Oval Definition:	oval:org.opensuse.security:def:56737
Revision Date: 2020-12-01 Version: 1 Title: Security update for libvirt (Important) Description: This update for libvirt and virt-manager fixes the following issues: Security issues fixed: - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' (var2) (bsc#1079869). - CVE-2018-6764: Fixed guest executable code injection via libnss_dns.so loaded by libvirt_lxc before init (bsc#1080042). - CVE-2018-1064: Fixed denial of service when reading from guest agent (bsc#1083625). Non-security issues fixed in libvirt: - bsc#1070615: Fixed TPM device passthrough failure on kernels >= 4.0. - bsc#1082041: SUSE Linux Enterprise 11 SP4 hvm converted to pvhvm. Unless vm memory is on gig boundary, vm won't boot. - bsc#1082161: Unable to change RTC basis or adjustment for Xen HVM guests using libvirt. Non-security issues fixed in virt-manager: - bsc#1086038: VM guests cannot be properly installed with virt-install - bsc#1067018: KVM Guest creation failed - Property .cmt not found - bsc#1054986: Fix openSUSE 15.0 detection. It has no content file or .treeinfo file - bsc#1085757: Fallback to latest version of openSUSE when opensuse-unknown is detected for the ISO Family: unix Class: patch Status: Reference(s): 1005023 1005522 1005523 1005524 1005525 1005526 1005527 1005528 1015203 1022804 1027038 1031240 1034862 1052311 1052368 1054986 1066674 1067018 1070615 1071021 1076696 1079869 1080042 1082041 1082161 1083625 1085757 1086038 1086535 1091171 1094825 1100001 1101591 1102517 1103097 1104475 1105025 1105296 1106913 1107829 1108498 1110768 1111331 1111516 1113751 1113769 1114648 1114920 1114981 1115007 1115038 1115518 1116345 1116841 1118152 1118319 1119714 1119946 1119971 1120323 1120743 1120758 1121621 1122015 1123161 1124010 1124728 1124732 1124735 1126890 1128166 1131416 1131427 1132828 1133188 1133375 1153451 1153459 1159478 1159479 1159482 1159486 1170771 1171252 1171254 1172265 949520 972468 988651 998309 CVE-2009-0368 CVE-2010-2640 CVE-2010-2641 CVE-2010-2642 CVE-2010-2643 CVE-2010-4523 CVE-2016-0636 CVE-2016-10741 CVE-2016-2183 CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 CVE-2016-6662 CVE-2017-1000112 CVE-2017-1000407 CVE-2017-16533 CVE-2017-5715 CVE-2017-7273 CVE-2017-7472 CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9106 CVE-2017-9107 CVE-2017-9108 CVE-2017-9109 CVE-2018-1064 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-14633 CVE-2018-15572 CVE-2018-16864 CVE-2018-16865 CVE-2018-16866 CVE-2018-16884 CVE-2018-18281 CVE-2018-18386 CVE-2018-18690 CVE-2018-18710 CVE-2018-19407 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2018-5391 CVE-2018-6764 CVE-2018-9516 CVE-2018-9568 CVE-2019-11091 CVE-2019-11486 CVE-2019-17041 CVE-2019-17042 CVE-2019-18388 CVE-2019-18389 CVE-2019-18390 CVE-2019-18391 CVE-2019-3459 CVE-2019-3460 CVE-2019-3882 CVE-2019-6974 CVE-2019-7221 CVE-2019-7222 CVE-2019-8564 CVE-2019-9213 CVE-2019-9503 CVE-2019-9928 CVE-2020-12243 CVE-2020-12653 CVE-2020-12654 SUSE-SU-2016:0959-1 SUSE-SU-2016:2404-1 SUSE-SU-2016:2887-1 SUSE-SU-2017:0720-1 SUSE-SU-2017:2440-1 SUSE-SU-2018:0920-1 SUSE-SU-2019:0135-1 SUSE-SU-2019:1289-1 SUSE-SU-2019:1600-1 SUSE-SU-2020:0016-1 SUSE-SU-2020:1193-1 SUSE-SU-2020:1612-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information emacs-25.3-lp150.1 is installed OR emacs-info-25.3-lp150.1 is installed OR emacs-nox-25.3-lp150.1 is installed OR etags-25.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND tcpdump-4.9.2-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libvirt-3.3.0-5.19 is installed OR libvirt-admin-3.3.0-5.19 is installed OR libvirt-client-3.3.0-5.19 is installed OR libvirt-daemon-3.3.0-5.19 is installed OR libvirt-daemon-config-network-3.3.0-5.19 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.19 is installed OR libvirt-daemon-driver-interface-3.3.0-5.19 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.19 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.19 is installed OR libvirt-daemon-driver-network-3.3.0-5.19 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.19 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.19 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.19 is installed OR libvirt-daemon-driver-secret-3.3.0-5.19 is installed OR libvirt-daemon-driver-storage-3.3.0-5.19 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.19 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.19 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.19 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.19 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.19 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.19 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.19 is installed OR libvirt-daemon-lxc-3.3.0-5.19 is installed OR libvirt-daemon-qemu-3.3.0-5.19 is installed OR libvirt-daemon-xen-3.3.0-5.19 is installed OR libvirt-doc-3.3.0-5.19 is installed OR libvirt-libs-3.3.0-5.19 is installed OR virt-install-1.4.1-5.8 is installed OR virt-manager-1.4.1-5.8 is installed OR virt-manager-common-1.4.1-5.