OVAL Reference oval:org.opensuse.security:def:4859

Oval Definition:

oval:org.opensuse.security:def:4859

Revision Date:	2020-12-02	Version:	1
Title:	Security update for xen (Important)
Description:	This update for xen fixes the following issues: - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm (bsc#1158003 XSA-307). - CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 (bsc#1158003 XSA-307). - CVE-2019-19583: Fixed improper checks which could have allowed HVM/PVH guest userspace code to crash the guest,leading to a guest denial of service (bsc#1158004 XSA-308). - CVE-2019-19578: Fixed an issue where a malicious or buggy PV guest could have caused hypervisor crash resulting in denial of service affecting the entire host (bsc#1158005 XSA-309). - CVE-2019-19580: Fixed a privilege escalation where a malicious PV guest administrator could have been able to escalate their privilege to that of the host (bsc#1158006 XSA-310). - CVE-2019-19577: Fixed an issue where a malicious guest administrator could have caused Xen to access data structures while they are being modified leading to a crash (bsc#1158007 XSA-311). - CVE-2019-19579: Fixed a privilege escaltion where an untrusted domain with access to a physical device can DMA into host memory (bsc#1157888 XSA-306). - Fixed an issue where PCI passthrough failed on AMD machine xen host (bsc#1157047).
Family:	unix	Class:	patch
Status:		Reference(s):	1027519 1097983 1100345 1100348 1105869 1142825 1142832 1142835 1152497 1157047 1157888 1158003 1158004 1158005 1158006 1158007 1170446 1171550 1173477 1173594 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1174230 1175596 1176086 1176181 1176384 1176671 1176756 1176899 1177472 1177977 1178428 1178512 CVE-2009-5044 CVE-2009-5080 CVE-2009-5081 CVE-2010-0405 CVE-2011-2721 CVE-2011-3627 CVE-2012-1457 CVE-2012-1458 CVE-2012-1459 CVE-2013-1984 CVE-2013-1990 CVE-2013-1995 CVE-2013-1998 CVE-2013-1999 CVE-2017-18922 CVE-2017-18922 CVE-2018-12458 CVE-2018-13300 CVE-2018-13305 CVE-2018-15822 CVE-2018-21247 CVE-2019-10181 CVE-2019-10182 CVE-2019-10185 CVE-2019-19577 CVE-2019-19578 CVE-2019-19579 CVE-2019-19580 CVE-2019-19581 CVE-2019-19582 CVE-2019-19583 CVE-2019-20839 CVE-2019-20840 CVE-2020-13249 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-15180 CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-15683 CVE-2020-15969 CVE-2020-24659 CVE-2020-2752 CVE-2020-2760 CVE-2020-2812 CVE-2020-2814 CVE-2020-28196 CVE-2020-8695 CVE-2020-8698 SUSE-SU-2018:3609-1 SUSE-SU-2019:2033-1 SUSE-SU-2019:3338-1 SUSE-SU-2020:1711-1 SUSE-SU-2020:1873-1 SUSE-SU-2020:1922-1 SUSE-SU-2020:2988-1 SUSE-SU-2020:3091-1 SUSE-SU-2020:3275-1 SUSE-SU-2020:3375-1 SUSE-SU-2020:3500-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libxslt-1.1.24-19.23.1 is installed OR libxslt-32bit-1.1.24-19.23.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND clamav-0.98.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-32bit-1.7.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information NetworkManager-1.0.12-8 is installed OR NetworkManager-lang-1.0.12-8 is installed OR libnm-glib-vpn1-1.0.12-8 is installed OR libnm-glib4-1.0.12-8 is installed OR libnm-util2-1.0.12-8 is installed OR libnm0-1.0.12-8 is installed OR typelib-1_0-NM-1_0-1.0.12-8 is installed OR typelib-1_0-NMClient-1_0-1.0.12-8 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information bind-utils-9.11.2-1 is installed OR libbind9-160-9.11.2-1 is installed OR libdns169-9.11.2-1 is installed OR libirs160-9.11.2-1 is installed OR libisc166-9.11.2-1 is installed OR libisc166-32bit-9.11.2-1 is installed OR libisccc160-9.11.2-1 is installed OR libisccfg160-9.11.2-1 is installed OR liblwres160-9.11.2-1 is installed OR python-bind-9.11.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 is installed AND Package Information ctdb-4.2.4-18.30.1 is installed OR samba-4.2.4-18.30.