Oval Definition:oval:org.opensuse.security:def:4917
Revision Date:2020-12-02Version:1
Title:Security update for ovmf (Moderate)
Description:

This update for ovmf fixes the following issues:

Security issues fixed:

- CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation (bsc#1163959). - CVE-2019-14553: Fixed the TLS certification verification in HTTPS-over-IPv6 boot sequences (bsc#1153072). - CVE-2019-14559: Fixed a remotely exploitable memory leak in the ARP handling code (bsc#1163927). - CVE-2019-14575: Fixed an insufficient signature check in the DxeImageVerificationHandler (bsc#1163969). - Enabled HTTPS-over-IPv6 (bsc#1153072).
Family:unixClass:patch
Status:Reference(s):1001215
1013708
1013712
1013893
1015171
1046540
1048942
1050319
1050536
1050540
1051510
1055117
1055120
1065600
1066674
1067126
1067906
1071995
1076830
1078248
1079524
1082635
1083647
1083710
1084760
1084831
1086283
1086288
1089644
1091041
1094825
1095805
1099125
1100132
1102247
1102881
1103308
1103543
1103990
1103991
1104353
1104427
1104731
1104745
1105025
1105536
1106105
1106110
1106237
1106240
1106838
1107685
1108043
1108241
1108377
1108468
1108828
1108841
1108870
1109151
1109158
1109217
1109330
1109739
1109784
1109806
1109818
1109837
1109907
1109911
1109915
1109919
1109951
1110006
1110096
1110538
1110561
1110921
1111028
1111076
1111506
1111666
1111806
1111819
1111830
1111834
1111841
1111870
1111901
1111904
1111928
1111983
1112170
1112173
1112178
1112208
1112219
1112221
1112246
1112372
1112374
1112514
1112554
1112708
1112710
1112711
1112712
1112713
1112731
1112732
1112733
1112734
1112735
1112736
1112738
1112739
1112740
1112741
1112743
1112745
1112746
1112894
1112899
1112902
1112903
1112905
1112906
1112907
1113257
1113284
1113722
1113956
1113994
1114279
1117169
1118661
1119113
1119222
1120498
1120499
1120500
1120515
1120516
1120517
1120519
1120853
1123080
1126390
1127034
1127315
1127354
1127371
1129770
1130972
1131107
1133021
1134097
1134390
1134399
1134983
1135335
1135642
1135855
1135966
1135967
1137223
1137236
1137458
1137534
1137535
1137584
1137609
1137827
1138039
1139358
1140133
1140322
1140652
1140903
1140945
1140948
1141401
1141402
1141452
1141453
1141454
1141478
1142023
1142095
1142112
1142220
1142221
1142254
1142350
1142351
1142354
1142359
1142450
1142635
1142701
1142868
1142924
1143003
1143045
1143105
1143185
1143189
1143191
1143507
1143706
1144333
1149448
1150466
1151067
1151548
1151900
1152782
1153072
1153628
1153811
1154043
1154058
1154124
1154355
1154526
1154601
1155021
1155689
1155692
1155836
1155897
1155921
1155982
1156187
1156258
1156429
1156466
1156471
1156494
1156609
1156700
1156729
1156882
1156928
1157032
1157038
1157042
1157044
1157045
1157046
1157049
1157070
1157115
1157143
1157145
1157158
1157160
1157162
1157171
1157173
1157178
1157180
1157182
1157183
1157184
1157191
1157193
1157197
1157298
1157304
1157307
1157324
1157333
1157386
1157424
1157463
1157499
1157678
1157698
1157778
1157908
1158049
1158063
1158064
1158065
1158066
1158067
1158068
1158071
1158082
1158381
1158394
1158398
1158407
1158410
1158413
1158417
1158427
1158445
1163927
1163959
1163969
1173455
1175664
1175665
1175671
999199
CVE-2007-6720
CVE-2009-0179
CVE-2009-0696
CVE-2009-3995
CVE-2009-3996
CVE-2009-4022
CVE-2010-2546
CVE-2010-2935
CVE-2010-2936
CVE-2010-3613
CVE-2010-3614
CVE-2010-3615
CVE-2011-0414
CVE-2011-1526
CVE-2011-1907
CVE-2011-1910
CVE-2011-2464
CVE-2011-4313
CVE-2011-4862
CVE-2012-0804
CVE-2012-1667
CVE-2012-3817
CVE-2012-3868
CVE-2012-4244
CVE-2012-4559
CVE-2012-4560
CVE-2012-4561
CVE-2012-5166
CVE-2012-5688
CVE-2012-5689
CVE-2013-0176
CVE-2013-2266
CVE-2013-4854
CVE-2014-0017
CVE-2014-0247
CVE-2014-0591
CVE-2014-3524
CVE-2014-3575
CVE-2016-7044
CVE-2016-7045
CVE-2016-7553
CVE-2016-9797
CVE-2016-9798
CVE-2016-9802
CVE-2016-9917
CVE-2017-16533
CVE-2017-18224
CVE-2018-18386
CVE-2018-18445
CVE-2018-20337
CVE-2018-20363
CVE-2018-20364
CVE-2018-20365
CVE-2018-20855
CVE-2018-5817
CVE-2018-5818
CVE-2018-5819
CVE-2019-0154
CVE-2019-1125
CVE-2019-11810
CVE-2019-12269
CVE-2019-13631
CVE-2019-13648
CVE-2019-14283