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libmysqlclient18-10.0.27-12 is installed OR libmysqlclient18-32bit-10.0.27-12 is installed OR mariadb-10.0.27-12 is installed OR mariadb-client-10.0.27-12 is installed OR mariadb-errormessages-10.0.27-12 is installed OR mariadb-tools-10.0.27-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_32-default-6-2 is installed OR kgraft-patch-3_12_69-60_64_32-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_13-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information evince-3.20.1-5 is installed OR evince-browser-plugin-3.20.1-5 is installed OR evince-lang-3.20.1-5 is installed OR evince-plugin-djvudocument-3.20.1-5 is installed OR evince-plugin-dvidocument-3.20.1-5 is installed OR evince-plugin-pdfdocument-3.20.1-5 is installed OR evince-plugin-psdocument-3.20.1-5 is installed OR evince-plugin-tiffdocument-3.20.1-5 is installed OR evince-plugin-xpsdocument-3.20.1-5 is installed OR libevdocument3-4-3.20.1-5 is installed OR libevview3-3-3.20.1-5 is installed OR nautilus-evince-3.20.1-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20180703-13.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND yast2-smt-3.0.14-17.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_45-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_14-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information evince-3.20.1-5 is installed OR evince-browser-plugin-3.20.1-5 is installed OR evince-lang-3.20.1-5 is installed OR evince-plugin-djvudocument-3.20.1-5 is installed OR evince-plugin-dvidocument-3.20.1-5 is installed OR evince-plugin-pdfdocument-3.20.1-5 is installed OR evince-plugin-psdocument-3.20.1-5 is installed OR evince-plugin-tiffdocument-3.20.1-5 is installed OR evince-plugin-xpsdocument-3.20.1-5 is installed OR libevdocument3-4-3.20.1-5 is installed OR libevview3-3-3.20.1-5 is installed OR nautilus-evince-3.20.1-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information strongswan-5.1.3-26.13 is installed OR strongswan-doc-5.1.3-26.13 is installed OR strongswan-hmac-5.1.3-26.13 is installed OR strongswan-ipsec-5.1.3-26.13 is installed OR strongswan-libs0-5.1.3-26.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libXvnc1-1.6.0-18.23 is installed OR tigervnc-1.6.0-18.23 is installed OR xorg-x11-Xvnc-1.6.0-18.23 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information rsyslog-8.4.0-13.8 is installed OR rsyslog-diag-tools-8.4.0-13.8 is installed OR rsyslog-doc-8.4.0-13.8 is installed OR rsyslog-module-gssapi-8.4.0-13.8 is installed OR rsyslog-module-gtls-8.4.0-13.8 is installed OR rsyslog-module-mysql-8.4.0-13.8 is installed OR rsyslog-module-pgsql-8.4.0-13.8 is installed OR rsyslog-module-relp-8.4.0-13.8 is installed OR rsyslog-module-snmp-8.4.0-13.8 is installed OR rsyslog-module-udpspoof-8.4.0-13.8 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information gstreamer-plugins-base-1.8.3-13.3 is installed OR gstreamer-plugins-base-lang-1.8.3-13.3 is installed OR libgstallocators-1_0-0-1.8.3-13.3 is installed OR libgstapp-1_0-0-1.8.3-13.3 is installed OR libgstapp-1_0-0-32bit-1.8.3-13.3 is installed OR libgstaudio-1_0-0-1.8.3-13.3 is installed OR libgstaudio-1_0-0-32bit-1.8.3-13.3 is installed OR libgstfft-1_0-0-1.8.3-13.3 is installed OR libgstpbutils-1_0-0-1.8.3-13.3 is installed OR libgstpbutils-1_0-0-32bit-1.8.3-13.3 is installed OR libgstriff-1_0-0-1.8.3-13.3 is installed OR libgstrtp-1_0-0-1.8.3-13.3 is installed OR libgstrtsp-1_0-0-1.8.3-13.3 is installed OR libgstsdp-1_0-0-1.8.3-13.3 is installed OR libgsttag-1_0-0-1.8.3-13.3 is installed OR libgsttag-1_0-0-32bit-1.8.3-13.3 is installed OR libgstvideo-1_0-0-1.8.3-13.3 is installed OR libgstvideo-1_0-0-32bit-1.8.3-13.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-cryptography-2.0.3-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information xen-4.9.4_10-3.71 is installed OR xen-doc-html-4.9.4_10-3.71 is installed OR xen-libs-4.9.4_10-3.71 is installed OR xen-libs-32bit-4.9.4_10-3.71 is installed OR xen-tools-4.9.4_10-3.71 is installed OR xen-tools-domU-4.9.4_10-3.71 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-actionview-4_2-4.2.9-9.6 is installed OR rubygem-actionview-4_2-4.2.9-9.6 is installed
BACK