Oval Definition:	oval:org.opensuse.security:def:53265
Revision Date: 2020-12-01 Version: 1 Title: Security update for libvirt (Important) Description: This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). - CVE-2019-10166: Fixed an issue with virDomainManagedSaveDefineXML which could have been used to alter the domain's config used for managedsave or execute arbitrary emulator binaries (bsc#1138302). - CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303). - CVE-2019-10168: Fixed an issue with virConnect*HypervisorCPU API which could have been used to execute arbitrary emulators (bsc#1138305). Family: unix Class: patch Status: Reference(s): 1013669 1020102 1027519 1035642 1037243 1042160 1042882 1042893 1042915 1042923 1042924 1042931 1042938 1048715 1138301 1138302 1138303 1138305 1177409 1177412 1177413 1177414 892431 906803 908128 911228 959277 963041 981049 981050 981061 982009 982010 982011 982012 982013 CVE-2006-7250 CVE-2008-5077 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-2285 CVE-2009-2347 CVE-2009-4492 CVE-2010-0541 CVE-2010-0740 CVE-2010-0742 CVE-2010-1633 CVE-2010-2065 CVE-2010-2067 CVE-2010-2074 CVE-2010-2233 CVE-2010-2939 CVE-2010-3864 CVE-2010-4665 CVE-2010-5298 CVE-2011-0014 CVE-2011-0192 CVE-2011-1004 CVE-2011-1005 CVE-2011-1167 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2011-4815 CVE-2012-0027 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-1173 CVE-2012-2110 CVE-2012-2113 CVE-2012-2686 CVE-2012-3401 CVE-2012-4564 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-1960 CVE-2013-1961 CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2013-4353 CVE-2013-4509 CVE-2013-6435 CVE-2013-6449 CVE-2013-6450 CVE-2013-7456 CVE-2014-0076 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-5139 CVE-2014-8118 CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-8275 CVE-2014-9645 CVE-2014-9655 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1547 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2015-3216 CVE-2015-4000 CVE-2015-7201 CVE-2015-7202 CVE-2015-7205 CVE-2015-7210 CVE-2015-7212 CVE-2015-7213 CVE-2015-7214 CVE-2015-7222 CVE-2015-7554 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8876 CVE-2015-8877 CVE-2015-8879 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-3186 CVE-2016-5093 CVE-2016-5094 CVE-2016-5095 CVE-2016-5096 CVE-2016-5314 CVE-2016-5316 CVE-2016-5317 CVE-2016-5320 CVE-2016-5875 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7052 CVE-2016-7055 CVE-2016-9811 CVE-2017-0381 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2017-3731 CVE-2017-3732 CVE-2017-8309 CVE-2017-9330 CVE-2017-9432 CVE-2019-10161 CVE-2019-10166 CVE-2019-10167 CVE-2019-10168 CVE-2020-27670 CVE-2020-27671 CVE-2020-27672 CVE-2020-27673 SUSE-SU-2015:2335-1 SUSE-SU-2016:1633-1 SUSE-SU-2017:0242-1 SUSE-SU-2017:0436-1 SUSE-SU-2017:1742-1 SUSE-SU-2017:2035-1 SUSE-SU-2019:1643-1 SUSE-SU-2020:3051-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND bubblewrap-0.2.0-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information docker-18.09.6_ce-lp151.2.6 is installed OR docker-bash-completion-18.09.6_ce-lp151.2.6 is installed OR docker-test-18.09.6_ce-lp151.2.6 is installed OR docker-zsh-completion-18.09.6_ce-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information icu-4.0-7.26 is installed OR libicu-4.0-7.26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.418-0.3 is installed OR flash-player-gnome-11.2.202.418-0.3 is installed OR flash-player-kde4-11.2.202.418-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information glibc-2.11.3-17.95 is installed OR glibc-32bit-2.11.3-17.95 is installed OR glibc-devel-2.11.3-17.95 is installed OR glibc-devel-32bit-2.11.3-17.95 is installed OR glibc-i18ndata-2.11.3-17.95 is installed OR glibc-locale-2.11.3-17.95 is installed OR glibc-locale-32bit-2.11.3-17.95 is installed OR nscd-2.11.3-17.95 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information MozillaFirefox-38.5.0esr-54 is installed OR MozillaFirefox-translations-38.5.0esr-54 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libopus0-1.1-3 is installed OR opus-1.1-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libtiff5-4.0.6-26 is installed OR libtiff5-32bit-4.0.6-26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND libstaroffice-0_0-0-0.0.5-7 