Oval Definition:	oval:org.opensuse.security:def:55621
Revision Date: 2020-12-01 Version: 1 Title: Security update for xen (Important) Description: xen was updated to version 4.4.3 to fix nine security issues. These security issues were fixed: - CVE-2015-4037: The slirp_smb function in net/slirp.c created temporary files with predictable names, which allowed local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program (bsc#932267). - CVE-2014-0222: Integer overflow in the qcow_open function allowed remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image (bsc#877642). - CVE-2015-7835: Uncontrolled creation of large page mappings by PV guests (bsc#950367). - CVE-2015-7311: libxl in Xen did not properly handle the readonly flag on disks when using the qemu-xen device model, which allowed local guest users to write to a read-only disk image (bsc#947165). - CVE-2015-5239: Integer overflow in vnc_client_read() and protocol_client_msg() (bsc#944463). - CVE-2015-6815: With e1000 NIC emulation support it was possible to enter an infinite loop (bsc#944697). - CVE-2015-7969: Leak of main per-domain vcpu pointer array leading to denial of service (bsc#950703). - CVE-2015-7969: Leak of per-domain profiling- related vcpu pointer array leading to denial of service (bsc#950705). - CVE-2015-7971: Some pmu and profiling hypercalls log without rate limiting (bsc#950706). These non-security issues were fixed: - bsc#907514: Bus fatal error: SLES 12 sudden reboot has been observed - bsc#910258: SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984: Bus fatal error: SLES11-SP4 sudden reboot has been observed - bsc#923967: Partner-L3: Bus fatal error: SLES11-SP3 sudden reboot has been observed - bnc#901488: Intel ixgbe driver assigns rx/tx queues per core resulting in irq problems on servers with a large amount of CPU cores - bsc#945167: Running command: xl pci-assignable-add 03:10.1 secondly show errors - bsc#949138: Setting vcpu affinity under Xen causes libvirtd abort Family: unix Class: patch Status: Reference(s): 1003577 1003579 1003580 1013882 1015400 1018088 1020353 1021868 1024051 1029497 1046779 1122293 1122299 1132728 1132729 1132732 1134297 1149294 1149295 1149296 1149297 1149298 1149299 1149303 1149304 1149324 1152497 1154448 1154456 1154458 1154461 1155945 1160888 1173144 843509 877642 901488 907514 910258 918984 923967 924828 930077 930078 932267 944463 944697 945167 947165 947271 949138 950367 950703 950705 950706 957568 970498 CVE-2011-1521 CVE-2011-3389 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2013-1752 CVE-2013-1753 CVE-2013-2061 CVE-2013-4238 CVE-2014-0107 CVE-2014-0222 CVE-2014-1912 CVE-2014-4650 CVE-2014-7185 CVE-2015-2806 CVE-2015-4037 CVE-2015-4141 CVE-2015-4142 CVE-2015-5239 CVE-2015-6815 CVE-2015-7311 CVE-2015-7835 CVE-2015-7969 CVE-2015-7971 CVE-2015-8313 CVE-2015-8833 CVE-2016-10251 CVE-2016-9583 CVE-2016-9600 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-5498 CVE-2017-5838 CVE-2017-6850 CVE-2017-7506 CVE-2018-11212 CVE-2018-12207 CVE-2019-11135 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11752 CVE-2019-11753 CVE-2019-14907 CVE-2019-18420 CVE-2019-18421 CVE-2019-18424 CVE-2019-18425 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2019-9812 CVE-2020-8163 SUSE-SU-2015:1908-1 SUSE-SU-2015:2221-1 SUSE-SU-2016:0077-1 SUSE-SU-2016:0912-1 SUSE-SU-2017:0004-1 SUSE-SU-2017:0953-1 SUSE-SU-2017:0967-1 SUSE-SU-2017:1832-1 SUSE-SU-2019:1392-1 SUSE-SU-2019:2436-1 SUSE-SU-2019:2962-1 SUSE-SU-2020:0233-1 SUSE-SU-2020:2140-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND dnsmasq-2.78-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libsass-3.6.1-lp151.3.3 is installed OR libsass-3_6_1-1-3.6.1-lp151.3.3 is installed OR libsass-devel-3.6.1-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND openvpn-2.0.9-143.33.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information gnutls-2.4.1-24.39.60 is installed OR libgnutls26-2.4.1-24.39.60 is installed OR libgnutls26-32bit-2.4.1-24.39.60 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information wpa_supplicant-0.7.1-6.17 is installed OR wpa_supplicant-gui-0.7.1-6.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information xen-4.4.3_02-22.12 is installed OR xen-kmp-default-4.4.3_02_k3.12.48_52.27-22.12 is installed OR xen-libs-4.4.3_02-22.12 is installed OR xen-libs-32bit-4.4.3_02-22.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information java-1_7_0-openjdk-1.7.0.221-43.22 is installed OR java-1_7_0-openjdk-headless-1.7.0.221-43.