OVAL Reference oval:org.opensuse.security:def:56799 - CERT Civis.Net

Oval Definition:

oval:org.opensuse.security:def:56799

Revision Date:	2020-12-01	Version:	1
Title:	Security update for ucode-intel (Important)
Description:	This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release (bsc#1111331) Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the CPU Microcode adjustments for the software mitigations. For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736 Release notes: - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- new platforms ---------------------------------------- - CLX-SP B1 6-55-7/bf 05000021 Xeon Scalable Gen2 - ---- updated platforms ------------------------------------ - SNB D2/G1/Q0 6-2a-7/12 0000002e->0000002f Core Gen2 - IVB E1/L1 6-3a-9/12 00000020->00000021 Core Gen3 - HSW C0 6-3c-3/32 00000025->00000027 Core Gen4 - BDW-U/Y E0/F0 6-3d-4/c0 0000002b->0000002d Core Gen5 - IVB-E/EP C1/M1/S1 6-3e-4/ed 0000042e->0000042f Core Gen3 X Series; Xeon E5 v2 - IVB-EX D1 6-3e-7/ed 00000714->00000715 Xeon E7 v2 - HSX-E/EP Cx/M1 6-3f-2/6f 00000041->00000043 Core Gen4 X series; Xeon E5 v3 - HSX-EX E0 6-3f-4/80 00000013->00000014 Xeon E7 v3 - HSW-U C0/D0 6-45-1/72 00000024->00000025 Core Gen4 - HSW-H C0 6-46-1/32 0000001a->0000001b Core Gen4 - BDW-H/E3 E0/G0 6-47-1/22 0000001e->00000020 Core Gen5 - SKL-U/Y D0/K1 6-4e-3/c0 000000c6->000000cc Core Gen6 - SKX-SP H0/M0/U0 6-55-4/b7 0200005a->0000005e Xeon Scalable - SKX-D M1 6-55-4/b7 0200005a->0000005e Xeon D-21xx - BDX-DE V1 6-56-2/10 00000019->0000001a Xeon D-1520/40 - BDX-DE V2/3 6-56-3/10 07000016->07000017 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 - BDX-DE Y0 6-56-4/10 0f000014->0f000015 Xeon D-1557/59/67/71/77/81/87 - BDX-NS A0 6-56-5/10 0e00000c->0e00000d Xeon D-1513N/23/33/43/53 - APL D0 6-5c-9/03 00000036->00000038 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx - SKL-H/S R0/N0 6-5e-3/36 000000c6->000000cc Core Gen6; Xeon E3 v5 - DNV B0 6-5f-1/01 00000024->0000002e Atom Processor C Series - GLK B0 6-7a-1/01 0000002c->0000002e Pentium Silver N/J5xxx, Celeron N/J4xxx - AML-Y22 H0 6-8e-9/10 0000009e->000000b4 Core Gen8 Mobile - KBL-U/Y H0 6-8e-9/c0 0000009a->000000b4 Core Gen7 Mobile - CFL-U43e D0 6-8e-a/c0 0000009e->000000b4 Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4->000000b8 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2->000000b8 Core Gen8 Mobile - KBL-G/H/S/E3 B0 6-9e-9/2a 0000009a->000000b4 Core Gen7; Xeon E3 v6 - CFL-H/S/E3 U0 6-9e-a/22 000000aa->000000b4 Core Gen8 Desktop, Mobile, Xeon E - CFL-S B0 6-9e-b/02 000000aa->000000b4 Core Gen8 - CFL-H/S P0 6-9e-c/22 000000a2->000000ae Core Gen9
Family:	unix	Class:	patch
Status:		Reference(s):	1002982 1021417 1023078 1023079 1025013 1025254 1030575 1031481 1031660 1039496 1083125 1085447 1090368 1090646 1111331 1117080 1120644 1122191 1129186 1153674 1154434 1164140 1171823 1172450 1173413 1173416 1173418 1174583 1175070 1175071 1175072 1175484 1176410 1177143 965582 970072 970073 986359 988489 CVE-2008-5519 CVE-2013-1987 CVE-2014-8111 CVE-2015-0840 CVE-2016-0775 CVE-2016-1285 CVE-2016-1286 CVE-2016-3092 CVE-2016-5388 CVE-2016-7969 CVE-2016-7970 CVE-2016-7971 CVE-2016-7972 CVE-2016-9577 CVE-2016-9578 