OVAL Reference oval:org.opensuse.security:def:56278

Oval Definition:

oval:org.opensuse.security:def:56278

Revision Date:	2020-12-01	Version:	1
Title:	Security update for xen (Important)
Description:	This update for xen to version 4.7.2 fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442). - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service (DoS) of the entire host (bsc#1030144). - CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235). These non-security issues were fixed: - bsc#1015348: libvirtd didn't not start during boot - bsc#1014136: kdump couldn't dump a kernel on SLES12-SP2 with Xen hypervisor. - bsc#1026236: Fixed paravirtualized performance - bsc#1022555: Timeout in 'execution of /etc/xen/scripts/block add' - bsc#1029827: Forward port xenstored - bsc#1029128: Make xen to really produce xen.efi with gcc48
Family:	unix	Class:	patch
Status:		Reference(s):	1003577 1003579 1003580 1013882 1014136 1015348 1022555 1026236 1027519 1028235 1029128 1029827 1030144 1030442 1055962 1062937 1090338 1096740 1106989 1106996 1107609 1120381 1122033 1124365 1124366 1124368 1128649 1130330 1131317 1132053 1132054 1132060 860611 901748 903649 932483 936695 938746 939932 943006 943010 945484 945493 947458 954200 954201 968849 981670 993302 993313 CVE-2006-4197 CVE-2009-0946 CVE-2010-2497 CVE-2010-2800 CVE-2010-2801 CVE-2010-2805 CVE-2010-2891 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2011-0226 CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2014-2240 CVE-2014-3540 CVE-2014-3566 CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2014-9556 CVE-2014-9636 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2014-9732 CVE-2015-4000 CVE-2015-4467 CVE-2015-4468 CVE-2015-4469 CVE-2015-4470 CVE-2015-4471 CVE-2015-4472 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2015-8076 CVE-2015-8077 CVE-2015-8078 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 CVE-2016-2098 CVE-2016-6316 CVE-2016-6317 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-15232 CVE-2017-6505 CVE-2017-7228 CVE-2018-16412 CVE-2018-16413 CVE-2018-16644 CVE-2018-20467 CVE-2018-3665 CVE-2019-10650 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-7175 CVE-2019-7395 CVE-2019-7397 CVE-2019-7398 CVE-2019-9956 SUSE-SU-2015:1695-1 SUSE-SU-2016:1457-1 SUSE-SU-2017:0004-1 SUSE-SU-2017:0983-1 SUSE-SU-2017:2716-1 SUSE-SU-2018:0373-1 SUSE-SU-2018:2097-1 SUSE-SU-2019:1033-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND iputils-s20161105-lp150.5 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information evolution-3.26.6-lp151.4.3 is installed OR evolution-devel-3.26.6-lp151.4.3 is installed OR evolution-lang-3.26.6-lp151.4.3 is installed OR evolution-plugin-bogofilter-3.26.6-lp151.4.3 is installed OR evolution-plugin-pst-import-3.26.6-lp151.4.3 is installed OR evolution-plugin-spamassassin-3.26.6-lp151.4.3 is installed OR glade-catalog-evolution-3.26.6-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information openssh-6.6p1-13 is installed OR openssh-askpass-gnome-6.6p1-13 is installed OR openssh-helpers-6.6p1-13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information xen-4.7.2_02-36 is installed OR xen-libs-4.7.2_02-36 is installed OR xen-libs-32bit-4.7.2_02-36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND ft2demos-2.5.5-7.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_69-default-5-2 is installed OR kgraft-patch-3_12_74-60_64_69-xen-5-2 is installed OR kgraft-patch-SLE12-SP1_Update_24-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libdcerpc-binding0-4.4.2-38.20 is installed OR libdcerpc-binding0-32bit-4.4.2-38.20 is installed OR libdcerpc0-4.4.2-38.20 is installed OR libdcerpc0-32bit-4.4.2-38.20 is installed OR libndr-krb5pac0-4.4.2-38.20 is installed OR libndr-krb5pac0-32bit-4.4.2-38.20 is installed OR libndr-nbt0-4.4.2-38.20 is installed OR libndr-nbt0-32bit-4.4.2-38.20 is installed OR libndr-standard0-4.4.2-38.20 is installed OR libndr-standard0-32bit-4.4.2-38.20 