Oval Definition:	oval:org.opensuse.security:def:4885
Revision Date: 2020-12-02 Version: 1 Title: Security update for grub2 (Important) Description: This update for grub2 fixes the following issues: - CVE-2020-10713 (bsc#1168994) - CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) - CVE-2020-15706 (bsc#1174463) - CVE-2020-15707 (bsc#1174570) - Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data - Use grub_calloc for overflow check and return NULL when it would occur Family: unix Class: patch Status: Reference(s): 1015173 1046303 1046305 1046306 1046307 1046540 1046542 1046543 1048129 1050242 1050252 1050529 1050536 1050538 1050545 1050549 1050662 1051510 1052766 1055117 1055968 1056427 1056643 1056651 1056653 1056657 1056658 1056662 1056686 1056787 1058115 1058513 1058659 1058717 1060463 1061024 1061840 1062897 1064802 1065600 1066110 1066129 1068032 1068054 1071218 1071995 1072829 1072856 1073513 1073765 1073960 1074562 1074578 1074701 1074741 1074873 1074919 1075006 1075007 1075262 1075419 1075748 1075876 1076049 1076115 1076372 1076830 1077338 1078248 1078353 1079152 1079747 1080039 1080542 1081599 1081917 1082485 1082504 1082869 1082962 1083647 1083710 1083900 1084001 1084570 1085308 1085539 1085626 1085933 1085936 1085937 1085938 1085939 1085941 1086282 1086283 1086286 1086288 1086315 1086317 1086319 1086323 1086327 1086331 1086400 1086652 1086739 1086906 1087078 1087082 1087084 1087092 1087205 1087210 1087213 1087214 1087284 1087405 1087458 1087939 1087978 1088354 1088690 1088704 1088722 1088796 1088804 1088821 1088866 1089115 1089268 1089467 1089608 1089663 1089664 1089667 1089669 1089752 1089753 1089878 1090150 1090457 1090605 1090643 1090646 1090658 1090734 1090888 1090953 1091158 1091171 1091424 1091594 1091666 1091678 1091686 1091781 1091782 1091815 1091860 1091960 1092100 1092472 1092710 1092772 1092888 1092904 1092975 1093023 1093027 1093035 1093118 1093148 1093158 1093184 1093205 1093273 1093290 1093604 1093641 1093649 1093653 1093655 1093657 1093663 1093721 1093728 1093733 1093904 1093990 1094244 1094301 1094356 1094420 1094541 1094575 1094751 1094825 1094840 1094912 1094978 1095042 1095094 1095115 1095155 1095265 1095321 1095337 1095467 1095573 1095735 1095893 1096065 1096480 1096529 1096696 1096705 1096728 1096753 1096790 1096793 1097034 1097104 1097105 1097234 1097356 1097373 1097439 1097465 1097468 1097470 1097471 1097472 1097551 1097577 1097583 1097584 1097585 1097586 1097587 1097588 1097780 1097796 1097800 1097808 1097941 1097961 1098016 1098043 1098050 1098174 1098176 1098236 1098401 1098425 1098435 1098599 1098626 1098706 1098983 1098995 1099029 1099041 1099109 1099142 1099183 1099715 1099792 1099918 1099924 1099966 1100132 1100209 1100340 1100362 1100382 1100394 1100416 1100418 1100491 1100602 1100633 1100843 1101296 1101315 1101324 1101480 1101669 1101776 1101777 1101786 1101788 1101791 1101794 1101800 1101802 1101804 1101810 1101822 1102247 1102517 1102715 1103269 1103277 1103363 1103445 1103886 1104353 1104365 1104427 1104482 1104494 1104495 1104683 1104708 1104777 1104890 1104897 1105292 1105296 1105322 1105355 1105378 1105396 1105467 1105731 1106514 1111647 1117740 1119222 1121231 1121232 1121233 1121234 1121235 1123080 1127034 1127315 1127367 1127369 1127370 1129770 1130103 1130972 1131941 1131945 1133021 1134097 1134390 1134399 1135335 1135642 1136021 1137458 1137534 1137535 1137584 1137609 1137827 1139358 1140133 1140322 1140652 1140903 1140945 1141401 1141402 1141452 1141453 1141454 1141478 1141980 1142023 1142112 1142220 1142221 1142254 1142350 1142351 1142354 1142359 1142450 1142701 1142868 1143003 1143045 1143105 1143185 1143189 1143191 1143507 1150690 1156288 1158505 1159670 1161052 1165241 1165710 1166238 1168994 1173812 1174463 1174570 1175686 1175987 1176024 1176294 1176397 1177867 1178083 1178319 1178361 1178362 1178485 802154 