Oval Definition:	oval:org.opensuse.security:def:56785
Revision Date: 2020-12-01 Version: 1 Title: Security update for libvirt (Moderate) Description: This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent (bsc#1127458). - CVE-2019-3886: Fixed an information leak which allowed to retrieve the guest hostname under readonly mode (bsc#1131595). Other issue addressed: - cpu: add Skylake-Server and Skylake-Server-IBRS CPU models (FATE#327261, bsc#1131955) - libxl: save current memory value after successful balloon (bsc#1120813). - libxl: support Xen's max_grant_frames setting with maxGrantFrames attribute on the xenbus controller (bsc#1126325). - conf: add new 'xenbus' controller type Family: unix Class: patch Status: Reference(s): 1005522 1005523 1005524 1005525 1005526 1005527 1005528 1038505 1046554 1046555 1063671 1064392 1066471 1066472 1092100 1120813 1121753 1126325 1127458 1131595 1131955 1138459 1139945 1141322 1141853 1158527 1159819 1164860 1168994 1173144 1174117 1175626 1175656 964845 964847 964849 991444 991445 991872 CVE-2009-0790 CVE-2009-1720 CVE-2009-1721 CVE-2012-2388 CVE-2013-2944 CVE-2013-5018 CVE-2013-6075 CVE-2013-6076 CVE-2014-2338 CVE-2014-9221 CVE-2015-4171 CVE-2015-8023 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 CVE-2016-5010 CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 CVE-2016-6491 CVE-2016-6520 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-13080 CVE-2017-15649 CVE-2017-3142 CVE-2017-3143 CVE-2017-3509 CVE-2017-3511 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2018-20852 CVE-2019-10160 CVE-2019-11745 CVE-2019-12781 CVE-2019-17006 CVE-2019-3840 CVE-2019-3886 CVE-2020-10713 CVE-2020-13935 CVE-2020-1935 CVE-2020-8163 SUSE-SU-2016:0455-1 SUSE-SU-2016:2076-1 SUSE-SU-2016:2953-1 SUSE-SU-2017:1386-1 SUSE-SU-2017:1736-1 SUSE-SU-2017:3127-1 SUSE-SU-2019:0450-1 SUSE-SU-2019:1042-1 SUSE-SU-2019:2091-1 SUSE-SU-2019:2379-1 SUSE-SU-2020:0088-1 SUSE-SU-2020:2140-1 SUSE-SU-2020:2611-1 SUSE-SU-2020:2628-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information MozillaFirefox-60.0-lp150.2 is installed OR MozillaFirefox-translations-common-60.0-lp150.2 is installed OR MozillaFirefox-translations-other-60.0-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND bubblewrap-0.3.3-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libvirt-3.3.0-5.30 is installed OR libvirt-admin-3.3.0-5.30 is installed OR libvirt-client-3.3.0-5.30 is installed OR libvirt-daemon-3.3.0-5.30 is installed OR libvirt-daemon-config-network-3.3.0-5.30 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.30 is installed OR libvirt-daemon-driver-interface-3.3.0-5.30 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.30 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.30 is installed OR libvirt-daemon-driver-network-3.3.0-5.30 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.30 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.30 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.30 is installed OR libvirt-daemon-driver-secret-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.30 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.30 is installed OR libvirt-daemon-lxc-3.3.0-5.30 is installed OR libvirt-daemon-qemu-3.3.0-5.30 is installed OR libvirt-daemon-xen-3.3.0-5.30 is installed OR libvirt-doc-3.3.0-5.30 is installed OR libvirt-libs-3.3.0-5.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-33 is installed OR libMagickCore-6_Q16-1-6.8.8.1-33 is installed OR libMagickWand-6_Q16-1-6.8.8.1-33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-devel-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libIlmImf-Imf_2_1-21-2.1.0-4 is installed OR openexr-2.1.0-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20180807-13.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ghostscript-9.26-23.16 is installed OR ghostscript-x11-9.26-23.16 is installed OR libspectre-0.2.7-12.4 is installed OR libspectre1-0.2.7-12.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND kdump-0.8.16-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information liblouis-data-2.6.4-6.6 is installed OR liblouis9-2.6.4-6.6 is installed OR python-louis-2.6.4-6.6 is installed OR python3-louis-2.6.4-6.6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND python-Django-1.8.19-3.18 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-urllib3-1.23-3.6 is installed
BACK