CVE-2019-14284
CVE-2019-14553
CVE-2019-14559
CVE-2019-14563
CVE-2019-14575
CVE-2019-14895
CVE-2019-14901
CVE-2019-15916
CVE-2019-16231
CVE-2019-17055
CVE-2019-18660
CVE-2019-18683
CVE-2019-18805
CVE-2019-18809
CVE-2019-19046
CVE-2019-19049
CVE-2019-19052
CVE-2019-19056
CVE-2019-19057
CVE-2019-19058
CVE-2019-19060
CVE-2019-19062
CVE-2019-19063
CVE-2019-19065
CVE-2019-19067
CVE-2019-19068
CVE-2019-19073
CVE-2019-19074
CVE-2019-19075
CVE-2019-19077
CVE-2019-19078
CVE-2019-19080
CVE-2019-19081
CVE-2019-19082
CVE-2019-19083
CVE-2019-19227
CVE-2019-19524
CVE-2019-19525
CVE-2019-19528
CVE-2019-19529
CVE-2019-19530
CVE-2019-19531
CVE-2019-19534
CVE-2019-19536
CVE-2019-19543
CVE-2020-15049
CVE-2020-15810
CVE-2020-15811
CVE-2020-24606
SUSE-SU-2016:2524-1
SUSE-SU-2018:3589-1
SUSE-SU-2019:0133-1
SUSE-SU-2019:1353-2
SUSE-SU-2019:1576-1
SUSE-SU-2020:0568-1
SUSE-SU-2020:2442-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12
SUSE Linux Enterprise High Availability 12 SP1
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Live Patching 12 SP3
SUSE Linux Enterprise Module for Advanced Systems Management 12
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 5
SUSE Package Hub for SUSE Linux Enterprise 12
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • bind-9.9.6P1-0.15.1 is installed
  • OR bind-libs-9.9.6P1-0.15.1 is installed
  • OR bind-libs-32bit-9.9.6P1-0.15.1 is installed
  • OR bind-utils-9.9.6P1-0.15.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • bind-libs-9.9.5P1-1 is installed
  • OR bind-libs-32bit-9.9.5P1-1 is installed
  • OR bind-utils-9.9.5P1-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • curl-7.37.0-15 is installed
  • OR libcurl4-7.37.0-15 is installed
  • OR libcurl4-32bit-7.37.0-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-33 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-33 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-33 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-33 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-33 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND clamav-0.99.2-32 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • coreutils-8.25-13.7 is installed
  • OR coreutils-lang-8.25-13.7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 is installed
  • AND haproxy-1.5.4-2.4.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP1 is installed
  • AND hawk2-1.0.1+git.1456406635.49e230d-12.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND Package Information
  • ctdb-4.6.7+git.38.90b2cdb4f22-3.7.1 is installed
  • OR ldirectord-4.0.1+git.1495055229.643177f1-2.4.2 is installed
  • OR monitoring-plugins-metadata-4.0.1+git.1495055229.643177f1-2.4.2 is installed
  • OR resource-agents-4.0.1+git.1495055229.643177f1-2.4.2 is installed
  • OR samba-4.6.7+git.38.90b2cdb4f22-3.7.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND Package Information
  • libpacemaker3-1.1.19+20180928.0d2680780-1 is installed
  • OR pacemaker-1.1.19+20180928.0d2680780-1 is installed
  • OR pacemaker-cli-1.1.19+20180928.0d2680780-1 is installed
  • OR pacemaker-cts-1.1.19+20180928.0d2680780-1 is installed
  • OR pacemaker-remote-1.1.19+20180928.0d2680780-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-120 is installed
  • OR dlm-kmp-default-4.12.14-120 is installed
  • OR gfs2-kmp-default-4.12.14-120 is installed
  • OR ocfs2-kmp-default-4.12.14-120 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND Package Information
  • PackageKit-1.1.3-24.9 is installed
  • OR PackageKit-backend-zypp-1.1.3-24.9 is installed
  • OR PackageKit-lang-1.1.3-24.9 is installed
  • OR libpackagekit-glib2-18-1.1.3-24.9 is installed
  • OR typelib-1_0-PackageKitGlib-1_0-1.1.3-24.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_44-52_10-default-1-2.1 is installed
  • OR kgraft-patch-3_12_44-52_10-xen-1-2.1 is installed
  • OR kgraft-patch-SLE12_Update_6-1-2.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP3 is installed
  • AND Package Information
