Oval Definition:oval:org.opensuse.security:def:56646
Revision Date:2020-12-01Version:1
Title:Security update for qemu (Moderate)
Description:

This update for qemu fixes the following issues:

These security issues were fixed:

- CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket causing DoS (bsc#1098735). - CVE-2018-11806: Prevent heap-based buffer overflow via incoming fragmented datagrams (bsc#1096223).

With this release the mitigations for Spectre v4 are moved the the patches from upstream (CVE-2018-3639, bsc#1092885).

This feature was added:

- Add support for block resize support for disks through the monitor (bsc#1094725).
Family:unixClass:patch
Status:Reference(s):1005544
1014136
1026236
1027519
1031460
1034845
1036470
1037243
1040202
1041847
1042160
1042863
1042882
1042893
1042915
1042923
1042924
1042931
1042938
1043074
1043297
1053373
1053911
1058058
1058297
1068003
1068032
1068613
1070144
1071228
1073489
1074572
1076114
1076775
1076813
1082276
1083291
1083292
1089039
1089152
1089635
1090820
1090822
1090823
1092885
1094725
1096223
1098735
1101246
1101470
1104789
1106197
1112039
1150011
1153674
1154862
1155089
1159856
1159858
1159860
1160250
1160251
1160937
939460
945842
949022
951660
952151
953831
954002
954658
955382
958581
958582
958583
958584
958585
958586
962765
964468
966220
968771
997043
CVE-2010-3170
CVE-2011-3389
CVE-2011-3640
CVE-2013-0743
CVE-2013-0791
CVE-2013-1620
CVE-2013-1739
CVE-2013-1740
CVE-2013-5605
CVE-2014-1492
CVE-2014-1568
CVE-2014-1569
CVE-2015-3223
CVE-2015-4000
CVE-2015-5252
CVE-2015-5276
CVE-2015-5296
CVE-2015-5299
CVE-2015-5330
CVE-2015-7181
CVE-2015-7182
CVE-2015-7575
CVE-2015-8467
CVE-2016-1938
CVE-2016-1950
CVE-2016-1978
CVE-2016-1979
CVE-2016-2834
CVE-2016-4658
CVE-2017-1002201
CVE-2017-10911
CVE-2017-10912
CVE-2017-10913
CVE-2017-10914
CVE-2017-10915
CVE-2017-10916
CVE-2017-10917
CVE-2017-10918
CVE-2017-10920
CVE-2017-10921
CVE-2017-10922
CVE-2017-15119
CVE-2017-15124
CVE-2017-16845
CVE-2017-17381
CVE-2017-18043
CVE-2017-5715
CVE-2017-8112
CVE-2017-8309
CVE-2017-8905
CVE-2017-9330
CVE-2017-9374
CVE-2017-9503
CVE-2017-9798
CVE-2018-0737
CVE-2018-10471
CVE-2018-10472
CVE-2018-11806
CVE-2018-12617
CVE-2018-18386
CVE-2018-3639
CVE-2018-5683
CVE-2018-7550
CVE-2018-8897
CVE-2019-14287
CVE-2019-14822
CVE-2019-15691
CVE-2019-15692
CVE-2019-15693
CVE-2019-15694
CVE-2019-15695
CVE-2019-17498
SUSE-SU-2015:2305-1
SUSE-SU-2016:0963-1
SUSE-SU-2016:2650-1
SUSE-SU-2017:1812-1
SUSE-SU-2017:2718-1
SUSE-SU-2018:0762-1
SUSE-SU-2018:1202-1
SUSE-SU-2018:2928-1
SUSE-SU-2018:3555-1
SUSE-SU-2019:2389-1
SUSE-SU-2019:2668-1
SUSE-SU-2019:2932-1
SUSE-SU-2019:2936-1
SUSE-SU-2020:0266-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND gzip-1.9-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libpng16-1.6.34-lp151.3.3 is installed
  • OR libpng16-16-1.6.34-lp151.3.3 is installed
  • OR libpng16-16-32bit-1.6.34-lp151.3.3 is installed
  • OR libpng16-compat-devel-1.6.34-lp151.3.3 is installed
  • OR libpng16-compat-devel-32bit-1.6.34-lp151.3.3 is installed
  • OR libpng16-devel-1.6.34-lp151.3.3 is installed
