OVAL Reference oval:org.opensuse.security:def:53513

Oval Definition:

oval:org.opensuse.security:def:53513

Revision Date:	2020-12-01	Version:	1
Title:	Security update for grub2 (Important)
Description:	This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 (bsc#1168994) - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) - Fix for CVE-2020-15706 (bsc#1174463) - Fix for CVE-2020-15707 (bsc#1174570) - Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data - Use grub_calloc for overflow check and return NULL when it would occur - Use gcc-9 compiler for overflow check builtins - Backport gcc-9 build fixes
Family:	unix	Class:	patch
Status:		Reference(s):	1003577 1003579 1003580 1013882 1025258 1077724 1077725 1077978 1078431 1082877 1129991 1152763 1153921 1168994 1173812 1174463 1174570 918330 936476 974847 983671 984650 991012 991013 991015 991016 991017 991018 991019 991020 CVE-2006-7250 CVE-2008-5077 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2010-0740 CVE-2010-0742 CVE-2010-1633 CVE-2010-2939 CVE-2010-3864 CVE-2010-5298 CVE-2011-0014 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2673 CVE-2012-2686 CVE-2012-2737 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 CVE-2014-0076 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3230 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3567 CVE-2014-3568 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-5139 CVE-2014-8146 CVE-2014-8147 CVE-2014-8275 CVE-2014-9654 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1349 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1793 CVE-2015-1794 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2015-4620 CVE-2016-0701 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0800 CVE-2016-10163 CVE-2016-10214 CVE-2016-1372 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-3977 CVE-2016-5350 CVE-2016-5351 CVE-2016-5352 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5358 CVE-2016-5359 CVE-2016-6293 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-6504 CVE-2016-6505 CVE-2016-6506 CVE-2016-6507 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 CVE-2016-7052 CVE-2016-7055 CVE-2016-7056 CVE-2016-9427 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-14952 CVE-2017-15422 CVE-2017-17484 CVE-2017-17969 CVE-2017-18201 CVE-2017-2982 CVE-2017-2985 CVE-2017-2986 CVE-2017-2987 CVE-2017-2988 CVE-2017-2990 CVE-2017-2991 CVE-2017-2992 CVE-2017-2993 CVE-2017-2994 CVE-2017-2995 CVE-2017-2996 CVE-2017-3731 CVE-2017-3732 CVE-2017-3735 CVE-2017-3736 CVE-2017-3738 CVE-2017-5580 CVE-2017-5937 CVE-2017-5956 CVE-2017-5957 CVE-2017-5993 CVE-2017-5994 CVE-2017-6209 CVE-2017-6210 CVE-2017-6317 CVE-2017-6355 CVE-2017-6386 CVE-2017-7867 CVE-2017-7868 CVE-2018-0732 CVE-2018-0737 CVE-2018-0739 CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-5996 CVE-2019-3695 CVE-2019-3696 CVE-2020-10713 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-15706 CVE-2020-15707 SUSE-SU-2015:1204-1 SUSE-SU-2016:1140-1 SUSE-SU-2016:2453-1 SUSE-SU-2017:0003-1 SUSE-SU-2017:0523-1 SUSE-SU-2018:0464-1 SUSE-SU-2018:0673-1 SUSE-SU-2018:0697-1 SUSE-SU-2020:0357-1 SUSE-SU-2020:2073-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information accountsservice-0.6.45-lp150.2 is installed OR accountsservice-lang-0.6.45-lp150.2 is installed OR libaccountsservice0-0.6.45-lp150.2 is installed OR typelib-1_0-AccountsService-1_0-0.6.45-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information exim-4.88-lp151.4.3 is installed OR eximon-4.88-lp151.4.3 is installed OR eximstats-html-4.88-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.10esr-0.4.2 is installed OR MozillaFirefox-branding-SLED-7-0.6.9 is installed OR MozillaFirefox-translations-17.0.10esr-0.4.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information compat-wireless-kmp-default-3.13_3.0.101_0.31-0.9 is installed OR compat-wireless-kmp-pae-3.13_3.0.101_0.31-0.9 is installed OR compat-wireless-kmp-xen-3.13_3.0.101_0.31-0.