  • kgraft-patch-4_4_73-5-default-2-2.3.2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_0-2-2.3.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed
  • AND Package Information
  • puppet-3.8.5-15.3.3 is installed
  • OR puppet-server-3.8.5-15.3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND docker-1.8.3-49.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • compat-openssl098-0.9.8j-66.3 is installed
  • OR libopenssl0_9_8-0.9.8j-66.3 is installed
  • OR libopenssl0_9_8-32bit-0.9.8j-66.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND Package Information
  • kernel-ec2-3.12.32-33.1 is installed
  • OR kernel-ec2-devel-3.12.32-33.1 is installed
  • OR kernel-ec2-extra-3.12.32-33.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • ovmf-2017+git1510945757.b2662641d5-5.29 is installed
  • OR ovmf-tools-2017+git1510945757.b2662641d5-5.29 is installed
  • OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.29 is installed
  • OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND squid-4.13-5.23 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed
  • AND wget-1.14-21.10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • qt3-3.3.8b-88.21 is installed
  • OR qt3-32bit-3.3.8b-88.21 is installed
  • OR qt3-x86-3.3.8b-88.21 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • libpng12-0-1.2.31-5.35.1 is installed
  • OR libpng12-0-32bit-1.2.31-5.35.1 is installed
  • OR libpng12-0-x86-1.2.31-5.35.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND
  • libpng12-0-1.2.31-5.35.1 is installed
  • OR libpng12-0-32bit-1.2.31-5.35.1 is installed
  • OR libpng12-0-x86-1.2.31-5.35.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • NetworkManager-0.7.1_git20090811-3.28.2 is installed
  • OR NetworkManager-glib-0.7.1_git20090811-3.28.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • flac-1.3.0-6.1 is installed
  • OR libFLAC++6-1.3.0-6.1 is installed
  • OR libFLAC8-1.3.0-6.1 is installed
  • OR libFLAC8-32bit-1.3.0-6.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND yast2-core-3.1.18-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-28 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR alsa-docs-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • accountsservice-0.6.42-16.3 is installed
  • OR accountsservice-lang-0.6.42-16.3 is installed
  • OR libaccountsservice0-0.6.42-16.3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_60-52_54-default-3-2.1 is installed
  • OR kgraft-patch-3_12_60-52_54-xen-3-2.1 is installed
  • OR kgraft-patch-SLE12_Update_15-3-2.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • libarchive-3.1.2-25 is installed
  • OR libarchive13-3.1.2-25 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND Package Information
  • xorg-x11-libXext-devel-7.4-1.18.2 is installed
  • OR xorg-x11-libXext-devel-32bit-7.4-1.18.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • libopenssl-devel-0.9.8j-0.80.1 is installed
  • OR openssl-0.9.8j-0.80.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND apache2-devel-2.4.16-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-33 is installed
  • OR ImageMagick-devel-6.8.8.1-33 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-33 is installed
  • OR libMagick++-devel-6.8.8.1-33 is installed
  • OR perl-PerlMagick-6.8.8.1-33 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND apache2-devel-2.4.23-28 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 is installed
  • AND Package Information
  • finch-2.10.9-8.1 is installed
  • OR libpurple-2.10.9-8.1 is installed
  • OR libpurple-lang-2.10.9-8.1 is installed
  • OR libpurple-meanwhile-2.10.9-8.1 is installed
  • OR libpurple-tcl-2.10.9-8.1 is installed
  • OR pidgin-2.10.9-8.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.25 is installed
  • OR kernel-default-extra-4.12.14-25.25 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • bluez-5.48-5.16 is installed
  • OR bluez-cups-5.48-5.16 is installed
  • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • irssi-0.8.20-9 is installed
  • OR irssi-devel-0.8.20-9 is installed
  • BACK