OVAL Reference oval:org.opensuse.security:def:52693

Oval Definition:

oval:org.opensuse.security:def:52693

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important)
Description:	This update for the Linux Kernel 4.12.14-25_3 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424). This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747).
Family:	unix	Class:	patch
Status:		Reference(s):	1136446 1137597 1140747 1171252 1171254 914333 937212 937492 937752 CVE-2007-4129 CVE-2007-5970 CVE-2008-7247 CVE-2009-1885 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 CVE-2010-1163 CVE-2010-1646 CVE-2010-2494 CVE-2011-0010 CVE-2012-2337 CVE-2012-2737 CVE-2012-5468 CVE-2013-1775 CVE-2013-1776 CVE-2013-1976 CVE-2013-1981 CVE-2013-1997 CVE-2013-2004 CVE-2014-1932 CVE-2014-4607 CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-9636 CVE-2014-9913 CVE-2015-0252 CVE-2015-0287 CVE-2015-0310 CVE-2015-5122 CVE-2015-5123 CVE-2015-7696 CVE-2015-7697 CVE-2016-9844 CVE-2017-2626 CVE-2018-1000035 CVE-2019-11477 CVE-2019-11478 CVE-2019-3846 CVE-2020-12653 CVE-2020-12654 SUSE-SU-2015:1255-1 SUSE-SU-2015:1410-1 SUSE-SU-2019:1882-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gegl-0_3-0.3.34-lp150.1 is installed OR gegl-0_3-lang-0.3.34-lp150.1 is installed OR libgegl-0_3-0-0.3.34-lp150.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information acroread-9.5.5-0.5.5 is installed OR acroread-cmaps-9.4.6-0.4.5 is installed OR acroread-fonts-ja-9.4.6-0.4.5 is installed OR acroread-fonts-ko-9.4.6-0.4.5 is installed OR acroread-fonts-zh_CN-9.4.6-0.4.5 is installed OR acroread-fonts-zh_TW-9.4.6-0.4.5 is installed OR acroread_ja-9.4.2-0.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information java-1_7_0-openjdk-1.7.0.85-0.11 is installed OR java-1_7_0-openjdk-demo-1.7.0.85-0.11 is installed OR java-1_7_0-openjdk-devel-1.7.0.85-0.11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information krb5-1.6.3-133.49.68 is installed OR krb5-32bit-1.6.3-133.49.68 is installed OR krb5-client-1.6.3-133.49.68 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libmysqlclient18-10.0.11-6 is installed OR libmysqlclient18-32bit-10.0.11-6 is installed OR libmysqlclient_r18-10.0.11-6 is installed OR libmysqlclient_r18-32bit-10.0.11-6 is installed OR mariadb-10.0.11-6 is installed OR mariadb-client-10.0.11-6 is installed OR mariadb-errormessages-10.0.11-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND bogofilter-1.2.4-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND coolkey-1.1.0-147 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libICE6-1.0.8-12 is installed OR libICE6-32bit-1.0.8-12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-11-2 is installed OR kernel-livepatch-SLE15_Update_1-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_48-default-10-2 is installed OR kgraft-patch-3_12_74-60_64_48-xen-10-2 is installed OR kgraft-patch-SLE12-SP1_Update_17-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libqt4-4.8.6-7 is installed OR libqt4-32bit-4.8.6-7 is installed OR libqt4-qt3support-4.8.6-7 is installed OR libqt4-qt3support-32bit-4.8.6-7 is installed OR libqt4-sql-4.8.6-7 is installed OR libqt4-sql-32bit-4.8.6-7 is installed OR libqt4-sql-mysql-4.8.6-7 is installed OR libqt4-sql-sqlite-4.8.6-7 is installed OR libqt4-x11-4.8.6-7 is installed OR libqt4-x11-32bit-4.8.6-7 is installed OR qt4-x11-tools-4.8.6-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.4.0esr-109.55 is installed OR MozillaFirefox-devel-60.4.0esr-109.55 is installed OR MozillaFirefox-translations-common-60.4.0esr-109.55 is installed OR libfreebl3-3.40.1-58.18 is installed OR libfreebl3-32bit-3.40.1-58.18 is installed OR libsoftokn3-3.40.1-58.18 is installed OR libsoftokn3-32bit-3.40.1-58.18 is installed OR mozilla-nspr-4.20-19.6 is installed OR mozilla-nspr-32bit-4.20-19.6 is installed OR mozilla-nss-3.40.1-58.18 is installed OR mozilla-nss-32bit-3.40.1-58.18 is installed OR mozilla-nss-certs-3.40.1-58.18 is installed OR mozilla-nss-certs-32bit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-32bit-3.40.1-58.18 is installed OR mozilla-nss-tools-3.40.1-58.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_109-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_29-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-9-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-9-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND ant-1.9.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.5-30.63 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.5-30.63 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.5-30.63 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.5-30.63 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libtiff5-4.0.9-44.21 is installed OR libtiff5-32bit-4.0.9-44.21 is installed OR tiff-4.0.9-44.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information accountsservice-0.6.42-16.3 is installed OR accountsservice-lang-0.6.42-16.3 is installed OR libaccountsservice0-0.6.42-16.3 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information libspice-server1-0.12.5-10 is installed OR spice-0.12.5-10 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information MozillaFirefox-60.6.1esr-109.63 is installed OR MozillaFirefox-devel-60.6.1esr-109.63 is installed OR MozillaFirefox-translations-common-60.6.1esr-109.63 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND permissions-2015.09.28.1626-17.20 is installed

BACK