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information libvirt-5.1.0-8.6 is installed OR libvirt-admin-5.1.0-8.6 is installed OR libvirt-bash-completion-5.1.0-8.6 is installed OR libvirt-client-5.1.0-8.6 is installed OR libvirt-daemon-5.1.0-8.6 is installed OR libvirt-daemon-config-network-5.1.0-8.6 is installed OR libvirt-daemon-config-nwfilter-5.1.0-8.6 is installed OR libvirt-daemon-driver-interface-5.1.0-8.6 is installed OR libvirt-daemon-driver-libxl-5.1.0-8.6 is installed OR libvirt-daemon-driver-lxc-5.1.0-8.6 is installed OR libvirt-daemon-driver-network-5.1.0-8.6 is installed OR libvirt-daemon-driver-nodedev-5.1.0-8.6 is installed OR libvirt-daemon-driver-nwfilter-5.1.0-8.6 is installed OR libvirt-daemon-driver-qemu-5.1.0-8.6 is installed OR libvirt-daemon-driver-secret-5.1.0-8.6 is installed OR libvirt-daemon-driver-storage-5.1.0-8.6 is installed OR libvirt-daemon-driver-storage-core-5.1.0-8.6 is installed OR libvirt-daemon-driver-storage-disk-5.1.0-8.6 is installed OR libvirt-daemon-driver-storage-iscsi-5.1.0-8.6 is installed OR libvirt-daemon-driver-storage-logical-5.1.0-8.6 is installed OR libvirt-daemon-driver-storage-mpath-5.1.0-8.6 is installed OR libvirt-daemon-driver-storage-rbd-5.1.0-8.6 is installed OR libvirt-daemon-driver-storage-scsi-5.1.0-8.6 is installed OR libvirt-daemon-hooks-5.1.0-8.6 is installed OR libvirt-daemon-lxc-5.1.0-8.6 is installed OR libvirt-daemon-qemu-5.1.0-8.6 is installed OR libvirt-daemon-xen-5.1.0-8.6 is installed OR libvirt-devel-5.1.0-8.6 is installed OR libvirt-doc-5.1.0-8.6 is installed OR libvirt-lock-sanlock-5.1.0-8.6 is installed OR libvirt-nss-5.1.0-8.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND iputils-s20121221-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xen-4.5.5_24-22.52 is installed OR xen-doc-html-4.5.5_24-22.52 is installed OR xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52 is installed OR xen-libs-4.5.5_24-22.52 is installed OR xen-libs-32bit-4.5.5_24-22.52 is installed OR xen-tools-4.5.5_24-22.52 is installed OR xen-tools-domU-4.5.5_24-22.52 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libgcrypt20-1.6.1-16.33 is installed OR libgcrypt20-32bit-1.6.1-16.33 is installed OR libgcrypt20-hmac-1.6.1-16.33 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information postgresql94-9.4.24-21.25 is installed OR postgresql94-contrib-9.4.24-21.25 is installed OR postgresql94-docs-9.4.24-21.25 is installed OR postgresql94-plperl-9.4.24-21.25 is installed OR postgresql94-plpython-9.4.24-21.25 is installed OR postgresql94-pltcl-9.4.24-21.25 is installed OR postgresql94-server-9.4.24-21.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.95 is installed OR kernel-default-base-4.4.121-92.95 is installed OR kernel-default-devel-4.4.121-92.95 is installed OR kernel-devel-4.4.121-92.95 is installed OR kernel-macros-4.4.121-92.95 is installed OR kernel-source-4.4.121-92.95 is installed OR kernel-syms-4.4.121-92.95 is installed OR lttng-modules-2.7.1-9.6 is installed OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-12-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information elfutils-0.158-6 is installed OR libasm1-0.158-6 is installed OR libasm1-32bit-0.158-6 is installed OR libdw1-0.158-6 is installed OR libdw1-32bit-0.158-6 is installed OR libebl1-0.158-6 is installed OR libebl1-32bit-0.158-6 is installed OR libelf1-0.158-6 is installed OR libelf1-32bit-0.158-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information rsyslog-8.24.0-3.7 is installed OR rsyslog-diag-tools-8.24.0-3.7 is installed OR rsyslog-doc-8.24.0-3.7 is installed OR rsyslog-module-gssapi-8.24.0-3.7 is installed OR rsyslog-module-gtls-8.24.0-3.7 is installed OR rsyslog-module-mysql-8.24.0-3.7 is installed OR rsyslog-module-pgsql-8.24.0-3.7 is installed OR rsyslog-module-relp-8.24.0-3.7 is installed OR rsyslog-module-snmp-8.24.0-3.7 is installed OR rsyslog-module-udpspoof-8.24.0-3.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND ctags-5.8-7 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-keystone-8.0.2~a0~dev8-1 is installed OR python-keystone-8.0.2~a0~dev8-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND couchdb-1.7.2-2.8 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND git-2.12.3-27.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
BACK