Oval Definition:	oval:org.opensuse.security:def:50471
Revision Date: 2020-12-01 Version: 1 Title: Security update for libseccomp (Moderate) Description: This update for libseccomp fixes the following issues: Security issues fixed: - CVE-2019-9893: An incorrect generation of syscall filters in libseccomp was fixed (bsc#1128828) libseccomp was updated to new upstream release 2.4.1: - Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. libseccomp was updated to 2.4.0 (bsc#1128828 CVE-2019-9893): - Update the syscall table for Linux v5.0-rc5 - Added support for the SCMP_ACT_KILL_PROCESS action - Added support for the SCMP_ACT_LOG action and SCMP_FLTATR_CTL_LOG attribute - Added explicit 32-bit (SCMP_AX_32(...)) and 64-bit (SCMP_AX_64(...)) argument comparison macros to help protect against unexpected sign extension - Added support for the parisc and parisc64 architectures - Added the ability to query and set the libseccomp API level via seccomp_api_get(3) and seccomp_api_set(3) - Return -EDOM on an endian mismatch when adding an architecture to a filter - Renumber the pseudo syscall number for subpage_prot() so it no longer conflicts with spu_run() - Fix PFC generation when a syscall is prioritized, but no rule exists - Numerous fixes to the seccomp-bpf filter generation code - Switch our internal hashing function to jhash/Lookup3 to MurmurHash3 - Numerous tests added to the included test suite, coverage now at ~92% - Update our Travis CI configuration to use Ubuntu 16.04 - Numerous documentation fixes and updates libseccomp was updated to release 2.3.3: - Updated the syscall table for Linux v4.15-rc7 Family: unix Class: patch Status: Reference(s): 1081947 1082293 1082318 1083689 1085196 1092187 1099465 1100352 1103320 1105606 1106214 1106279 1108674 1109609 1117025 1120189 1121197 1121563 1122000 1122417 1123333 1123727 1123892 1124153 1125352 1125886 1128106 1128828 1129715 1131233 1131237 1131239 1131241 1131245 1132091 1132385 1133031 1133191 1134883 1135210 1135280 1135534 1135708 1135902 1136446 1136540 1136778 1136935 1137526 1137597 1137792 1138534 1138614 1140402 1142614 1143794 1144087 1144797 1154036 1154037 1154064 1165548 1168554 1169679 1169748 1171252 1171254 1171441 1171443 1171444 1171445 1171446 1171447 1171474 1172177 1172182 1172184 1172186 1172405 1173247 1173351 1173605 1174200 353876 991201 CVE-2016-5416 CVE-2018-1000656 CVE-2018-1054 CVE-2018-10871 CVE-2018-1089 CVE-2018-10935 CVE-2018-13301 CVE-2018-14638 CVE-2018-14648 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 CVE-2019-11023 CVE-2019-11085 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-11707 CVE-2019-12155 CVE-2019-12730 CVE-2019-13164 CVE-2019-14378 CVE-2019-16770 CVE-2019-17542 CVE-2019-17594 CVE-2019-17595 CVE-2019-3846 CVE-2019-3883 CVE-2019-5008 CVE-2019-5418 CVE-2019-5419 CVE-2019-5420 CVE-2019-6454 CVE-2019-9718 CVE-2019-9893 CVE-2020-11017 CVE-2020-11018 CVE-2020-11019 CVE-2020-11038 CVE-2020-11039 CVE-2020-11040 CVE-2020-11041 CVE-2020-11043 CVE-2020-11076 CVE-2020-11077 CVE-2020-11085 CVE-2020-11086 CVE-2020-11087 CVE-2020-11088 CVE-2020-11089 CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526 CVE-2020-12653 CVE-2020-12654 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 CVE-2020-15169 CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-5247 CVE-2020-5249 CVE-2020-5267 CVE-2020-8022 CVE-2020-8164 CVE-2020-8165 CVE-2020-8166 CVE-2020-8167 CVE-2020-8184 CVE-2020-8185 SUSE-SU-2019:0426-1 SUSE-SU-2019:0657-1 SUSE-SU-2019:0873-1 SUSE-SU-2019:1267-2 SUSE-SU-2019:1629-1 SUSE-SU-2019:2155-1 SUSE-SU-2019:2192-1 SUSE-SU-2019:2392-1 SUSE-SU-2019:2517-1 SUSE-SU-2019:2997-1 SUSE-SU-2019:3184-1 SUSE-SU-2020:3036-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.491-0.11 is installed OR flash-player-gnome-11.2.202.491-0.11 is installed OR flash-player-kde4-11.2.202.491-0.11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information grub2-2.00-0.54 is installed OR grub2-x86_64-efi-2.00-0.54 is installed OR grub2-x86_64-xen-2.00-0.54 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libltdl7-2.4.2-14 is installed OR libltdl7-32bit-2.4.2-14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information cups-1.7.5-9 is installed OR cups-client-1.7.5-9 is installed OR cups-libs-1.7.5-9 is installed OR cups-libs-32bit-1.7.5-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information at-3.1.14-7 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND kdump-0.8.16-9 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libseccomp-2.4.1-3.3 is installed OR libseccomp-devel-2.4.1-3.3 is installed OR libseccomp2-2.4.1-3.3 is installed OR libseccomp2-32bit-2.4.