OVAL Reference oval:org.opensuse.security:def:56493

Oval Definition:

oval:org.opensuse.security:def:56493

Revision Date:	2020-12-01	Version:	1
Title:	Security update for xen (Important)
Description:	This update for xen to version 4.9.1 (bsc#1027519) fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code allowed for DoS (XSA-246) - bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests to retain a writable mapping of freed memory leading to information leaks, privilege escalation or DoS (XSA-247). - CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation (bsc#1063123) - CVE-2017-15597: A grant copy operation being done on a grant of a dying domain allowed a malicious guest administrator to corrupt hypervisor memory, allowing for DoS or potentially privilege escalation and information leaks (bsc#1061075). This non-security issue was fixed: - bsc#1055047: Fixed --initrd-inject option in virt-install
Family:	unix	Class:	patch
Status:		Reference(s):	1015187 1027519 1037559 1055047 1061075 1063123 1068101 1068187 1068191 1079869 1083424 1091427 1094325 1094508 1094725 1098531 1100112 1101147 1103276 1109105 1111014 1111479 1111480 1111853 1112229 1117022 1117274 1117313 1117327 1117331 1138872 1160968 959329 962189 CVE-2011-0707 CVE-2011-1018 CVE-2013-2132 CVE-2014-4910 CVE-2015-8704 CVE-2016-9933 CVE-2017-15289 CVE-2017-15597 CVE-2017-5715 CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 CVE-2017-8779 CVE-2018-10900 CVE-2018-12327 CVE-2018-15468 CVE-2018-17183 CVE-2018-17961 CVE-2018-17963 CVE-2018-18073 CVE-2018-18284 CVE-2018-19409 CVE-2018-19475 CVE-2018-19476 CVE-2018-19477 CVE-2018-7170 CVE-2019-11708 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 SUSE-SU-2016:0174-1 SUSE-SU-2016:3211-1 SUSE-SU-2017:1336-1 SUSE-SU-2017:3115-1 SUSE-SU-2017:3213-1 SUSE-SU-2018:2297-1 SUSE-SU-2018:2631-1 SUSE-SU-2018:3332-1 SUSE-SU-2018:3342-1 SUSE-SU-2018:4090-1 SUSE-SU-2019:1684-1 SUSE-SU-2020:0628-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gnutls-3.6.2-lp150.3 is installed OR libgnutls-dane0-3.6.2-lp150.3 is installed OR libgnutls30-3.6.2-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information GraphicsMagick-1.3.29-lp151.4.6 is installed OR GraphicsMagick-devel-1.3.29-lp151.4.6 is installed OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.6 is installed OR libGraphicsMagick++-devel-1.3.29-lp151.4.6 is installed OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.6 is installed OR libGraphicsMagick3-config-1.3.29-lp151.4.6 is installed OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.6 is installed OR perl-GraphicsMagick-1.3.29-lp151.4.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information xen-4.9.1_02-3.21 is installed OR xen-libs-4.9.1_02-3.21 is installed OR xen-libs-32bit-4.9.1_02-3.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND logwatch-7.4.0-13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information ghostscript-9.26-23.16 is installed OR ghostscript-x11-9.26-23.16 is installed OR libspectre-0.2.7-12.4 is installed OR libspectre1-0.2.7-12.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND mailman-2.1.17-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND shadow-4.2.1-27.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information perl-5.18.2-12.14 is installed OR perl-32bit-5.18.2-12.14 is installed OR perl-base-5.18.2-12.14 is installed OR perl-doc-5.18.2-12.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND dosfstools-3.0.26-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information python-PyYAML-5.1.2-26.12 is installed OR python3-PyYAML-5.1.2-26.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dracut-044.1-9 is installed OR dracut-fips-044.1-9 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND python-pymongo-3.0.3-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libvirt-2.0.0-27.45 is installed OR libvirt-client-2.0.0-27.45 is installed OR libvirt-daemon-2.0.0-27.45 is installed OR libvirt-daemon-config-network-2.0.0-27.45 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed OR libvirt-daemon-driver-network-2.0.0-27.45 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed OR libvirt-daemon-hooks-2.0.0-27.45 is installed OR libvirt-daemon-lxc-2.0.0-27.45 is installed OR libvirt-daemon-qemu-2.0.0-27.45 is installed OR libvirt-daemon-xen-2.0.0-27.45 is installed OR libvirt-doc-2.0.0-27.45 is installed OR libvirt-lock-sanlock-2.0.0-27.45 is installed OR libvirt-nss-2.0.0-27.45 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.65-38.53 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.55-38.44 is installed

BACK