957624 971975 975772 CVE-2011-2709 CVE-2012-1571 CVE-2012-2391 CVE-2013-1912 CVE-2013-1987 CVE-2013-2175 CVE-2014-5461 CVE-2014-6269 CVE-2016-9918 CVE-2017-5715 CVE-2017-5753 CVE-2018-1000200 CVE-2018-1000204 CVE-2018-10087 CVE-2018-10124 CVE-2018-10853 CVE-2018-10902 CVE-2018-1092 CVE-2018-1093 CVE-2018-1094 CVE-2018-1118 CVE-2018-1120 CVE-2018-1130 CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 CVE-2018-12086 CVE-2018-12233 CVE-2018-13053 CVE-2018-13405 CVE-2018-13406 CVE-2018-14339 CVE-2018-14340 CVE-2018-14341 CVE-2018-14342 CVE-2018-14343 CVE-2018-14344 CVE-2018-14367 CVE-2018-14368 CVE-2018-14369 CVE-2018-14370 CVE-2018-15572 CVE-2018-16056 CVE-2018-16057 CVE-2018-16058 CVE-2018-18225 CVE-2018-18226 CVE-2018-18227 CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625 CVE-2018-19626 CVE-2018-19627 CVE-2018-19628 CVE-2018-20855 CVE-2018-3639 CVE-2018-5803 CVE-2018-5848 CVE-2018-7492 CVE-2018-8781 CVE-2018-9363 CVE-2018-9385 CVE-2019-10894 CVE-2019-10895 CVE-2019-10896 CVE-2019-10897 CVE-2019-10898 CVE-2019-10899 CVE-2019-10900 CVE-2019-10901 CVE-2019-10902 CVE-2019-10903 CVE-2019-1125 CVE-2019-11810 CVE-2019-13619 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-16319 CVE-2019-17498 CVE-2019-19553 CVE-2019-20503 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 CVE-2019-5716 CVE-2019-5717 CVE-2019-5718 CVE-2019-5719 CVE-2019-5721 CVE-2019-9208 CVE-2019-9209 CVE-2019-9214 CVE-2020-10713 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-15663 CVE-2020-15664 CVE-2020-15669 CVE-2020-15706 CVE-2020-15707 CVE-2020-16846 CVE-2020-17490 CVE-2020-25592 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2020-7044 CVE-2020-9428 CVE-2020-9429 CVE-2020-9430 CVE-2020-9431 SUSE-SU-2018:2092-1 SUSE-SU-2018:2539-1 SUSE-SU-2019:0841-1 SUSE-SU-2020:0693-1 SUSE-SU-2020:0721-1 SUSE-SU-2020:2077-1 SUSE-SU-2020:2552-1 SUSE-SU-2020:3243-1 SUSE-SU-2020:3551-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND haproxy-1.5.4-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xen-4.1.5_02-0.5.1 is installed OR xen-doc-html-4.1.5_02-0.5.1 is installed OR xen-doc-pdf-4.1.5_02-0.5.1 is installed OR xen-kmp-default-4.1.5_02_3.0.74_0.6.10-0.5.1 is installed OR xen-kmp-pae-4.1.5_02_3.0.74_0.6.10-0.5.1 is installed OR xen-kmp-trace-4.1.5_02_3.0.74_0.6.10-0.5.1 is installed OR xen-libs-4.1.5_02-0.5.1 is installed OR xen-libs-32bit-4.1.5_02-0.5.1 is installed OR xen-tools-4.1.5_02-0.5.1 is installed OR xen-tools-domU-4.1.5_02-0.5.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information file-5.19-2 is installed OR file-magic-5.19-2 is installed OR libmagic1-5.19-2 is installed OR libmagic1-32bit-5.19-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND binutils-2.25.0-13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND autofs-5.0.9-21 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND argyllcms-1.6.3-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 is installed AND Package Information conntrack-tools-1.4.2-5.2 is installed OR libnetfilter_cthelper-1.0.0-7.1 is installed OR libnetfilter_cthelper0-1.0.0-7.1 is installed OR libnetfilter_cttimeout-1.0.0-9.1 is installed OR libnetfilter_cttimeout1-1.0.0-9.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information ctdb-4.2.4-28.3.1 is installed OR samba-4.2.4-28.3.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND ctdb-4.4.2-29 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND haproxy-1.6.11-10 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND Package Information corosync-2.3.6-9.13 is installed OR libcorosync4-2.3.6-9.13 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_36-38-default-3-2.1 is installed OR kgraft-patch-3_12_36-38-xen-3-2.1 is installed OR kgraft-patch-SLE12_Update_2-3-2.