Oval Definition:	oval:org.opensuse.security:def:53682
Revision Date: 2020-12-01 Version: 1 Title: Security update for shim (Moderate) Description: This update for shim fixes the following issues: - Update to the unified shim binary from SUSE Linux Enterprise 15-SP1 (bsc#1168994) This update addresses the 'BootHole' security issue (master CVE CVE-2020-10713), by disallowing binaries signed by the previous SUSE UEFI signing key from booting. This update should only be installed after updates of grub2, the Linux kernel and (if used) Xen from July / August 2020 are applied. Additional fixes: + shim-install: install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656) Family: unix Class: patch Status: Reference(s): 1005776 1006867 1012382 1012829 1015422 1022917 1022918 1022919 1027054 1031717 1034503 1035432 1042286 1042812 1042826 1043289 1043441 1045330 1047356 1049072 1053417 1056277 1062840 1065600 1065615 1066223 1067118 1068032 1068569 1069135 1071306 1071892 1072363 1072689 1072739 1072865 1073401 1074198 1074426 1075087 1076282 1077285 1077513 1077560 1077779 1078583 1078609 1078672 1078673 1078787 1079029 1079038 1079384 1079989 1080014 1080263 1080344 1080360 1080364 1080384 1080464 1080774 1080809 1080813 1080851 1081134 1081431 1081491 1081498 1081500 1081512 1081671 1082223 1082299 1082478 1082795 1082864 1082897 1082979 1082993 1083494 1083548 1084610 1085053 1085107 1085224 1085239 1087820 1094204 1094237 1095730 1095812 1095813 1104036 1168994 1175626 1175656 863764 927841 966328 975772 976340 983145 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0547 CVE-2012-1682 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 CVE-2012-3136 CVE-2012-3174 CVE-2012-3216 CVE-2012-3386 CVE-2012-4416 CVE-2012-4681 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 CVE-2013-0169 CVE-2013-0401 CVE-2013-0422 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0431 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0450 CVE-2013-0809 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1488 CVE-2013-1493 CVE-2013-1500 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1569 CVE-2013-1571 CVE-2013-2383 CVE-2013-2384 CVE-2013-2407 CVE-2013-2412 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5805 CVE-2013-5806 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2013-6369 CVE-2013-6393 CVE-2013-6629 CVE-2013-6954 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0408 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2014-2483 CVE-2014-2490 CVE-2014-2497 CVE-2014-2525 CVE-2014-3566 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4266 CVE-2014-4268 CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6517 CVE-2014-6519 CVE-2014-6531 CVE-2014-6558 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2014-9130 CVE-2014-9709 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0460 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808 CVE-2015-3310 CVE-2015-4000 CVE-2015-4491 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4734 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 CVE-2015-7575 CVE-2015-8126 CVE-2015-8472 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 CVE-2016-0636 CVE-2016-0686 CVE-2016-0687 CVE-2016-0695 CVE-2016-10165 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197 CVE-2016-1601 CVE-2016-2183 CVE-2016-3425 CVE-2016-3427 CVE-2016-3458 CVE-2016-3485 CVE-2016-3498 CVE-2016-3500 CVE-2016-3503 CVE-2016-3508 CVE-2016-3511 CVE-2016-3550 CVE-2016-3598 CVE-2016-3606 CVE-2016-3610 CVE-2016-5116 CVE-2016-5542 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 CVE-2016-6128 CVE-2016-6132 CVE-2016-6161 CVE-2016-6207 CVE-2016-6214 CVE-2016-6905 CVE-2016-6906 CVE-2016-6911 CVE-2016-6912 CVE-2016-7568 CVE-2016-8670 CVE-2016-9317 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2016-9893 CVE-2016-9895 CVE-2016-9897 CVE-2016-9898 CVE-2016-9899 CVE-2016-9900 CVE-2016-9901 CVE-2016-9902 CVE-2016-9904 CVE-2016-9905 CVE-2016-9933 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 CVE-2017-10118 CVE-2017-10125 CVE-2017-10135 CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2017-10928 CVE-2017-11403 CVE-2017-13166 CVE-2017-13758 CVE-2017-15951 CVE-2017-16644 CVE-2017-16912 CVE-2017-16913 CVE-2017-17975 CVE-2017-18208 CVE-2017-18271 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2017-6362 CVE-2017-9439 CVE-2017-9440 CVE-2017-9501 CVE-2018-1000026 CVE-2018-1000222 CVE-2018-1068 CVE-2018-10804 CVE-2018-10805 CVE-2018-11251 CVE-2018-11655 CVE-2018-2579 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-5711 CVE-2018-8087 CVE-2018-9133 CVE-2020-10713 SUSE-SU-2016:1250-1 SUSE-SU-2016:3222-1 SUSE-SU-2017:0474-1 SUSE-SU-2017:2199-1 SUSE-SU-2018:0200-1 SUSE-SU-2018:0785-1 SUSE-SU-2018:1851-1 SUSE-SU-2018:2145-1 SUSE-SU-2018:2641-1 SUSE-SU-2020:2626-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information NetworkManager-applet-1.8.10-lp150.3 