Oval Definition:oval:org.opensuse.security:def:50721
Revision Date:2020-12-01Version:1
Title:Security update for spectre-meltdown-checker (Moderate)
Description:

This update for spectre-meltdown-checker fixes the following issues:

- feat: implement TAA detection (CVE-2019-11135 bsc#1139073) - feat: implement MCEPSC / iTLB Multihit detection (CVE-2018-12207 bsc#1117665) - feat: taa: add TSX_CTRL MSR detection in hardware info - feat: fwdb: use both Intel GitHub repo and MCEdb to build our firmware version database - feat: use --live with --kernel/--config/--map to override file detection in live mode - enh: rework the vuln logic of MDS with --paranoid (fixes #307) - enh: explain that Enhanced IBRS is better for performance than classic IBRS - enh: kernel: autodetect customized arch kernels from cmdline - enh: kernel decompression: better tolerance against missing tools - enh: mock: implement reading from /proc/cmdline - fix: variant3a: Silvermont CPUs are not vulnerable to variant 3a - fix: lockdown: detect Red Hat locked down kernels (impacts MSR writes) - fix: lockdown: detect locked down mode in vanilla 5.4+ kernels - fix: sgx: on locked down kernels, fallback to CPUID bit for detection - fix: fwdb: builtin version takes precedence if the local cached version is older - fix: pteinv: don't check kernel image if not available - fix: silence useless error from grep (fixes #322) - fix: msr: fix msr module detection under Ubuntu 19.10 (fixes #316) - fix: mocking value for read_msr - chore: rename mcedb cmdline parameters to fwdb, and change db version scheme - chore: fwdb: update to v130.20191104+i20191027 - chore: add GitHub check workflow
Family:unixClass:patch
Status:Reference(s):1055186
1065600
1065729
1094244
1096180
1100369
1107832
1109160
1110233
1112178
1113956
1117665
1118367
1118368
1128220
1133035
1139073
1153108
1154366
1156205
1156317
1157051
1157652
1157770
1158328
1160903
1160905
1161168
1164692
1164825
1164860
1167527
1168468
1168994
1169972
1170667
1170713
1171313
1171437
1171675
1171688
1171740
1171742
1171883
1172307
1172958
1173115
1173159
1173160
1173161
1173307
1173311
1173359
1173983
1174415
1174538
1174899
1175228
1175443
1175626
1175656
1175749
1175882
1176011
1176022
1176038
1176092
1176235
1176242
1176278
1176316
1176317
1176318
1176319
1176320
1176321
1176381
1176395
1176410
1176423
1176482
1176507
1176536
1176544
1176545
1176546
1176548
1176659
1176674
1176698
1176699
1176700
1176721
1176722
1176725
1176732
1176788
1176789
1176869
1176877
1176935
1176950
1176962
1176966
1176990
1177027
1177030
1177041
1177042
1177043
1177044
1177121
1177206
1177258
1177291
1177293
1177294
1177295
1177296
906079
CVE-2017-3136
CVE-2018-11439
CVE-2018-12207
CVE-2018-14633
CVE-2018-17182
CVE-2018-5741
CVE-2019-10220
CVE-2019-11135
CVE-2019-11745
CVE-2019-13722
CVE-2019-15239
CVE-2019-17005
CVE-2019-17008
CVE-2019-17009
CVE-2019-17010
CVE-2019-17011
CVE-2019-17012
CVE-2019-17569
CVE-2019-18902
CVE-2019-3902
CVE-2019-6477
CVE-2020-0404
CVE-2020-0427
CVE-2020-0431
CVE-2020-0432
CVE-2020-10713
CVE-2020-10730
CVE-2020-10745
CVE-2020-10760
CVE-2020-14303
CVE-2020-14381
CVE-2020-14390
CVE-2020-15652
CVE-2020-15653
CVE-2020-15654
CVE-2020-15655
CVE-2020-15656
CVE-2020-15657
CVE-2020-15658
CVE-2020-15659
CVE-2020-15900
CVE-2020-15900
CVE-2020-1935
CVE-2020-1938
CVE-2020-25212
CVE-2020-25284
CVE-2020-25641
CVE-2020-25643
CVE-2020-26088
CVE-2020-6463
CVE-2020-6514
CVE-2020-7216
CVE-2020-8616
CVE-2020-8617
CVE-2020-8618
CVE-2020-8619
CVE-2020-8620
CVE-2020-8621
CVE-2020-8622
CVE-2020-8623
CVE-2020-8624
SUSE-SU-2019:3337-1
SUSE-SU-2019:3348-1
SUSE-SU-2020:0263-1
SUSE-SU-2020:0631-1
SUSE-SU-2020:1860-1
SUSE-SU-2020:1913-1
SUSE-SU-2020:2095-1
SUSE-SU-2020:2914-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • acroread-9.5.5-0.5.5 is installed
  • OR acroread-cmaps-9.4.6-0.4.5 is installed
  • OR acroread-fonts-ja-9.4.6-0.4.5 is installed
  • OR acroread-fonts-ko-9.4.6-0.4.5 is installed
  • OR acroread-fonts-zh_CN-9.4.6-0.4.5 is installed
  • OR acroread-fonts-zh_TW-9.4.6-0.4.5 is installed
  • OR acroread_ja-9.4.2-0.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • krb5-1.6.3-133.49.106 is installed
  • OR krb5-32bit-1.6.3-133.49.106 is installed