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information kernel-default-3.0.101-71 is installed OR kernel-default-base-3.0.101-71 is installed OR kernel-default-devel-3.0.101-71 is installed OR kernel-default-extra-3.0.101-71 is installed OR kernel-pae-3.0.101-71 is installed OR kernel-pae-base-3.0.101-71 is installed OR kernel-pae-devel-3.0.101-71 is installed OR kernel-pae-extra-3.0.101-71 is installed OR kernel-source-3.0.101-71 is installed OR kernel-syms-3.0.101-71 is installed OR kernel-trace-3.0.101-71 is installed OR kernel-trace-devel-3.0.101-71 is installed OR kernel-xen-3.0.101-71 is installed OR kernel-xen-base-3.0.101-71 is installed OR kernel-xen-devel-3.0.101-71 is installed OR kernel-xen-extra-3.0.101-71 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information bind-9.9.6P1-18 is installed OR bind-libs-9.9.6P1-18 is installed OR bind-libs-32bit-9.9.6P1-18 is installed OR bind-utils-9.9.6P1-18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND wireshark-1.12.13-31 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libz1-1.2.8-11 is installed OR libz1-32bit-1.2.8-11 is installed OR zlib-1.2.8-11 is installed OR zlib-devel-1.2.8-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND libgc1-7.2d-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information accountsservice-0.6.42-16.3 is installed OR accountsservice-lang-0.6.42-16.3 is installed OR libaccountsservice0-0.6.42-16.3 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information accountsservice-0.6.35-3 is installed OR accountsservice-lang-0.6.35-3 is installed OR libaccountsservice0-0.6.35-3 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gnome-settings-daemon-3.20.1-40 is installed OR gnome-settings-daemon-lang-3.20.1-40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libzypp-16.17.20-27.52 is installed OR zypper-1.13.45-18.33 is installed OR zypper-log-1.13.45-18.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information qemu-2.6.2-41.40 is installed OR qemu-block-curl-2.6.2-41.40 is installed OR qemu-block-rbd-2.6.2-41.40 is installed OR qemu-block-ssh-2.6.2-41.40 is installed OR qemu-guest-agent-2.6.2-41.40 is installed OR qemu-ipxe-1.0.0-41.40 is installed OR qemu-kvm-2.6.2-41.40 is installed OR qemu-lang-2.6.2-41.40 is installed OR qemu-seabios-1.9.1-41.40 is installed OR qemu-sgabios-8-41.40 is installed OR qemu-tools-2.6.2-41.40 is installed OR qemu-vgabios-1.9.1-41.40 is installed OR qemu-x86-2.6.2-41.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cups-filters-1.0.58-17 is installed OR cups-filters-cups-browsed-1.0.58-17 is installed OR cups-filters-foomatic-rip-1.0.58-17 is installed OR cups-filters-ghostscript-1.0.58-17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.55-38.44 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_143-94_47-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_16-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND mutt-1.10.1-55.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libXext6-1.3.2-4.3 is installed OR libXext6-32bit-1.3.2-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information grub2-2.02-19.48 is installed OR grub2-arm64-efi-2.02-19.48 is installed OR grub2-i386-pc-2.02-19.48 is installed OR grub2-powerpc-ieee1275-2.02-19.48 is installed OR grub2-s390x-emu-2.02-19.48 is installed OR grub2-snapper-plugin-2.02-19.48 is installed OR grub2-systemd-sleep-plugin-2.02-19.48 is installed OR grub2-x86_64-efi-2.02-19.48 is installed OR grub2-x86_64-xen-2.02-19.48 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information openstack-horizon-plugin-manila-ui-1.2.1~a0~dev2-3 is installed OR python-horizon-plugin-manila-ui-1.2.1~a0~dev2-3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libsnmp30-5.7.3-6.3 is installed OR libsnmp30-32bit-5.7.3-6.3 is installed OR net-snmp-5.7.3-6.3 is installed OR perl-SNMP-5.7.3-6.3 is installed OR snmp-mibs-5.7.3-6.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND permissions-2015.09.28.1626-17.20 is installed

BACK