is installed OR NetworkManager-applet-lang-1.8.10-lp150.3 is installed OR NetworkManager-connection-editor-1.8.10-lp150.3 is installed OR libnm-gtk0-1.8.10-lp150.3 is installed OR libnma0-1.8.10-lp150.3 is installed OR nma-data-1.8.10-lp150.3 is installed OR typelib-1_0-NMGtk-1_0-1.8.10-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libopenssl-1_0_0-devel-1.0.2p-lp151.5.3 is installed OR libopenssl-1_0_0-devel-32bit-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-32bit-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-hmac-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2p-lp151.5.3 is installed OR openssl-1_0_0-1.0.2p-lp151.5.3 is installed OR openssl-1_0_0-cavs-1.0.2p-lp151.5.3 is installed OR openssl-1_0_0-doc-1.0.2p-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libtiff3-3.8.2-141.154 is installed OR libtiff3-32bit-3.8.2-141.154 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information bash-3.2-147.22 is installed OR bash-doc-3.2-147.22 is installed OR libreadline5-5.2-147.22 is installed OR libreadline5-32bit-5.2-147.22 is installed OR readline-doc-5.2-147.22 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information mozilla-nspr-4.10.9-11 is installed OR mozilla-nspr-32bit-4.10.9-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information java-1_7_0-openjdk-1.7.0.101-30 is installed OR java-1_7_0-openjdk-headless-1.7.0.101-30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information MozillaFirefox-45.6.0esr-96 is installed OR MozillaFirefox-translations-45.6.0esr-96 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-71.5 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.5 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.5 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.5 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND wdiff-1.2.1-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gd-2.1.0-24.9 is installed OR gd-32bit-2.1.0-24.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libXt6-1.1.4-3 is installed OR libXt6-32bit-1.1.4-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_21-default-9-2 is installed OR kgraft-patch-3_12_67-60_64_21-xen-9-2 is installed OR kgraft-patch-SLE12-SP1_Update_10-9-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ntp-4.2.8p11-64.5 is installed OR ntp-doc-4.2.8p11-64.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gstreamer-plugins-bad-1.8.3-17 is installed OR gstreamer-plugins-bad-lang-1.8.3-17 is installed OR libgstadaptivedemux-1_0-0-1.8.3-17 is installed OR libgstbadaudio-1_0-0-1.8.3-17 is installed OR libgstbadbase-1_0-0-1.8.3-17 is installed OR libgstbadvideo-1_0-0-1.8.3-17 is installed OR libgstbasecamerabinsrc-1_0-0-1.8.3-17 is installed OR libgstcodecparsers-1_0-0-1.8.3-17 is installed OR libgstgl-1_0-0-1.8.3-17 is installed OR libgstmpegts-1_0-0-1.8.3-17 is installed OR libgstphotography-1_0-0-1.8.3-17 is installed OR libgsturidownloader-1_0-0-1.8.3-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information LibVNCServer-0.9.9-17.19 is installed OR libvncclient0-0.9.9-17.19 is installed OR libvncserver0-0.9.9-17.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libsystemd0-228-150.82 is installed OR libsystemd0-32bit-228-150.82 is installed OR libudev-devel-228-150.82 is installed OR libudev1-228-150.82 is installed OR libudev1-32bit-228-150.82 is installed OR systemd-228-150.82 is installed OR systemd-32bit-228-150.82 is installed OR systemd-bash-completion-228-150.82 is installed OR systemd-sysvinit-228-150.82 is installed OR udev-228-150.82 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpython2_7-1_0-2.7.13-28.8 is installed OR libpython2_7-1_0-32bit-2.7.13-28.8 is installed OR python-2.7.13-28.8 is installed OR python-32bit-2.7.13-28.8 is installed OR python-base-2.7.13-28.8 is installed OR python-base-32bit-2.7.13-28.8 is installed OR python-curses-2.7.13-28.8 is installed OR python-demo-2.7.13-28.8 is installed OR python-doc-2.7.13-28.8 is installed OR python-doc-pdf-2.7.13-28.8 is installed OR python-gdbm-2.7.13-28.8 is installed OR python-idle-2.7.13-28.8 is installed OR python-tk-2.7.13-28.8 is installed OR python-xml-2.7.13-28.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information augeas-1.2.0-17.3 is installed OR augeas-lenses-1.2.0-17.3 is installed OR libaugeas0-1.2.0-17.3 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND shim-15+git47-7.15 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND enigmail-2.0.8-3.10 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND crowbar-openstack-3.0+git.1456169766.1e60d19-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information git-2.12.3-27.22 is installed OR git-core-2.12.3-27.22 is installed OR git-doc-2.12.3-27.22 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND haproxy-1.6.11-11.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.14.3-11.15 is installed
BACK