  • OR krb5-client-1.6.3-133.49.106 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND libmodplug1-0.8.8.4-13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-9 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • at-3.1.14-7 is installed
  • OR libQtWebKit4-4.8.6+2.3.3-3 is installed
  • OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed
  • OR libbonobo-2.32.1-16 is installed
  • OR libbonobo-32bit-2.32.1-16 is installed
  • OR libbonobo-lang-2.32.1-16 is installed
  • OR libkde4-4.12.0-7 is installed
  • OR libkde4-32bit-4.12.0-7 is installed
  • OR libkdecore4-4.12.0-7 is installed
  • OR libkdecore4-32bit-4.12.0-7 is installed
  • OR libksuseinstall1-4.12.0-7 is installed
  • OR libksuseinstall1-32bit-4.12.0-7 is installed
  • OR libnetpbm11-10.66.3-4 is installed
  • OR libnetpbm11-32bit-10.66.3-4 is installed
  • OR netpbm-10.66.3-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • gstreamer-plugins-base-1.8.3-12 is installed
  • OR gstreamer-plugins-base-lang-1.8.3-12 is installed
  • OR libgstallocators-1_0-0-1.8.3-12 is installed
  • OR libgstapp-1_0-0-1.8.3-12 is installed
  • OR libgstapp-1_0-0-32bit-1.8.3-12 is installed
  • OR libgstaudio-1_0-0-1.8.3-12 is installed
  • OR libgstaudio-1_0-0-32bit-1.8.3-12 is installed
  • OR libgstfft-1_0-0-1.8.3-12 is installed
  • OR libgstfft-1_0-0-32bit-1.8.3-12 is installed
  • OR libgstpbutils-1_0-0-1.8.3-12 is installed
  • OR libgstpbutils-1_0-0-32bit-1.8.3-12 is installed
  • OR libgstriff-1_0-0-1.8.3-12 is installed
  • OR libgstrtp-1_0-0-1.8.3-12 is installed
  • OR libgstrtsp-1_0-0-1.8.3-12 is installed
  • OR libgstsdp-1_0-0-1.8.3-12 is installed
  • OR libgsttag-1_0-0-1.8.3-12 is installed
  • OR libgsttag-1_0-0-32bit-1.8.3-12 is installed
  • OR libgstvideo-1_0-0-1.8.3-12 is installed
  • OR libgstvideo-1_0-0-32bit-1.8.3-12 is installed
  • OR typelib-1_0-GstAudio-1_0-1.8.3-12 is installed
  • OR typelib-1_0-GstPbutils-1_0-1.8.3-12 is installed
  • OR typelib-1_0-GstTag-1_0-1.8.3-12 is installed
  • OR typelib-1_0-GstVideo-1_0-1.8.3-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • cups-pk-helper-0.2.5-5 is installed
  • OR cups-pk-helper-lang-0.2.5-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND taglib-1.11.1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND spectre-meltdown-checker-0.43-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_16-default-3-2 is installed
  • OR kernel-livepatch-SLE15_Update_4-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_15-default-4-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_4-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-68.3.0-3.62 is installed
  • OR MozillaFirefox-branding-upstream-68.3.0-3.62 is installed
  • OR MozillaFirefox-buildsymbols-68.3.0-3.62 is installed
  • OR MozillaFirefox-devel-68.3.0-3.62 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • MozillaFirefox-78.1.0-3.100 is installed
  • OR MozillaFirefox-branding-upstream-78.1.0-3.100 is installed
  • OR MozillaFirefox-buildsymbols-78.1.0-3.100 is installed
  • OR MozillaFirefox-devel-78.1.0-3.100 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
  • AND Package Information
  • libsamba-policy0-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR samba-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR samba-ad-dc-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR samba-dsdb-modules-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR samba-libs-python-4.9.5+git.343.4bc358522a9-3.38 is installed
  • OR samba-python-4.9.5+git.343.4bc358522a9-3.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • bind-9.16.6-12.32 is installed
  • OR bind-chrootenv-9.16.6-12.32 is installed
  • OR bind-doc-9.16.6-12.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • fetchmail-6.3.26-5 is installed
  • OR fetchmailconf-6.3.26-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • ctdb-4.2.4-28.24 is installed
  • OR libdcerpc-binding0-4.2.4-28.24 is installed
  • OR libdcerpc-binding0-32bit-4.2.4-28.24 is installed
  • OR libdcerpc0-4.2.4-28.24 is installed
  • OR libdcerpc0-32bit-4.2.4-28.24 is installed
  • OR libgensec0-4.2.4-28.24 is installed
  • OR libgensec0-32bit-4.2.4-28.24 is installed
  • OR libndr-krb5pac0-4.2.4-28.24 is installed
  • OR libndr-krb5pac0-32bit-4.2.4-28.24 is installed
  • OR libndr-nbt0-4.2.4-28.24 is installed
  • OR libndr-nbt0-32bit-4.2.4-28.24 is installed
