Oval Definition:	oval:org.opensuse.security:def:53362
Revision Date: 2020-12-01 Version: 1 Title: Security update for grub2 (Important) Description: This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 (bsc#1168994) - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) - Fix for CVE-2020-15706 (bsc#1174463) - Fix for CVE-2020-15707 (bsc#1174570) - Use overflow checking primitives where the arithmetic expression for buffer - Use grub_calloc for overflow check and return NULL when it would occur Family: unix Class: patch Status: Reference(s): 1001900 1004924 1005274 1009026 1010201 1010395 1010401 1010402 1010404 1010410 1010422 1010427 1010517 1012382 1012829 1017461 1020645 1021424 1022595 1022600 1022914 1024412 1025461 1027301 1028971 1030061 1031717 1034048 1037890 1046107 1046856 1050060 1050231 1050469 1053919 1055567 1056003 1056365 1056427 1056979 1057199 1058135 1059863 1060333 1060682 1060985 1061451 1061756 1062520 1062941 1062962 1063026 1063460 1063475 1063501 1063509 1063516 1063520 1063695 1064206 1064701 1064926 1065180 1065600 1065639 1065692 1065717 1065866 1066045 1066192 1066213 1066223 1066285 1066382 1066470 1066471 1066472 1066573 1066606 1066629 1067105 1067132 1067494 1067888 1068671 1068978 1068980 1068982 1069270 1069793 1069942 1069996 1070006 1070145 1070535 1070767 1070771 1070805 1070825 1070964 1071231 1071693 1071694 1071695 1071833 1162117 1166844 1166916 1168994 1172442 1172443 1173812 1174463 1174570 898572 901715 924312 935856 937766 945582 955210 963575 964944 966170 966172 966186 966191 966316 966318 969474 969475 969476 969477 971975 974590 979928 989261 992549 996376 CVE-2009-2666 CVE-2010-1163 CVE-2010-1167 CVE-2010-1646 CVE-2011-0010 CVE-2011-0020 CVE-2011-0064 CVE-2011-1947 CVE-2011-3177 CVE-2011-3389 CVE-2012-2337 CVE-2012-3482 CVE-2013-1752 CVE-2013-1753 CVE-2013-1775 CVE-2013-1776 CVE-2013-1982 CVE-2014-1829 CVE-2014-1830 CVE-2014-4650 CVE-2014-7185 CVE-2014-9680 CVE-2015-2296 CVE-2015-4000 CVE-2015-6908 CVE-2015-8370 CVE-2016-5285 CVE-2016-5290 CVE-2016-5291 CVE-2016-5296 CVE-2016-5297 CVE-2016-6911 CVE-2016-7032 CVE-2016-7076 CVE-2016-7568 CVE-2016-8670 CVE-2016-9064 CVE-2016-9066 CVE-2016-9074 CVE-2017-1000083 CVE-2017-1000367 CVE-2017-1000368 CVE-2017-1000410 CVE-2017-11600 CVE-2017-12193 CVE-2017-15115 CVE-2017-15265 CVE-2017-16528 CVE-2017-16536 CVE-2017-16537 CVE-2017-16645 CVE-2017-16646 CVE-2017-16994 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-7482 CVE-2017-8824 CVE-2020-10531 CVE-2020-10713 CVE-2020-11080 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-15706 CVE-2020-15707 CVE-2020-7598 CVE-2020-8174 SUSE-SU-2015:1344-1 SUSE-SU-2016:0224-1 SUSE-SU-2016:2668-1 SUSE-SU-2016:3014-1 SUSE-SU-2017:3062-1 SUSE-SU-2017:3410-1 SUSE-SU-2017:3428-1 SUSE-SU-2020:1568-1 SUSE-SU-2020:2074-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information coreutils-8.29-lp150.2 is installed OR coreutils-lang-8.29-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information evince-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-devel-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-lang-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-comicsdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-djvudocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-dvidocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-pdfdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-psdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-tiffdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-xpsdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR libevdocument3-4-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR libevview3-3-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR nautilus-evince-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR typelib-1_0-EvinceDocument-3_0-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR typelib-1_0-EvinceView-3_0-3.26.0+20180128.1bd86963-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.10-0.3 is installed OR MozillaFirefox-translations-10.0.10-0.3 is installed OR mozilla-nspr-4.9.3-0.2 is installed OR mozilla-nspr-32bit-4.9.3-0.