Oval Definition:	oval:org.opensuse.security:def:55539
Revision Date: 2023-04-21 Version: 1 Title: Security update for shim (Moderate) (in QA) Description: This update for shim fixes the following issues: - CVE-2022-28737 was missing as reference previously. - Upgrade shim-install for bsc#1210382 After closing Leap-gap project since Leap 15.3, openSUSE Leap direct uses shim from SLE. So the ca_string is 'SUSE Linux Enterprise Secure Boot CA1', not 'openSUSE Secure Boot CA1'. It causes that the update_boot=no, so all files in /boot/efi/EFI/boot are not updated. Logic was added that is using ID field in os-release for checking Leap distro and set ca_string to 'SUSE Linux Enterprise Secure Boot CA1'. Then /boot/efi/EFI/boot/* can also be updated. This patch is currently in QA and not yet available for download. Family: unix Class: patch Status: Reference(s): 1001459 1012985 1023287 1027149 1028217 1030531 1030552 1031515 1033960 1034405 1035531 1035738 1037182 1037183 1037994 1038544 1038564 1038879 1038883 1038981 1038982 1039348 1039354 1039456 1039721 1039864 1039882 1039883 1039885 1040069 1041160 1041429 1041431 1042419 1042696 1042832 1042863 1044125 1045327 1045487 1045922 1046107 1048275 1048788 1049645 1049882 1051684 1051685 1053148 1053152 1053259 1053317 1056588 1056982 1057179 1058410 1058507 1058524 1058565 1058622 1058624 1059777 1059863 1061076 1061077 1061080 1061081 1061082 1061084 1061086 1061087 1062471 1062520 1063667 1064388 1125230 1131493 1140868 1144902 1161799 1210382 815451 821669 856774 860250 863764 878240 922855 922871 933591 938913 945842 947772 947791 948168 949000 954512 964844 986924 993099 994364 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2010-4494 CVE-2011-1944 CVE-2012-5134 CVE-2013-0338 CVE-2013-1969 CVE-2013-1987 CVE-2014-0191 CVE-2014-3660 CVE-2015-4000 CVE-2015-4047 CVE-2015-4171 CVE-2015-5276 CVE-2015-7651 CVE-2015-7652 CVE-2015-7653 CVE-2015-7654 CVE-2015-7655 CVE-2015-7656 CVE-2015-7657 CVE-2015-7658 CVE-2015-7659 CVE-2015-7660 CVE-2015-7661 CVE-2015-7662 CVE-2015-7663 CVE-2015-8042 CVE-2015-8043 CVE-2015-8044 CVE-2015-8046 CVE-2017-1000363 CVE-2017-1000365 CVE-2017-1000380 CVE-2017-10661 CVE-2017-11176 CVE-2017-12150 CVE-2017-12151 CVE-2017-12153 CVE-2017-12154 CVE-2017-12163 CVE-2017-12762 CVE-2017-13080 CVE-2017-14051 CVE-2017-14106 CVE-2017-14140 CVE-2017-15265 CVE-2017-15274 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15591 CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-15649 CVE-2017-5526 CVE-2017-7482 CVE-2017-7487 CVE-2017-7518 CVE-2017-7541 CVE-2017-7542 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 CVE-2017-7889 CVE-2017-8831 CVE-2017-8890 CVE-2017-8924 CVE-2017-8925 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9242 CVE-2018-15587 CVE-2019-10218 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-5953 CVE-2019-9811 CVE-2020-6796 CVE-2020-6797 CVE-2020-6798 CVE-2020-6799 CVE-2020-6800 CVE-2022-28737 SUSE-SU-2015:1196-1 SUSE-SU-2015:1833-1 SUSE-SU-2015:1960-1 SUSE-SU-2016:0344-1 SUSE-SU-2017:2356-1 SUSE-SU-2017:2726-1 SUSE-SU-2017:2873-1 SUSE-SU-2017:2908-1 SUSE-SU-2019:0956-1 SUSE-SU-2019:1391-1 SUSE-SU-2019:1861-1 SUSE-SU-2019:2890-1 SUSE-SU-2020:0384-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information bind-9.11.2-lp150.7 is installed OR bind-chrootenv-9.11.2-lp150.7 is installed OR bind-utils-9.11.2-lp150.7 is installed OR libbind9-160-9.11.2-lp150.7 is installed OR libdns169-9.11.2-lp150.7 is installed OR libirs160-9.11.2-lp150.7 is installed OR libisc166-9.11.2-lp150.7 is installed OR libisccc160-9.11.2-lp150.7 is installed OR libisccfg160-9.11.2-lp150.7 is installed OR liblwres160-9.11.2-lp150.7 is installed OR python3-bind-9.11.2-lp150.7 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information exempi-2.4.5-lp151.3.3 is installed OR exempi-tools-2.4.5-lp151.3.3 is installed OR libexempi-devel-2.4.5-lp151.3.3 is installed OR libexempi3-2.4.5-lp151.3.3 is installed OR libexempi3-32bit-2.4.5-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xorg-x11-libXrender-7.4-1.16 is installed OR xorg-x11-libXrender-32bit-7.4-1.16 is installed OR xorg-x11-libXrender-devel-7.4-1.16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.548-0.26 is installed OR flash-player-gnome-11.2.202.548-0.26 is installed OR flash-player-kde4-11.2.202.548-0.26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information strongswan-5.1.3-18 is installed OR strongswan-doc-5.1.3-18 is installed OR strongswan-ipsec-5.1.3-18 is installed OR strongswan-libs0-5.1.3-18 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND wget-1.14-21.10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information evolution-3.22.6-19.9 is installed OR evolution-lang-3.22.6-19.9 is installed Definition Synopsis SUSE Linux Enterprise Micro 5.4 is installed AND shim-15.7-150300.4.16.