  • OR libndr-standard0-4.2.4-28.24 is installed
  • OR libndr-standard0-32bit-4.2.4-28.24 is installed
  • OR libndr0-4.2.4-28.24 is installed
  • OR libndr0-32bit-4.2.4-28.24 is installed
  • OR libnetapi0-4.2.4-28.24 is installed
  • OR libnetapi0-32bit-4.2.4-28.24 is installed
  • OR libregistry0-4.2.4-28.24 is installed
  • OR libsamba-credentials0-4.2.4-28.24 is installed
  • OR libsamba-credentials0-32bit-4.2.4-28.24 is installed
  • OR libsamba-hostconfig0-4.2.4-28.24 is installed
  • OR libsamba-hostconfig0-32bit-4.2.4-28.24 is installed
  • OR libsamba-passdb0-4.2.4-28.24 is installed
  • OR libsamba-passdb0-32bit-4.2.4-28.24 is installed
  • OR libsamba-util0-4.2.4-28.24 is installed
  • OR libsamba-util0-32bit-4.2.4-28.24 is installed
  • OR libsamdb0-4.2.4-28.24 is installed
  • OR libsamdb0-32bit-4.2.4-28.24 is installed
  • OR libsmbclient-raw0-4.2.4-28.24 is installed
  • OR libsmbclient-raw0-32bit-4.2.4-28.24 is installed
  • OR libsmbclient0-4.2.4-28.24 is installed
  • OR libsmbclient0-32bit-4.2.4-28.24 is installed
  • OR libsmbconf0-4.2.4-28.24 is installed
  • OR libsmbconf0-32bit-4.2.4-28.24 is installed
  • OR libsmbldap0-4.2.4-28.24 is installed
  • OR libsmbldap0-32bit-4.2.4-28.24 is installed
  • OR libtevent-util0-4.2.4-28.24 is installed
  • OR libtevent-util0-32bit-4.2.4-28.24 is installed
  • OR libwbclient0-4.2.4-28.24 is installed
  • OR libwbclient0-32bit-4.2.4-28.24 is installed
  • OR samba-4.2.4-28.24 is installed
  • OR samba-32bit-4.2.4-28.24 is installed
  • OR samba-client-4.2.4-28.24 is installed
  • OR samba-client-32bit-4.2.4-28.24 is installed
  • OR samba-doc-4.2.4-28.24 is installed
  • OR samba-libs-4.2.4-28.24 is installed
  • OR samba-libs-32bit-4.2.4-28.24 is installed
  • OR samba-winbind-4.2.4-28.24 is installed
  • OR samba-winbind-32bit-4.2.4-28.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • apache2-2.4.23-14 is installed
  • OR apache2-doc-2.4.23-14 is installed
  • OR apache2-example-pages-2.4.23-14 is installed
  • OR apache2-prefork-2.4.23-14 is installed
  • OR apache2-utils-2.4.23-14 is installed
  • OR apache2-worker-2.4.23-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20180703-13.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • eog-3.20.4-7 is installed
  • OR eog-lang-3.20.4-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libvirglrenderer0-0.5.0-12.3 is installed
  • OR virglrenderer-0.5.0-12.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.15 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed
  • OR sqlite3-3.8.10.2-9.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • openslp-2.0.0-18.17 is installed
  • OR openslp-32bit-2.0.0-18.17 is installed
  • OR openslp-server-2.0.0-18.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND libass5-0.10.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • ghostscript-9.52-3.32 is installed
  • OR ghostscript-devel-9.52-3.32 is installed
  • OR ghostscript-x11-9.52-3.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • nodejs8-8.17.0-3.28 is installed
  • OR nodejs8-devel-8.17.0-3.28 is installed
  • OR nodejs8-docs-8.17.0-3.28 is installed
  • OR npm8-8.17.0-3.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-150.38 is installed
  • OR kernel-default-extra-4.12.14-150.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • libraw-0.18.9-3.11 is installed
  • OR libraw-devel-0.18.9-3.11 is installed
  • OR libraw16-0.18.9-3.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • openconnect-7.08-6.9 is installed
  • OR openconnect-devel-7.08-6.9 is installed
  • OR openconnect-lang-7.08-6.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • bash-4.3-83.10 is installed
  • OR bash-doc-4.3-83.10 is installed
  • OR libreadline6-6.3-83.10 is installed
  • OR libreadline6-32bit-6.3-83.10 is installed
  • OR readline-doc-6.3-83.10 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libsolv-0.6.36-2.16 is installed
  • OR libsolv-tools-0.6.36-2.16 is installed
  • OR libzypp-16.20.0-2.39 is installed
  • OR perl-solv-0.6.36-2.16 is installed
  • OR python-solv-0.6.36-2.16 is installed
  • OR zypper-1.13.51-21.26 is installed
  • OR zypper-log-1.13.51-21.26 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.241-43.30 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed
    • BACK