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information libncurses5-6.1-5.6 is installed OR libncurses5-32bit-6.1-5.6 is installed OR ncurses-6.1-5.6 is installed OR ncurses5-devel-6.1-5.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_6-default-9-2 is installed OR kernel-livepatch-SLE15_Update_2-9-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_29-default-4-2 is installed OR kernel-livepatch-SLE15-SP1_Update_8-4-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information python-Flask-0.12.4-3.3 is installed OR python2-Flask-0.12.4-3.3 is installed OR python2-Flask-doc-0.12.4-3.3 is installed OR python3-Flask-doc-0.12.4-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information graphviz-addons-2.40.1-6.3 is installed OR graphviz-doc-2.40.1-6.3 is installed OR graphviz-gnome-2.40.1-6.3 is installed OR graphviz-guile-2.40.1-6.3 is installed OR graphviz-gvedit-2.40.1-6.3 is installed OR graphviz-java-2.40.1-6.3 is installed OR graphviz-lua-2.40.1-6.3 is installed OR graphviz-php-2.40.1-6.3 is installed OR graphviz-ruby-2.40.1-6.3 is installed OR graphviz-smyrna-2.40.1-6.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information freerdp-2.1.2-15.7 is installed OR freerdp-server-2.1.2-15.7 is installed OR freerdp-wayland-2.1.2-15.7 is installed OR libuwac0-0-2.1.2-15.7 is installed OR uwac0-0-devel-2.1.2-15.7 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed AND Package Information rmt-server-2.6.5-3.3 is installed OR rmt-server-pubcloud-2.6.5-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information apache2-2.4.33-3.15 is installed OR apache2-devel-2.4.33-3.15 is installed OR apache2-doc-2.4.33-3.15 is installed OR apache2-prefork-2.4.33-3.15 is installed OR apache2-utils-2.4.33-3.15 is installed OR apache2-worker-2.4.33-3.15 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information 389-ds-1.4.0.26~git0.8a2d3de6f-4.14 is installed OR 389-ds-devel-1.4.0.26~git0.8a2d3de6f-4.14 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.35-4.35 is installed OR tomcat-admin-webapps-9.0.35-4.35 is installed OR tomcat-el-3_0-api-9.0.35-4.35 is installed OR tomcat-jsp-2_3-api-9.0.35-4.35 is installed OR tomcat-lib-9.0.35-4.35 is installed OR tomcat-servlet-4_0-api-9.0.35-4.35 is installed OR tomcat-webapps-9.0.35-4.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND perl-LWP-Protocol-https-6.04-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_40-default-3-2 is installed OR kgraft-patch-3_12_74-60_64_40-xen-3-2 is installed OR kgraft-patch-SLE12-SP1_Update_15-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information coreutils-8.25-12 is installed OR coreutils-lang-8.25-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_45-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_14-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXp6-1.0.2-3 is installed OR libXp6-32bit-1.0.2-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND log4j-1.2.15-126.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.10-3.38 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.10-3.38 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.10-3.38 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.10-3.38 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libldap-2_4-2-2.4.46-9.28 is installed OR libldap-2_4-2-32bit-2.4.46-9.28 is installed OR libldap-data-2.4.46-9.28 is installed OR openldap2-2.4.46-9.28 is installed OR openldap2-back-meta-2.4.46-9.28 is installed OR openldap2-back-perl-2.4.46-9.28 is installed OR openldap2-client-2.4.46-9.28 is installed OR openldap2-devel-2.4.46-9.28 is installed OR openldap2-devel-32bit-2.4.46-9.28 is installed OR openldap2-devel-static-2.4.46-9.28 is installed OR openldap2-ppolicy-check-password-1.2-9.28 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information bluez-5.48-5.16 is installed OR bluez-cups-5.48-5.16 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information evolution-3.26.6-4.3 is installed OR evolution-devel-3.26.6-4.3 is installed OR evolution-lang-3.26.6-4.3 is installed OR evolution-plugin-bogofilter-3.26.6-4.3 is installed OR evolution-plugin-pst-import-3.26.6-4.3 is installed OR evolution-plugin-spamassassin-3.26.6-4.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information libEMF-1.0.7-3.3 is installed OR libEMF1-1.0.7-3.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-dashboard-8.0.2~a0~dev7-2 is installed OR python-horizon-8.0.2~a0~dev7-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND nodejs6-6.14.3-11.15 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND ansible-2.4.6.0-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-sprockets-2_12-2.12.5-1.4 is installed OR rubygem-sprockets-2_12-2.12.5-1.4 is installed
BACK