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND portus-2.0.3-2.4 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-openssl098-0.9.8j-97.1 is installed OR libopenssl0_9_8-0.9.8j-97.1 is installed OR libopenssl0_9_8-32bit-0.9.8j-97.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information grub2-2.02-26.25 is installed OR grub2-x86_64-xen-2.02-26.25 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information git-2.12.3-27.22 is installed OR git-core-2.12.3-27.22 is installed OR git-doc-2.12.3-27.22 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND man-2.5.2-17.16 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND acpid-1.0.6-91.25.20 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND Package Information kernel-bigsmp-3.0.101-0.47.90.1 is installed OR kernel-bigsmp-base-3.0.101-0.47.90.1 is installed OR kernel-bigsmp-devel-3.0.101-0.47.90.1 is installed OR kernel-default-3.0.101-0.47.90.1 is installed OR kernel-default-base-3.0.101-0.47.90.1 is installed OR kernel-default-devel-3.0.101-0.47.90.1 is installed OR kernel-default-man-3.0.101-0.47.90.1 is installed OR kernel-ec2-3.0.101-0.47.90.1 is installed OR kernel-ec2-base-3.0.101-0.47.90.1 is installed OR kernel-ec2-devel-3.0.101-0.47.90.1 is installed OR kernel-pae-3.0.101-0.47.90.1 is installed OR kernel-pae-base-3.0.101-0.47.90.1 is installed OR kernel-pae-devel-3.0.101-0.47.90.1 is installed OR kernel-source-3.0.101-0.47.90.1 is installed OR kernel-syms-3.0.101-0.47.90.1 is installed OR kernel-trace-3.0.101-0.47.90.1 is installed OR kernel-trace-base-3.0.101-0.47.90.1 is installed OR kernel-trace-devel-3.0.101-0.47.90.1 is installed OR kernel-xen-3.0.101-0.47.90.1 is installed OR kernel-xen-base-3.0.101-0.47.90.1 is installed OR kernel-xen-devel-3.0.101-0.47.90.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information ntp-4.2.6p5-31.1 is installed OR ntp-doc-4.2.6p5-31.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information squidGuard-1.4-23 is installed OR squidGuard-doc-1.4-23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_jk-1.2.40-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-36 is installed OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_48-52_27-default-5-2.2 is installed OR kgraft-patch-3_12_48-52_27-xen-5-2.2 is installed OR kgraft-patch-SLE12_Update_8-5-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information libpcre1-8.39-5 is installed OR libpcre16-0-8.39-5 is installed OR pcre-8.39-5 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libssh2-1-1.9.0-4.13 is installed OR libssh2-1-32bit-1.9.0-4.13 is installed OR libssh2-devel-1.9.0-4.13 is installed OR libssh2_org-1.9.0-4.13 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND rubygem-rack-1_4-1.4.5-0.7.3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information libssh2-1-1.2.9-4.2.6.1 is installed OR libssh2-1-32bit-1.2.9-4.2.6.1 is installed OR libssh2-1-x86-1.2.9-4.2.6.1 is installed OR libssh2-devel-1.2.9-4.2.6.1 is installed OR libssh2_org-1.2.9-4.2.6.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND php5-devel-5.5.14-4 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND augeas-devel-1.2.0-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information FastCGI-2.4.0-167 is installed OR perl-FastCGI-2.4.0-167 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND aaa_base-malloccheck-13.2+git20140911.61c1681-36 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.3 is installed OR kernel-default-extra-4.12.14-25.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.6.0-3.74 is installed OR MozillaThunderbird-translations-common-68.6.0-3.74 is installed OR MozillaThunderbird-translations-other-68.6.0-3.74 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information MozillaThunderbird-68.12.0-3.94 is installed OR MozillaThunderbird-translations-common-68.12.0-3.94 is installed OR MozillaThunderbird-translations-other-68.12.0-3.94 is installed
BACK