CVE-2017-1000364 CVE-2017-13166 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-17954 CVE-2018-18623 CVE-2018-18624 CVE-2018-18625 CVE-2018-20406 CVE-2018-8781 CVE-2018-8897 CVE-2019-11091 CVE-2019-14287 CVE-2019-15043 CVE-2019-3838 CVE-2019-5010 CVE-2020-10177 CVE-2020-10378 CVE-2020-10744 CVE-2020-10994 CVE-2020-11110 CVE-2020-11985 CVE-2020-11993 CVE-2020-12052 CVE-2020-13379 CVE-2020-1733 CVE-2020-17376 CVE-2020-25219 CVE-2020-26154 CVE-2020-9490 SUSE-SU-2016:0759-1 SUSE-SU-2016:2188-1 SUSE-SU-2016:3107-1 SUSE-SU-2017:0400-1 SUSE-SU-2017:1942-1 SUSE-SU-2018:1528-1 SUSE-SU-2019:0243-1 SUSE-SU-2019:0719-1 SUSE-SU-2019:1235-1 SUSE-SU-2019:2667-1 SUSE-SU-2020:2450-1 SUSE-SU-2020:2900-1 SUSE-SU-2020:2911-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information MozillaFirefox-60.0-lp150.2 is installed OR MozillaFirefox-translations-common-60.0-lp150.2 is installed OR MozillaFirefox-translations-other-60.0-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information bluez-5.48-lp151.8.3 is installed OR bluez-auto-enable-devices-5.48-lp151.8.3 is installed OR bluez-cups-5.48-lp151.8.3 is installed OR bluez-devel-5.48-lp151.8.3 is installed OR bluez-devel-32bit-5.48-lp151.8.3 is installed OR bluez-test-5.48-lp151.8.3 is installed OR libbluetooth3-5.48-lp151.8.3 is installed OR libbluetooth3-32bit-5.48-lp151.8.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND ucode-intel-20190507-13.41 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information tomcat-8.0.32-8 is installed OR tomcat-admin-webapps-8.0.32-8 is installed OR tomcat-docs-webapp-8.0.32-8 is installed OR tomcat-el-3_0-api-8.0.32-8 is installed OR tomcat-javadoc-8.0.32-8 is installed OR tomcat-jsp-2_3-api-8.0.32-8 is installed OR tomcat-lib-8.0.32-8 is installed OR tomcat-servlet-3_1-api-8.0.32-8 is installed OR tomcat-webapps-8.0.32-8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-6-3 is installed OR kgraft-patch-3_12_67-60_64_24-xen-6-3 is installed OR kgraft-patch-SLE12-SP1_Update_11-6-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_jk-1.2.40-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.5_02-43.30 is installed OR xen-doc-html-4.7.5_02-43.30 is installed OR xen-libs-4.7.5_02-43.30 is installed OR xen-libs-32bit-4.7.5_02-43.30 is installed OR xen-tools-4.7.5_02-43.30 is installed OR xen-tools-domU-4.7.5_02-43.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXext6-1.3.2-3 is installed OR libXext6-32bit-1.3.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND ucode-intel-20200602-13.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libldap-2_4-2-2.4.41-18.68 is installed OR libldap-2_4-2-32bit-2.4.41-18.68 is installed OR openldap2-2.4.41-18.68 is installed OR openldap2-back-meta-2.4.41-18.68 is installed OR openldap2-client-2.4.41-18.68 is installed OR openldap2-doc-2.4.41-18.68 is installed OR openldap2-ppolicy-check-password-1.2-18.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libnghttp2-14-1.7.1-1 is installed OR libnghttp2-14-32bit-1.7.1-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND sudo-1.8.10p3-10.23 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information dnsmasq-2.78-18.12 is installed OR dnsmasq-utils-2.78-18.12 is installed