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND ipsec-tools-0.8.0-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libdcerpc-binding0-4.2.4-28.19 is installed OR libdcerpc-binding0-32bit-4.2.4-28.19 is installed OR libdcerpc0-4.2.4-28.19 is installed OR libdcerpc0-32bit-4.2.4-28.19 is installed OR libgensec0-4.2.4-28.19 is installed OR libgensec0-32bit-4.2.4-28.19 is installed OR libndr-krb5pac0-4.2.4-28.19 is installed OR libndr-krb5pac0-32bit-4.2.4-28.19 is installed OR libndr-nbt0-4.2.4-28.19 is installed OR libndr-nbt0-32bit-4.2.4-28.19 is installed OR libndr-standard0-4.2.4-28.19 is installed OR libndr-standard0-32bit-4.2.4-28.19 is installed OR libndr0-4.2.4-28.19 is installed OR libndr0-32bit-4.2.4-28.19 is installed OR libnetapi0-4.2.4-28.19 is installed OR libnetapi0-32bit-4.2.4-28.19 is installed OR libregistry0-4.2.4-28.19 is installed OR libsamba-credentials0-4.2.4-28.19 is installed OR libsamba-credentials0-32bit-4.2.4-28.19 is installed OR libsamba-hostconfig0-4.2.4-28.19 is installed OR libsamba-hostconfig0-32bit-4.2.4-28.19 is installed OR libsamba-passdb0-4.2.4-28.19 is installed OR libsamba-passdb0-32bit-4.2.4-28.19 is installed OR libsamba-util0-4.2.4-28.19 is installed OR libsamba-util0-32bit-4.2.4-28.19 is installed OR libsamdb0-4.2.4-28.19 is installed OR libsamdb0-32bit-4.2.4-28.19 is installed OR libsmbclient-raw0-4.2.4-28.19 is installed OR libsmbclient-raw0-32bit-4.2.4-28.19 is installed OR libsmbclient0-4.2.4-28.19 is installed OR libsmbclient0-32bit-4.2.4-28.19 is installed OR libsmbconf0-4.2.4-28.19 is installed OR libsmbconf0-32bit-4.2.4-28.19 is installed OR libsmbldap0-4.2.4-28.19 is installed OR libsmbldap0-32bit-4.2.4-28.19 is installed OR libtevent-util0-4.2.4-28.19 is installed OR libtevent-util0-32bit-4.2.4-28.19 is installed OR libwbclient0-4.2.4-28.19 is installed OR libwbclient0-32bit-4.2.4-28.19 is installed OR samba-4.2.4-28.19 is installed OR samba-32bit-4.2.4-28.19 is installed OR samba-client-4.2.4-28.19 is installed OR samba-client-32bit-4.2.4-28.19 is installed OR samba-doc-4.2.4-28.19 is installed OR samba-libs-4.2.4-28.19 is installed OR samba-libs-32bit-4.2.4-28.19 is installed OR samba-winbind-4.2.4-28.19 is installed OR samba-winbind-32bit-4.2.4-28.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND libXvMC1-1.0.8-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information python-certifi-2018.4.16-3.6 is installed OR python-chardet-3.0.4-5.6 is installed OR python-urllib3-1.22-3.20 is installed OR python3-certifi-2018.4.16-3.6 is installed OR python3-chardet-3.0.4-5.6 is installed OR python3-requests-2.20.1-5 is installed OR python3-urllib3-1.22-3.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_59-92_20-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_8-12-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libQt5WebKit5-5.6.2-1 is installed OR libQt5WebKit5-imports-5.6.2-1 is installed OR libQt5WebKitWidgets5-5.6.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libtiff5-4.0.9-44.21 is installed OR libtiff5-32bit-4.0.9-44.21 is installed OR tiff-4.0.9-44.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information e2fsprogs-1.43.8-1 is installed OR libcom_err2-1.43.8-1 is installed OR libcom_err2-32bit-1.43.8-1 is installed OR libext2fs2-1.43.8-1 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information libecpg6-9.6.4-3.6 is installed OR libpq5-9.6.4-3.6 is installed OR libpq5-32bit-9.6.4-3.6 is installed OR postgresql96-9.6.4-3.6 is installed OR postgresql96-contrib-9.6.4-3.6 is installed OR postgresql96-docs-9.6.4-3.6 is installed OR postgresql96-libs-9.6.4-3.6 is installed OR postgresql96-server-9.6.4-3.6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libdcerpc-atsvc0-4.2.4-28.29 is installed OR samba-4.2.4-28.29 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_7_0-openjdk-1.7.0.261-43.38 is installed OR java-1_7_0-openjdk-demo-1.7.0.261-43.38 is installed OR java-1_7_0-openjdk-devel-1.7.0.261-43.38 is installed OR java-1_7_0-openjdk-headless-1.7.0.261-43.38 is installed
BACK