  • OR libpng16-devel-32bit-1.6.34-lp151.3.3 is installed
  • OR libpng16-tools-1.6.34-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • qemu-2.9.1-6.19 is installed
  • OR qemu-block-curl-2.9.1-6.19 is installed
  • OR qemu-ipxe-1.0.0-6.19 is installed
  • OR qemu-kvm-2.9.1-6.19 is installed
  • OR qemu-seabios-1.10.2-6.19 is installed
  • OR qemu-sgabios-8-6.19 is installed
  • OR qemu-tools-2.9.1-6.19 is installed
  • OR qemu-vgabios-1.10.2-6.19 is installed
  • OR qemu-x86-2.9.1-6.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • ldb-1.1.24-4 is installed
  • OR libdcerpc-binding0-4.2.4-6 is installed
  • OR libdcerpc-binding0-32bit-4.2.4-6 is installed
  • OR libdcerpc0-4.2.4-6 is installed
  • OR libdcerpc0-32bit-4.2.4-6 is installed
  • OR libgensec0-4.2.4-6 is installed
  • OR libgensec0-32bit-4.2.4-6 is installed
  • OR libldb1-1.1.24-4 is installed
  • OR libldb1-32bit-1.1.24-4 is installed
  • OR libndr-krb5pac0-4.2.4-6 is installed
  • OR libndr-krb5pac0-32bit-4.2.4-6 is installed
  • OR libndr-nbt0-4.2.4-6 is installed
  • OR libndr-nbt0-32bit-4.2.4-6 is installed
  • OR libndr-standard0-4.2.4-6 is installed
  • OR libndr-standard0-32bit-4.2.4-6 is installed
  • OR libndr0-4.2.4-6 is installed
  • OR libndr0-32bit-4.2.4-6 is installed
  • OR libnetapi0-4.2.4-6 is installed
  • OR libnetapi0-32bit-4.2.4-6 is installed
  • OR libregistry0-4.2.4-6 is installed
  • OR libsamba-credentials0-4.2.4-6 is installed
  • OR libsamba-credentials0-32bit-4.2.4-6 is installed
  • OR libsamba-hostconfig0-4.2.4-6 is installed
  • OR libsamba-hostconfig0-32bit-4.2.4-6 is installed
  • OR libsamba-passdb0-4.2.4-6 is installed
  • OR libsamba-passdb0-32bit-4.2.4-6 is installed
  • OR libsamba-util0-4.2.4-6 is installed
  • OR libsamba-util0-32bit-4.2.4-6 is installed
  • OR libsamdb0-4.2.4-6 is installed
  • OR libsamdb0-32bit-4.2.4-6 is installed
  • OR libsmbclient-raw0-4.2.4-6 is installed
  • OR libsmbclient-raw0-32bit-4.2.4-6 is installed
  • OR libsmbclient0-4.2.4-6 is installed
  • OR libsmbclient0-32bit-4.2.4-6 is installed
  • OR libsmbconf0-4.2.4-6 is installed
  • OR libsmbconf0-32bit-4.2.4-6 is installed
  • OR libsmbldap0-4.2.4-6 is installed
  • OR libsmbldap0-32bit-4.2.4-6 is installed
  • OR libtalloc2-2.1.5-4 is installed
  • OR libtalloc2-32bit-2.1.5-4 is installed
  • OR libtdb1-1.3.8-4 is installed
  • OR libtdb1-32bit-1.3.8-4 is installed
  • OR libtevent-util0-4.2.4-6 is installed
  • OR libtevent-util0-32bit-4.2.4-6 is installed
  • OR libtevent0-0.9.26-4 is installed
  • OR libtevent0-32bit-0.9.26-4 is installed
  • OR libwbclient0-4.2.4-6 is installed
  • OR libwbclient0-32bit-4.2.4-6 is installed
  • OR pytalloc-2.1.5-4 is installed
  • OR pytalloc-32bit-2.1.5-4 is installed
  • OR samba-4.2.4-6 is installed
  • OR samba-32bit-4.2.4-6 is installed
  • OR samba-client-4.2.4-6 is installed
  • OR samba-client-32bit-4.2.4-6 is installed
  • OR samba-doc-4.2.4-6 is installed
  • OR samba-libs-4.2.4-6 is installed
  • OR samba-libs-32bit-4.2.4-6 is installed
  • OR samba-winbind-4.2.4-6 is installed