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information libpcreposix0-8.39-7.1 is installed OR pcre-8.39-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information cluster-md-kmp-default-4.4.21-69 is installed OR cluster-network-kmp-default-4.4.21-69 is installed OR dlm-kmp-default-4.4.21-69 is installed OR gfs2-kmp-default-4.4.21-69 is installed OR ocfs2-kmp-default-4.4.21-69 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND lighttpd-1.4.35-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND Package Information cluster-md-kmp-default-4.12.14-120 is installed OR dlm-kmp-default-4.12.14-120 is installed OR gfs2-kmp-default-4.12.14-120 is installed OR ocfs2-kmp-default-4.12.14-120 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_38-44-default-1-2.2 is installed OR kgraft-patch-3_12_38-44-xen-1-2.2 is installed OR kgraft-patch-SLE12_Update_3-1-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND Package Information containerd-0.2.4+gitr565_0366d7e-9.1 is installed OR docker-1.12.3-81.2 is installed OR ruby2.1-rubygem-docker-api-1.31.0-11.2 is installed OR ruby2.1-rubygem-excon-0.52.0-9.1 is installed OR rubygem-docker-api-1.31.0-11.2 is installed OR rubygem-excon-0.52.0-9.1 is installed OR runc-0.1.1+gitr2816_02f8fa7-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information xen-4.12.1_06-3.9 is installed OR xen-devel-4.12.1_06-3.9 is installed OR xen-tools-4.12.1_06-3.9 is installed
Definition Synopsis
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information libgcrypt-1.6.1-16.68 is installed OR libgcrypt20-1.6.1-16.68 is installed OR libgcrypt20-32bit-1.6.1-16.68 is installed OR libgcrypt20-hmac-1.6.1-16.68 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information libnewt0_52-0.52.10-1.35.7 is installed OR newt-0.52.10-1.35.7 is installed OR python-newt-0.52.10-1.35.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND libjasper-1.900.1-134.17.1 is installed OR libjasper-32bit-1.900.1-134.17.1 is installed OR libjasper-x86-1.900.1-134.17.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND libjasper-1.900.1-134.17.1 is installed OR libjasper-32bit-1.900.1-134.17.1 is installed OR libjasper-x86-1.900.1-134.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information cpio-2.11-29.1 is installed OR cpio-lang-2.11-29.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND powerpc-utils-1.2.26-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache2-2.4.23-14 is installed OR apache2-doc-2.4.23-14 is installed OR apache2-example-pages-2.4.23-14 is installed OR apache2-prefork-2.4.23-14 is installed OR apache2-utils-2.4.23-14 is installed OR apache2-worker-2.4.23-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_48-52_27-default-5-2.2 is installed OR kgraft-patch-3_12_48-52_27-xen-5-2.2 is installed OR kgraft-patch-SLE12_Update_8-5-2.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information libmysqlclient18-10.0.28-17 is installed OR mariadb-10.0.28-17 is installed OR mariadb-client-10.0.28-17 is installed OR mariadb-errormessages-10.0.28-17 is installed OR mariadb-tools-10.0.28-17 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information gnutls-3.6.7-6.34 is installed OR libgnutls-devel-3.6.7-6.34 is installed OR libgnutls30-3.6.7-6.34 is installed OR libgnutls30-32bit-3.6.7-6.34 is installed OR libgnutls30-hmac-3.6.7-6.34 is installed OR libgnutls30-hmac-32bit-3.6.7-6.34 is installed OR libgnutlsxx-devel-3.6.7-6.34 is installed OR libgnutlsxx28-3.6.7-6.34 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information pwlib-1.10.10-120.35.1 is installed OR pwlib-devel-1.10.10-120.35.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information kdebase4-workspace-4.3.5-0.12.20.1 is installed OR kdebase4-workspace-devel-4.3.5-0.12.20.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND libsoup-devel-2.44.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND aaa_base-malloccheck-13.2+git20140911.61c1681-9 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-33 is installed OR ImageMagick-devel-6.8.8.1-33 is installed OR libMagick++-6_Q16-3-6.8.8.1-33 is installed OR libMagick++-devel-6.8.8.1-33 is installed OR perl-PerlMagick-6.8.8.1-33 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information ffmpeg-3.4.2-4.12 is installed OR libavcodec-devel-3.4.2-4.12 is installed OR libavformat-devel-3.4.2-4.12 is installed OR libavformat57-3.4.2-4.12 is installed OR libavresample-devel-3.4.2-4.12 is installed OR libavresample3-3.4.2-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information LibVNCServer-0.9.10-4.19 is installed OR libvncclient0-0.9.10-4.19 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information LibVNCServer-0.9.10-4.22 is installed OR libvncclient0-0.9.10-4.22 is installed OR libvncserver0-0.9.10-4.22 is installed

BACK