Oval Definition:	oval:org.opensuse.security:def:55857
Revision Date: 2021-03-02 Version: 1 Title: Security update for grub2 (Important) Description: This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057) Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263) grub2 was bumped to version 2.02, same as SUSE Linux Enterprise 12 SP3. Family: unix Class: patch Status: Reference(s): 1008029 1012422 1027519 1045205 1045986 1050231 1066569 1066693 1067678 1068032 1068671 1070771 1070781 1071074 1071470 1071693 1071694 1071695 1072561 1072876 1076366 1083292 1089152 1089635 1090820 1090822 1090823 1097158 1097624 1098592 1175970 1176711 1177883 1179264 1179265 1182057 1182262 1182263 783533 792432 813026 819204 825935 826097 872912 898031 899558 903204 903216 903638 905260 913001 917376 926826 971804 972968 973639 974220 975394 979688 986247 CVE-2010-1674 CVE-2010-1675 CVE-2012-3977 CVE-2012-3982 CVE-2012-3983 CVE-2012-3984 CVE-2012-3985 CVE-2012-3986 CVE-2012-3987 CVE-2012-3988 CVE-2012-3989 CVE-2012-3990 CVE-2012-3991 CVE-2012-3992 CVE-2012-3993 CVE-2012-3994 CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 CVE-2012-4184 CVE-2012-4185 CVE-2012-4186 CVE-2012-4187 CVE-2012-4188 CVE-2012-4192 CVE-2012-4193 CVE-2013-1682 CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 CVE-2013-1687 CVE-2013-1690 CVE-2013-1692 CVE-2013-1693 CVE-2013-1697 CVE-2013-4566 CVE-2014-3566 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2015-0240 CVE-2015-5244 CVE-2016-1601 CVE-2016-3099 CVE-2016-5773 CVE-2016-9137 CVE-2017-1000368 CVE-2017-11600 CVE-2017-13167 CVE-2017-15115 CVE-2017-15868 CVE-2017-16534 CVE-2017-16538 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 CVE-2017-8824 CVE-2018-0732 CVE-2018-10471 CVE-2018-10472 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-7550 CVE-2018-8897 CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 SUSE-SU-2015:0371-1 SUSE-SU-2016:0008-1 SUSE-SU-2016:1138-1 SUSE-SU-2016:2285-1 SUSE-SU-2016:2975-1 SUSE-SU-2017:1778-1 SUSE-SU-2018:0031-1 SUSE-SU-2018:0114-1 SUSE-SU-2018:0663-1 SUSE-SU-2018:1202-1 SUSE-SU-2018:1968-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information expat-2.2.5-lp150.1 is installed OR libexpat1-2.2.5-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information evolution-3.26.6-lp151.4.3 is installed OR evolution-devel-3.26.6-lp151.4.3 is installed OR evolution-lang-3.26.6-lp151.4.3 is installed OR evolution-plugin-bogofilter-3.26.6-lp151.4.3 is installed OR evolution-plugin-pst-import-3.26.6-lp151.4.3 is installed OR evolution-plugin-spamassassin-3.26.6-lp151.4.3 is installed OR glade-catalog-evolution-3.26.6-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.9-0.3 is installed OR MozillaFirefox-branding-SLED-7-0.6.7 is installed OR MozillaFirefox-translations-10.0.9-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information ImageMagick-6.4.3.6-7.30 is installed OR libMagick++1-6.4.3.6-7.30 is installed OR libMagickCore1-6.4.3.6-7.30 is installed OR libMagickCore1-32bit-6.4.3.6-7.30 is installed OR libMagickWand1-6.4.3.6-7.30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND libksba-1.0.4-1.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information imap-2007e_suse-22 is installed OR libc-client2007e_suse-2007e_suse-22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND quagga-0.99.22.1-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND sudo-1.8.10p3-2.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpp48-4.8.5-30 is installed OR gcc48-4.8.5-30 is installed OR gcc48-32bit-4.8.5-30 is installed OR gcc48-c++-4.8.5-30 is installed OR gcc48-info-4.8.5-30 is installed OR gcc48-locale-4.8.5-30 is installed OR libasan0-4.8.5-30 is installed OR libasan0-32bit-4.8.5-30 is installed OR libstdc++48-devel-4.8.5-30 is installed OR libstdc++48-devel-32bit-4.8.5-30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libvirt-2.0.0-27.45 is installed OR libvirt-client-2.0.0-27.45 is installed OR libvirt-daemon-2.0.0-27.45 is installed OR libvirt-daemon-config-network-2.0.0-27.45 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed OR libvirt-daemon-driver-network-2.0.0-27.45 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed OR libvirt-daemon-hooks-2.0.0-27.45 is installed OR libvirt-daemon-lxc-2.0.0-27.45 is installed OR libvirt-daemon-qemu-2.0.0-27.45 is installed OR libvirt-daemon-xen-2.0.0-27.45 is installed OR libvirt-doc-2.0.0-27.45 is installed OR libvirt-lock-sanlock-2.0.0-27.45 is installed OR libvirt-nss-2.0.0-27.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information grub2-2.02-115.59.1 is installed OR grub2-i386-pc-2.02-115.59.1 is installed OR grub2-snapper-plugin-2.02-115.59.1 is installed OR grub2-systemd-sleep-plugin-2.02-115.59.1 is installed OR grub2-x86_64-efi-2.02-115.59.1 is installed OR grub2-x86_64-xen-2.02-115.59.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND iputils-s20121221-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information cups-1.7.5-20.29 is installed OR cups-client-1.7.5-20.29 is installed OR cups-libs-1.7.5-20.29 is installed OR cups-libs-32bit-1.7.5-20.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpython3_4m1_0-3.4.6-25.16 is installed OR python3-3.4.6-25.16 is installed OR python3-base-3.4.6-25.16 is installed OR python3-curses-3.4.6-25.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information kernel-default-3.12.74-60.64.69 is installed OR kernel-default-base-3.12.74-60.64.69 is installed OR kernel-default-devel-3.12.74-60.64.69 is installed OR kernel-devel-3.12.74-60.64.69 is installed OR kernel-macros-3.12.74-60.64.69 is installed OR kernel-source-3.12.74-60.64.69 is installed OR kernel-syms-3.12.74-60.64.69 is installed OR kernel-xen-3.12.74-60.64.69 is installed OR kernel-xen-base-3.12.74-60.64.69 is installed OR kernel-xen-devel-3.12.74-60.64.69 is installed OR kgraft-patch-3_12_74-60_64_69-default-1-2.3 is installed OR kgraft-patch-3_12_74-60_64_69-xen-1-2.3 is installed OR kgraft-patch-SLE12-SP1_Update_24-1-2.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information java-1_8_0-openjdk-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-demo-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-devel-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-headless-1.8.0.212-27.32 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND haproxy-1.6.11-11.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-activejob-4_2-4.2.9-3.6 is installed OR rubygem-activejob-4_2-4.2.9-3.6 is installed
BACK