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information emacs-22.3-4.42 is installed OR emacs-info-22.3-4.42 is installed OR emacs-x11-22.3-4.42 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND lxc-0.8.0-0.25 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libpython2_7-1_0-2.7.9-14 is installed OR libpython2_7-1_0-32bit-2.7.9-14 is installed OR python-2.7.9-14 is installed OR python-base-2.7.9-14 is installed OR python-curses-2.7.9-14 is installed OR python-devel-2.7.9-14 is installed OR python-tk-2.7.9-14 is installed OR python-xml-2.7.9-14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information gd-2.1.0-17 is installed OR gd-32bit-2.1.0-17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND yast2-3.1.206-37.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information grub2-2.02-2 is installed OR grub2-i386-pc-2.02-2 is installed OR grub2-snapper-plugin-2.02-2 is installed OR grub2-systemd-sleep-plugin-2.02-2 is installed OR grub2-x86_64-efi-2.02-2 is installed OR grub2-x86_64-xen-2.02-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND fetchmail-6.3.26-12 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information grub2-2.04-9.7 is installed OR grub2-x86_64-xen-2.04-9.7 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs10-10.21.0-1.21 is installed OR nodejs10-devel-10.21.0-1.21 is installed OR nodejs10-docs-10.21.0-1.21 is installed OR npm10-10.21.0-1.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR avahi-utils-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-devel-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information pam_krb5-2.4.4-4 is installed OR pam_krb5-32bit-2.4.4-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information krb5-appl-1.0.3-3.3 is installed OR krb5-appl-clients-1.0.3-3.3 is installed OR krb5-appl-servers-1.0.3-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information guestfs-data-1.32.4-19 is installed OR guestfs-tools-1.32.4-19 is installed OR guestfsd-1.32.4-19 is installed OR libguestfs0-1.32.4-19 is installed OR perl-Sys-Guestfs-1.32.4-19 is installed OR python-libguestfs-1.32.4-19 is installed OR virt-p2v-1.32.4-19 is installed OR virt-v2v-1.32.4-19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libX11-1.6.2-12.5 is installed OR libX11-6-1.6.2-12.5 is installed OR libX11-6-32bit-1.6.2-12.5 is installed OR libX11-data-1.6.2-12.5 is installed OR libX11-xcb1-1.6.2-12.5 is installed OR libX11-xcb1-32bit-1.6.2-12.5 is installed OR libxcb-1.10-4.3 is installed OR libxcb-dri2-0-1.10-4.3 is installed OR libxcb-dri2-0-32bit-1.10-4.3 is installed OR libxcb-dri3-0-1.10-4.3 is installed OR libxcb-dri3-0-32bit-1.10-4.3 is installed OR libxcb-glx0-1.10-4.3 is installed OR libxcb-glx0-32bit-1.10-4.3 is installed OR libxcb-present0-1.10-4.3 is installed OR libxcb-present0-32bit-1.10-4.3 is installed OR libxcb-randr0-1.10-4.3 is installed OR libxcb-render0-1.10-4.3 is installed OR libxcb-render0-32bit-1.10-4.3 is installed OR libxcb-shape0-1.10-4.3 is installed OR libxcb-shm0-1.10-4.3 is installed OR libxcb-shm0-32bit-1.10-4.3 is installed OR libxcb-sync1-1.10-4.3 is installed OR libxcb-sync1-32bit-1.10-4.3 is installed OR libxcb-xf86dri0-1.10-4.3 is installed OR libxcb-xfixes0-1.10-4.3 is installed OR libxcb-xfixes0-32bit-1.10-4.3 is installed OR libxcb-xinerama0-1.10-4.3 is installed OR libxcb-xkb1-1.10-4.3 is installed OR libxcb-xkb1-32bit-1.10-4.3 is installed OR libxcb-xv0-1.10-4.3 is installed OR libxcb1-1.10-4.3 is installed OR libxcb1-32bit-1.10-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND clamav-0.100.2-33.18 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ucode-intel-20180425-13.20 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND shadow-4.2.1-27.9 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.113 is installed OR kernel-default-base-4.4.180-94.113 is installed OR kernel-default-devel-4.4.180-94.113 is installed OR kernel-default-kgraft-4.4.180-94.113 is installed OR kernel-devel-4.4.180-94.113 is installed OR kernel-macros-4.4.180-94.113 is installed OR kernel-source-4.4.180-94.113 is installed OR kernel-syms-4.4.180-94.113 is installed OR kgraft-patch-4_4_180-94_113-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_30-1-4.5 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.29-3.22 is installed OR mariadb-galera-10.2.29-3.22 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed
BACK