  • OR samba-winbind-32bit-4.2.4-6 is installed
  • OR talloc-2.1.5-4 is installed
  • OR tdb-1.3.8-4 is installed
  • OR tdb-tools-1.3.8-4 is installed
  • OR tevent-0.9.26-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • apache2-2.4.16-20.13 is installed
  • OR apache2-doc-2.4.16-20.13 is installed
  • OR apache2-example-pages-2.4.16-20.13 is installed
  • OR apache2-prefork-2.4.16-20.13 is installed
  • OR apache2-utils-2.4.16-20.13 is installed
  • OR apache2-worker-2.4.16-20.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libfreebl3-3.21.1-46 is installed
  • OR libfreebl3-32bit-3.21.1-46 is installed
  • OR libfreebl3-hmac-3.21.1-46 is installed
  • OR libfreebl3-hmac-32bit-3.21.1-46 is installed
  • OR libsoftokn3-3.21.1-46 is installed
  • OR libsoftokn3-32bit-3.21.1-46 is installed
  • OR libsoftokn3-hmac-3.21.1-46 is installed
  • OR libsoftokn3-hmac-32bit-3.21.1-46 is installed
  • OR mozilla-nss-3.21.1-46 is installed
  • OR mozilla-nss-32bit-3.21.1-46 is installed
  • OR mozilla-nss-certs-3.21.1-46 is installed
  • OR mozilla-nss-certs-32bit-3.21.1-46 is installed
  • OR mozilla-nss-sysinit-3.21.1-46 is installed
  • OR mozilla-nss-sysinit-32bit-3.21.1-46 is installed
  • OR mozilla-nss-tools-3.21.1-46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • jakarta-commons-fileupload-1.1.1-122.3 is installed
  • OR jakarta-commons-fileupload-javadoc-1.1.1-122.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • gpg2-2.0.24-9.3 is installed
  • OR gpg2-lang-2.0.24-9.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • giflib-progs-5.0.5-12 is installed
  • OR libgif6-5.0.5-12 is installed
  • OR libgif6-32bit-5.0.5-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • bind-9.9.9P1-63.17 is installed
  • OR bind-chrootenv-9.9.9P1-63.17 is installed
  • OR bind-doc-9.9.9P1-63.17 is installed
  • OR bind-libs-9.9.9P1-63.17 is installed
  • OR bind-libs-32bit-9.9.9P1-63.17 is installed
  • OR bind-utils-9.9.9P1-63.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_155-94_50-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_17-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • dpdk-17.11.4-3 is installed
  • OR dpdk-kmp-default-17.11.4_k4.12.14_94.41-3 is installed
  • OR dpdk-thunderx-17.11.4-3 is installed
  • OR dpdk-thunderx-kmp-default-17.11.4_k4.12.14_94.41-3 is installed
  • OR dpdk-tools-17.11.4-3 is installed
  • OR libdpdk-17_11-17.11.4-3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • xen-4.5.5_12-22.18 is installed
  • OR xen-doc-html-4.5.5_12-22.18 is installed
  • OR xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18 is installed
  • OR xen-libs-4.5.5_12-22.18 is installed
  • OR xen-libs-32bit-4.5.5_12-22.18 is installed
  • OR xen-tools-4.5.5_12-22.18 is installed
  • OR xen-tools-domU-4.5.5_12-22.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed
  • OR openssl-1.0.2j-60.39 is installed
  • OR openssl-doc-1.0.2j-60.39 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ghostscript-9.27-23.31 is installed
  • OR ghostscript-x11-9.27-23.31 is installed
    • BACK