Oval Definition:oval:org.opensuse.security:def:56222
Revision Date:2020-12-01Version:1
Title:Security update for xen (Important)
Description:

This update for xen to version 4.7.4 (bsc#1027519) fixes several issues.

This new feature was added:

- Support migration of HVM domains larger than 1 TB

These security issues were fixed:

- bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code allowed for DoS (XSA-246) - bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests to retain a writable mapping of freed memory leading to information leaks, privilege escalation or DoS (XSA-247). - CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation (bsc#1063123) - CVE-2017-15597: A grant copy operation being done on a grant of a dying domain allowed a malicious guest administrator to corrupt hypervisor memory, allowing for DoS or potentially privilege escalation and information leaks (bsc#1061075).

This non-security issue was fixed:

- bsc#1055047: Fixed --initrd-inject option in virt-install
Family:unixClass:patch
Status:Reference(s):1023990
1027519
1027908
1032261
1036244
1055047
1055825
1056058
1061075
1063123
1065363
1068187
1068191
1118319
1118320
1171252
1171254
938913
947165
950703
950704
950705
950706
951845
954018
954405
955399
956408
956409
956411
956592
956832
957531
964844
990592
CVE-2012-0804
CVE-2013-1984
CVE-2013-1985
CVE-2013-1995
CVE-2013-1998
CVE-2013-2001
CVE-2013-2186
CVE-2014-0050
CVE-2014-4671
CVE-2014-7818
CVE-2014-7829
CVE-2015-1038
CVE-2015-4000
CVE-2015-5307
CVE-2015-7311
CVE-2015-7504
CVE-2015-7835
CVE-2015-7969
CVE-2015-7970
CVE-2015-7971
CVE-2015-7972
CVE-2015-8104
CVE-2015-8327
CVE-2015-8339
CVE-2015-8340
CVE-2015-8341
CVE-2015-8345
CVE-2015-8560
CVE-2017-15289
CVE-2017-15597
CVE-2017-3735
CVE-2017-6369
CVE-2017-8422
CVE-2018-9568
CVE-2020-12653
CVE-2020-12654
SUSE-SU-2015:2338-1
SUSE-SU-2016:0112-1
SUSE-SU-2016:0344-1
SUSE-SU-2017:1156-1
SUSE-SU-2017:1335-1
SUSE-SU-2017:2981-1
SUSE-SU-2017:3178-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • cups-2.2.7-lp150.1 is installed
  • OR cups-client-2.2.7-lp150.1 is installed
  • OR cups-config-2.2.7-lp150.1 is installed
  • OR libcups2-2.2.7-lp150.1 is installed
  • OR libcupscgi1-2.2.7-lp150.1 is installed
  • OR libcupsimage2-2.2.7-lp150.1 is installed
  • OR libcupsmime1-2.2.7-lp150.1 is installed
  • OR libcupsppdc1-2.2.7-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chromedriver-75.0.3770.142-7 is installed
  • OR chromium-75.0.3770.142-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND foomatic-filters-3.0.2-269.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • xen-4.7.4_02-43.21 is installed
  • OR xen-libs-4.7.4_02-43.21 is installed
  • OR xen-libs-32bit-4.7.4_02-43.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cvs-1.12.12-181 is installed
  • OR cvs-doc-1.12.12-181 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • libopenssl1_0_0-1.0.1i-54.8 is installed
  • OR libopenssl1_0_0-32bit-1.0.1i-54.8 is installed
  • OR libopenssl1_0_0-hmac-1.0.1i-54.8 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.1i-54.8 is installed
  • OR openssl-1.0.1i-54.8 is installed
  • OR openssl-doc-1.0.1i-54.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • jakarta-commons-fileupload-1.1.1-120 is installed
  • OR jakarta-commons-fileupload-javadoc-1.1.1-120 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • xen-4.7.5_02-43.30 is installed
  • OR xen-doc-html-4.7.5_02-43.30 is installed
  • OR xen-libs-4.7.5_02-43.30 is installed
  • OR xen-libs-32bit-4.7.5_02-43.30 is installed
  • OR xen-tools-4.7.5_02-43.30 is installed
  • OR xen-tools-domU-4.7.5_02-43.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_67-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_19-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-27 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-27 is installed
  • OR python-base-2.7.13-27 is installed
  • OR python-base-32bit-2.7.13-27 is installed
  • OR python-xml-2.7.13-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • exiv2-0.23-12.5 is installed
  • OR libexiv2-12-0.23-12.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libxcb-dri2-0-1.10-4.3 is installed
  • OR libxcb-dri2-0-32bit-1.10-4.3 is installed
  • OR libxcb-dri3-0-1.10-4.3 is installed
  • OR libxcb-dri3-0-32bit-1.10-4.3 is installed
  • OR libxcb-glx0-1.10-4.3 is installed
  • OR libxcb-glx0-32bit-1.10-4.3 is installed
  • OR libxcb-present0-1.10-4.3 is installed
  • OR libxcb-present0-32bit-1.10-4.3 is installed
  • OR libxcb-randr0-1.10-4.3 is installed
  • OR libxcb-render0-1.10-4.3 is installed
  • OR libxcb-render0-32bit-1.10-4.3 is installed
  • OR libxcb-shape0-1.10-4.3 is installed
  • OR libxcb-shm0-1.10-4.3 is installed
  • OR libxcb-shm0-32bit-1.10-4.3 is installed
  • OR libxcb-sync1-1.10-4.3 is installed
  • OR libxcb-sync1-32bit-1.10-4.3 is installed
  • OR libxcb-xf86dri0-1.10-4.3 is installed
  • OR libxcb-xfixes0-1.10-4.3 is installed
  • OR libxcb-xfixes0-32bit-1.10-4.3 is installed
  • OR libxcb-xinerama0-1.10-4.3 is installed
  • OR libxcb-xkb1-1.10-4.3 is installed
  • OR libxcb-xkb1-32bit-1.10-4.3 is installed
  • OR libxcb-xv0-1.10-4.3 is installed
  • OR libxcb1-1.10-4.3 is installed
  • OR libxcb1-32bit-1.10-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-actionpack-4_2-4.2.2-2 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openstack-magnum-3.1.2~a0~dev20-9 is installed
  • OR openstack-magnum-api-3.1.2~a0~dev20-9 is installed
  • OR openstack-magnum-conductor-3.1.2~a0~dev20-9 is installed
  • OR openstack-magnum-doc-3.1.2~a0~dev20-9 is installed
  • OR python-magnum-3.1.2~a0~dev20-9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • krb5-appl-1.0.3-3.3 is installed
  • OR krb5-appl-clients-1.0.3-3.3 is installed
  • OR krb5-appl-servers-1.0.3-3.3 is installed
    • BACK