is installed OR libndr0-4.4.2-38.20 is installed OR libndr0-32bit-4.4.2-38.20 is installed OR libnetapi0-4.4.2-38.20 is installed OR libnetapi0-32bit-4.4.2-38.20 is installed OR libsamba-credentials0-4.4.2-38.20 is installed OR libsamba-credentials0-32bit-4.4.2-38.20 is installed OR libsamba-errors0-4.4.2-38.20 is installed OR libsamba-errors0-32bit-4.4.2-38.20 is installed OR libsamba-hostconfig0-4.4.2-38.20 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.20 is installed OR libsamba-passdb0-4.4.2-38.20 is installed OR libsamba-passdb0-32bit-4.4.2-38.20 is installed OR libsamba-util0-4.4.2-38.20 is installed OR libsamba-util0-32bit-4.4.2-38.20 is installed OR libsamdb0-4.4.2-38.20 is installed OR libsamdb0-32bit-4.4.2-38.20 is installed OR libsmbclient0-4.4.2-38.20 is installed OR libsmbclient0-32bit-4.4.2-38.20 is installed OR libsmbconf0-4.4.2-38.20 is installed OR libsmbconf0-32bit-4.4.2-38.20 is installed OR libsmbldap0-4.4.2-38.20 is installed OR libsmbldap0-32bit-4.4.2-38.20 is installed OR libtevent-util0-4.4.2-38.20 is installed OR libtevent-util0-32bit-4.4.2-38.20 is installed OR libwbclient0-4.4.2-38.20 is installed OR libwbclient0-32bit-4.4.2-38.20 is installed OR samba-4.4.2-38.20 is installed OR samba-client-4.4.2-38.20 is installed OR samba-client-32bit-4.4.2-38.20 is installed OR samba-doc-4.4.2-38.20 is installed OR samba-libs-4.4.2-38.20 is installed OR samba-libs-32bit-4.4.2-38.20 is installed OR samba-winbind-4.4.2-38.20 is installed OR samba-winbind-32bit-4.4.2-38.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.6_04-43.39 is installed OR xen-doc-html-4.7.6_04-43.39 is installed OR xen-libs-4.7.6_04-43.39 is installed OR xen-libs-32bit-4.7.6_04-43.39 is installed OR xen-tools-4.7.6_04-43.39 is installed OR xen-tools-domU-4.7.6_04-43.39 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND p7zip-9.20.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_140-94_42-default-10-2 is installed OR kgraft-patch-SLE12-SP3_Update_15-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsystemd0-228-150.58 is installed OR libsystemd0-32bit-228-150.58 is installed OR libudev1-228-150.58 is installed OR libudev1-32bit-228-150.58 is installed OR systemd-228-150.58 is installed OR systemd-32bit-228-150.58 is installed OR systemd-bash-completion-228-150.58 is installed OR systemd-sysvinit-228-150.58 is installed OR udev-228-150.58 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information bluez-5.13-5.4 is installed OR libbluetooth3-5.13-5.4 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information ruby2.1-rubygem-actionmailer-4_2-4.2.9-3.3 is installed OR ruby2.1-rubygem-actionpack-4_2-4.2.9-7.3 is installed OR ruby2.1-rubygem-actionview-4_2-4.2.9-9.3 is installed OR ruby2.1-rubygem-activejob-4_2-4.2.9-3.3 is installed OR ruby2.1-rubygem-activemodel-4_2-4.2.9-6.3 is installed OR ruby2.1-rubygem-activerecord-4_2-4.2.9-6.3 is installed OR ruby2.1-rubygem-activesupport-4_2-4.2.9-7.3 is installed OR ruby2.1-rubygem-rails-4_2-4.2.9-3.3 is installed OR ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.3 is installed OR ruby2.1-rubygem-railties-4_2-4.2.9-3.3 is installed OR rubygem-actionmailer-4_2-4.2.9-3.3 is installed OR rubygem-actionpack-4_2-4.2.9-7.3 is installed OR rubygem-actionview-4_2-4.2.9-9.3 is installed OR rubygem-activejob-4_2-4.2.9-3.3 is installed OR rubygem-activemodel-4_2-4.2.9-6.3 is installed OR rubygem-activerecord-4_2-4.2.9-6.3 is installed OR rubygem-activesupport-4_2-4.2.9-7.3 is installed OR rubygem-rails-4_2-4.2.9-3.3 is installed OR rubygem-rails-html-sanitizer-1.0.3-8.3 is installed OR rubygem-railties-4_2-4.2.9-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information storm-1.0.5-5 is installed OR storm-nimbus-1.0.5-5 is installed OR storm-supervisor-1.0.5-5 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information dnsmasq-2.78-18.12 is installed OR dnsmasq-utils-2.78-18.12 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed

BACK