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libpython2_7-1_0-2.7.9-20 is installed OR libpython2_7-1_0-32bit-2.7.9-20 is installed OR python-base-2.7.9-20 is installed OR python-base-32bit-2.7.9-20 is installed OR python-xml-2.7.9-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libspice-server1-0.12.5-10 is installed OR spice-0.12.5-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.25 is installed OR openssh-askpass-gnome-7.2p2-74.25 is installed OR openssh-fips-7.2p2-74.25 is installed OR openssh-helpers-7.2p2-74.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libpcsclite1-1.8.10-6 is installed OR pcsc-lite-1.8.10-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.107 is installed OR kernel-default-base-4.4.180-94.107 is installed OR kernel-default-devel-4.4.180-94.107 is installed OR kernel-devel-4.4.180-94.107 is installed OR kernel-macros-4.4.180-94.107 is installed OR kernel-source-4.4.180-94.107 is installed OR kernel-syms-4.4.180-94.107 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ucode-intel-20191112-13.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libdcerpc-binding0-4.6.16+git.154.2998451b912-3.40 is installed OR libdcerpc-binding0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libdcerpc0-4.6.16+git.154.2998451b912-3.40 is installed OR libdcerpc0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libndr-krb5pac0-4.6.16+git.154.2998451b912-3.40 is installed OR libndr-krb5pac0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libndr-nbt0-4.6.16+git.154.2998451b912-3.40 is installed OR libndr-nbt0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libndr-standard0-4.6.16+git.154.2998451b912-3.40 is installed OR libndr-standard0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libndr0-4.6.16+git.154.2998451b912-3.40 is installed OR libndr0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libnetapi0-4.6.16+git.154.2998451b912-3.40 is installed OR libnetapi0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-credentials0-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-credentials0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-errors0-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-errors0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-hostconfig0-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-passdb0-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-passdb0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-util0-4.6.16+git.154.2998451b912-3.40 is installed OR libsamba-util0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libsamdb0-4.6.16+git.154.2998451b912-3.40 is installed OR libsamdb0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libsmbclient0-4.6.16+git.154.2998451b912-3.40 is installed OR libsmbclient0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libsmbconf0-4.6.16+git.154.2998451b912-3.40 is installed OR libsmbconf0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libsmbldap0-4.6.16+git.154.2998451b912-3.40 is installed OR libsmbldap0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libtevent-util0-4.6.16+git.154.2998451b912-3.40 is installed OR libtevent-util0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR libwbclient0-4.6.16+git.154.2998451b912-3.40 is installed OR libwbclient0-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR samba-4.6.16+git.154.2998451b912-3.40 is installed OR samba-client-4.6.16+git.154.2998451b912-3.40 is installed OR samba-client-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR samba-doc-4.6.16+git.154.2998451b912-3.40 is installed OR samba-libs-4.6.16+git.154.2998451b912-3.40 is installed OR samba-libs-32bit-4.6.16+git.154.2998451b912-3.40 is installed OR samba-winbind-4.6.16+git.154.2998451b912-3.40 is installed OR samba-winbind-32bit-4.6.16+git.154.2998451b912-3.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND chrony-2.3-3 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND Package Information ruby2.1-rubygem-actionview-4_2-4.2.9-9.9 is installed OR ruby2.1-rubygem-activesupport-4_2-4.2.9-7.6 is installed OR rubygem-actionview-4_2-4.2.9-9.9 is installed OR rubygem-activesupport-4_2-4.2.9-7.6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-default-man-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND mailman-2.1.17-3.11 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND haproxy-1.6.11-11.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ansible-2.4.6.0-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.0-11.27 is installed
BACK