Oval Definition:	oval:org.opensuse.security:def:55302
Revision Date: 2021-03-02 Version: 1 Title: Security update for grub2 (Important) Description: This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057) Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263) grub2 was bumped to version 2.02, same as SUSE Linux Enterprise 12 SP3. Family: unix Class: patch Status: Reference(s): 1000435 1001765 1030472 1030476 1033084 1033085 1033087 1033088 1033089 1033090 1035829 1041830 1043484 1043607 1045060 1045062 1045065 1048576 1085415 1092061 1106390 1107067 1111973 1112723 1112726 1112758 1113660 1123685 1125007 1130103 1133528 1149495 1149496 1175970 1176711 1177883 1179264 1179265 1182057 1182262 1182263 876449 887746 937096 953518 954374 955104 958342 959330 959552 969785 970135 970293 971949 982210 982211 982251 984060 987173 987857 988675 988676 990074 990500 990970 991934 992224 993665 994421 994625 994761 994772 994775 995785 995789 995792 996269 CVE-2011-1097 CVE-2012-2812 CVE-2012-2813 CVE-2012-2814 CVE-2012-2836 CVE-2012-2837 CVE-2012-2840 CVE-2012-2841 CVE-2014-1544 CVE-2014-1547 CVE-2014-1548 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 CVE-2014-2855 CVE-2014-2891 CVE-2014-8242 CVE-2014-9512 CVE-2015-2059 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2016-10254 CVE-2016-10255 CVE-2016-2851 CVE-2016-4971 CVE-2016-6258 CVE-2016-6259 CVE-2016-6833 CVE-2016-6834 CVE-2016-6835 CVE-2016-6836 CVE-2016-6888 CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 CVE-2016-7796 CVE-2017-12194 CVE-2017-16548 CVE-2017-17433 CVE-2017-17434 CVE-2017-3167 CVE-2017-3169 CVE-2017-7607 CVE-2017-7608 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2017-7679 CVE-2017-9788 CVE-2018-0494 CVE-2018-16062 CVE-2018-16403 CVE-2018-16840 CVE-2018-16842 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2018-5764 CVE-2019-3859 CVE-2019-5481 CVE-2019-5482 CVE-2019-7150 CVE-2019-7665 CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 SUSE-SU-2015:1227-1 SUSE-SU-2016:0706-1 SUSE-SU-2016:2226-1 SUSE-SU-2016:2473-1 SUSE-SU-2016:2476-1 SUSE-SU-2017:2449-1 SUSE-SU-2018:0877-1 SUSE-SU-2018:1373-1 SUSE-SU-2018:3608-1 SUSE-SU-2019:1060-1 SUSE-SU-2019:1733-1 SUSE-SU-2019:2381-1 SUSE-SU-2021:0679-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gpg2-2.2.5-lp150.2 is installed OR gpg2-lang-2.2.5-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information kconf_update5-5.32.0-7 is installed OR kconfig-5.32.0-7 is installed OR kconfig-devel-5.32.0-7 is installed OR kconfig-devel-32bit-5.55.0-lp151.2.5 is installed OR kconfig-devel-64bit-5.32.0-7 is installed OR kdelibs4-4.14.33-7 is installed OR kdelibs4-apidocs-4.14.33-7 is installed OR kdelibs4-branding-upstream-4.14.33-7 is installed OR kdelibs4-core-4.14.33-7 is installed OR kdelibs4-doc-4.14.33-7 is installed OR libKF5ConfigCore5-5.32.0-7 is installed OR libKF5ConfigCore5-32bit-5.55.0-lp151.2.5 is installed OR libKF5ConfigCore5-64bit-5.32.0-7 is installed OR libKF5ConfigCore5-lang-5.32.0-7 is installed OR libKF5ConfigGui5-5.32.0-7 is installed OR libKF5ConfigGui5-32bit-5.55.0-lp151.2.5 is installed OR libKF5ConfigGui5-64bit-5.32.0-7 is installed OR libkde4-4.14.33-7 is installed OR libkde4-32bit-4.14.38-lp151.9.5 is installed OR libkde4-64bit-4.14.33-7 is installed OR libkde4-devel-4.14.33-7 is installed OR libkdecore4-4.14.33-7 is installed OR libkdecore4-32bit-4.14.38-lp151.9.5 is installed OR libkdecore4-64bit-4.14.33-7 is installed OR libkdecore4-devel-4.14.33-7 is installed OR libksuseinstall-devel-4.14.33-7 is installed OR libksuseinstall1-4.14.33-7 is installed OR libksuseinstall1-32bit-4.14.38-lp151.9.5 is installed OR libksuseinstall1-64bit-4.14.33-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.7.0esr-0.8 is installed OR MozillaFirefox-translations-24.7.0esr-0.8 is installed OR libfreebl3-3.16.2-0.8 is installed OR libfreebl3-32bit-3.16.2-0.8 is installed OR libsoftokn3-3.16.2-0.8 is installed OR libsoftokn3-32bit-3.16.2-0.8 is installed OR mozilla-nss-3.16.2-0.8 is installed OR mozilla-nss-32bit-3.16.2-0.8 is installed OR mozilla-nss-tools-3.16.2-0.8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libotr-3.2.0-10.5 is installed OR libotr2-3.2.0-10.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information curl-7.37.0-37.31 is installed OR libcurl4-7.37.0-37.31 is installed OR libcurl4-32bit-7.37.0-37.31 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libvdpau1-1.1.1-6 is installed OR libvdpau1-32bit-1.1.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libexif12-0.6.21-6 is installed OR libexif12-32bit-0.6.21-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-devel-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information grub2-2.02-115.59.1 is installed OR grub2-i386-pc-2.02-115.59.1 is installed OR grub2-snapper-plugin-2.02-115.59.1 is installed OR grub2-systemd-sleep-plugin-2.02-115.59.1 is installed OR grub2-x86_64-efi-2.02-115.59.1 is installed OR grub2-x86_64-xen-2.02-115.59.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ntp-4.2.8p13-85 is installed OR ntp-doc-4.2.8p13-85 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpython3_4m1_0-3.4.10-25.39 is installed OR python3-3.4.10-25.39 is installed OR python3-base-3.4.10-25.39 is installed OR python3-curses-3.4.10-25.39 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information curl-7.37.0-37.40 is installed OR libcurl4-7.37.0-37.40 is installed OR libcurl4-32bit-7.37.0-37.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information apache2-2.4.16-20.10 is installed OR apache2-doc-2.4.16-20.10 is installed OR apache2-example-pages-2.4.16-20.10 is installed OR apache2-prefork-2.4.16-20.10 is installed OR apache2-utils-2.4.16-20.10 is installed OR apache2-worker-2.4.16-20.10 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openssh-7.2p2-74.30 is installed OR openssh-askpass-gnome-7.2p2-74.30 is installed OR openssh-fips-7.2p2-74.30 is installed OR openssh-helpers-7.2p2-74.30 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed
BACK