4 is installed
  • OR pacemaker-1.1.16-4 is installed
  • OR pacemaker-cli-1.1.16-4 is installed
  • OR pacemaker-cts-1.1.16-4 is installed
  • OR pacemaker-remote-1.1.16-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND python-requests-2.11.1-6.28 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND ctdb-4.10.5+git.129.35f7bb6e177-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND ant-1.9.4-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_32-33-default-2-3.1 is installed
  • OR kgraft-patch-3_12_32-33-xen-2-3.1 is installed
  • OR kgraft-patch-3_12_36-38-default-2-3.1 is installed
  • OR kgraft-patch-3_12_36-38-xen-2-3.1 is installed
  • OR kgraft-patch-SLE12_Update_1-2-3.1 is installed
  • OR kgraft-patch-SLE12_Update_2-2-3.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • qemu-2.11.2-9.25 is installed
  • OR qemu-arm-2.11.2-9.25 is installed
  • OR qemu-block-curl-2.11.2-9.25 is installed
  • OR qemu-block-iscsi-2.11.2-9.25 is installed
  • OR qemu-block-rbd-2.11.2-9.25 is installed
  • OR qemu-block-ssh-2.11.2-9.25 is installed
  • OR qemu-guest-agent-2.11.2-9.25 is installed
  • OR qemu-ipxe-1.0.0+-9.25 is installed
  • OR qemu-kvm-2.11.2-9.25 is installed
  • OR qemu-lang-2.11.2-9.25 is installed
  • OR qemu-ppc-2.11.2-9.25 is installed
  • OR qemu-s390-2.11.2-9.25 is installed
  • OR qemu-seabios-1.11.0-9.25 is installed
  • OR qemu-sgabios-8-9.25 is installed
  • OR qemu-vgabios-1.11.0-9.25 is installed
  • OR qemu-x86-2.11.2-9.25 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed
  • AND Package Information
  • libQt5Concurrent5-5.6.1-17.6 is installed
  • OR libQt5Core5-5.6.1-17.6 is installed
  • OR libQt5DBus5-5.6.1-17.6 is installed
  • OR libQt5Gui5-5.6.1-17.6 is installed
  • OR libQt5Network5-5.6.1-17.6 is installed
  • OR libQt5OpenGL5-5.6.1-17.6 is installed
  • OR libQt5PrintSupport5-5.6.1-17.6 is installed
  • OR libQt5Sql5-5.6.1-17.6 is installed
  • OR libQt5Sql5-mysql-5.6.1-17.6 is installed
  • OR libQt5Sql5-postgresql-5.6.1-17.6 is installed
  • OR libQt5Sql5-sqlite-5.6.1-17.6 is installed
  • OR libQt5Sql5-unixODBC-5.6.1-17.6 is installed
  • OR libQt5Test5-5.6.1-17.6 is installed
  • OR libQt5Widgets5-5.6.1-17.6 is installed
  • OR libQt5Xml5-5.6.1-17.6 is installed
  • OR libqt5-qtbase-5.6.1-17.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • apache2-2.2.12-1.28.1 is installed
  • OR apache2-doc-2.2.12-1.28.1 is installed
  • OR apache2-example-pages-2.2.12-1.28.1 is installed
  • OR apache2-prefork-2.2.12-1.28.1 is installed
  • OR apache2-utils-2.2.12-1.28.1 is installed
  • OR apache2-worker-2.2.12-1.28.1 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • MozillaFirefox-31.6.0esr-0.8.1 is installed
  • OR MozillaFirefox-translations-31.6.0esr-0.8.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND
  • MozillaFirefox-31.6.0esr-0.8.1 is installed
  • OR MozillaFirefox-translations-31.6.0esr-0.8.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • NetworkManager-0.7.1_git20090811-3.28.2 is installed
  • OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • rsyslog-8.4.0-5.1 is installed
  • OR rsyslog-diag-tools-8.4.0-5.1 is installed
  • OR rsyslog-doc-8.4.0-5.1 is installed
  • OR rsyslog-module-gssapi-8.4.0-5.1 is installed
  • OR rsyslog-module-gtls-8.4.0-5.1 is installed
  • OR rsyslog-module-mysql-8.4.0-5.1 is installed
  • OR rsyslog-module-pgsql-8.4.0-5.1 is installed
  • OR rsyslog-module-relp-8.4.0-5.1 is installed
  • OR rsyslog-module-snmp-8.4.0-5.1 is installed
  • OR rsyslog-module-udpspoof-8.4.0-5.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libhivex0-1.3.10-4 is installed
  • OR perl-Win-Hivex-1.3.10-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • cpp48-4.8.5-30 is installed
  • OR gcc48-4.8.5-30 is installed
  • OR gcc48-32bit-4.8.5-30 is installed
  • OR gcc48-c++-4.8.5-30 is installed
  • OR gcc48-info-4.8.5-30 is installed
  • OR gcc48-locale-4.8.5-30 is installed
  • OR libasan0-4.8.5-30 is installed
  • OR libasan0-32bit-4.8.5-30 is installed
  • OR libstdc++48-devel-4.8.5-30 is installed
  • OR libstdc++48-devel-32bit-4.8.5-30 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND coolkey-1.1.0-148.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_55-52_42-default-2-2.2 is installed
  • OR kgraft-patch-3_12_55-52_42-xen-2-2.2 is installed
  • OR kgraft-patch-SLE12_Update_12-2-2.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND nginx-1.16.1-3.12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND kdebase4-workspace-devel-4.3.5-0.12.18.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • xen-4.4.4_08-40.2 is installed
  • OR xen-devel-4.4.4_08-40.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND Package Information
  • fuse-devel-2.9.3-3 is installed
  • OR fuse-devel-static-2.9.3-3 is installed
  • OR libulockmgr1-2.9.3-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND accountsservice-devel-0.6.35-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND Package Information
  • FastCGI-2.4.0-167 is installed
  • OR perl-FastCGI-2.4.0-167 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • evolution-3.26.6-4.3 is installed
  • OR evolution-devel-3.26.6-4.3 is installed
  • OR evolution-lang-3.26.6-4.3 is installed
  • OR evolution-plugin-bogofilter-3.26.6-4.3 is installed
  • OR evolution-plugin-pst-import-3.26.6-4.3 is installed
  • OR evolution-plugin-spamassassin-3.26.6-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.40 is installed
  • OR kernel-default-extra-4.12.14-197.40 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • freerdp-2.1.2-15.7 is installed
  • OR freerdp-devel-2.1.2-15.7 is installed
  • OR libfreerdp2-2.1.2-15.7 is installed
  • OR libwinpr2-2.1.2-15.7 is installed
  • OR winpr2-devel-2.1.2-15.7 is installed
  • BACK