OVAL Reference oval:org.opensuse.security:def:56802

Oval Definition:

oval:org.opensuse.security:def:56802

Revision Date:	2020-12-01	Version:	1
Title:	Security update for xen (Important)
Description:	This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionaly also use CPU Microcode updates. The mitigation can be controlled via the 'mds' commandline option, see the documentation. For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736 Security issue fixed: - CVE-2018-20815: Fixed a heap buffer overflow while loading device tree blob (bsc#1130680) Other fixes: - Added code to change LIBXL_HOTPLUG_TIMEOUT at runtime. The included README has details about the impact of this change (bsc#1120095)
Family:	unix	Class:	patch
Status:		Reference(s):	1013533 1013604 1027519 1049483 1055047 1056336 1061075 1061081 1061086 1063123 1068187 1068191 1077559 1077568 1077572 1083125 1085447 1090368 1090646 1111331 1120095 1129180 1130680 1131863 1134156 1140359 1146882 1146884 1149332 1150733 1165784 1171878 1172085 1175664 1175665 1175671 1176013 1177914 971328 984858 985217 986251 991616 CVE-2013-1989 CVE-2013-2066 CVE-2015-1419 CVE-2016-2315 CVE-2016-2324 CVE-2016-3477 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440 CVE-2016-6354 CVE-2016-9576 CVE-2016-9794 CVE-2017-13166 CVE-2017-13672 CVE-2017-15289 CVE-2017-15592 CVE-2017-15595 CVE-2017-15597 CVE-2017-7533 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-20815 CVE-2018-6196 CVE-2018-6197 CVE-2018-6198 CVE-2018-8781 CVE-2018-8897 CVE-2019-11091 CVE-2019-12973 CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 CVE-2019-3689 CVE-2019-3835 CVE-2019-3839 CVE-2020-10029 CVE-2020-15810 CVE-2020-15811 CVE-2020-15999 CVE-2020-24606 SUSE-SU-2016:0796-1 SUSE-SU-2016:2218-1 SUSE-SU-2016:3188-1 SUSE-SU-2017:2042-1 SUSE-SU-2017:3236-1 SUSE-SU-2018:1519-1 SUSE-SU-2019:0776-1 SUSE-SU-2019:2478-1 SUSE-SU-2019:2781-1 SUSE-SU-2020:2471-1 SUSE-SU-2020:2998-1 SUSE-SU-2020:3024-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information NetworkManager-applet-1.8.10-lp150.3 is installed OR NetworkManager-applet-lang-1.8.10-lp150.3 is installed OR NetworkManager-connection-editor-1.8.10-lp150.3 is installed OR libnm-gtk0-1.8.10-lp150.3 is installed OR libnma0-1.8.10-lp150.3 is installed OR nma-data-1.8.10-lp150.3 is installed OR typelib-1_0-NMGtk-1_0-1.8.10-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information GraphicsMagick-1.3.29-lp151.4.3 is installed OR GraphicsMagick-devel-1.3.29-lp151.4.3 is installed OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.3 is installed OR libGraphicsMagick++-devel-1.3.29-lp151.4.3 is installed OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.3 is installed OR libGraphicsMagick3-config-1.3.29-lp151.4.3 is installed OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.3 is installed OR perl-GraphicsMagick-1.3.29-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information xen-4.9.4_04-3.53 is installed OR xen-libs-4.9.4_04-3.53 is installed OR xen-libs-32bit-4.9.4_04-3.53 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libmysqlclient18-10.0.26-9 is installed OR libmysqlclient18-32bit-10.0.26-9 is installed OR mariadb-10.0.26-9 is installed OR mariadb-client-10.0.26-9 is installed OR mariadb-errormessages-10.0.26-9 is installed OR mariadb-tools-10.0.26-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.51 is installed OR kernel-default-base-3.12.74-60.64.51 is installed OR kernel-default-devel-3.12.74-60.64.51 is installed OR kernel-default-man-3.12.74-60.64.51 is installed OR kernel-devel-3.12.74-60.64.51 is installed OR kernel-macros-3.12.74-60.64.51 is installed OR kernel-source-3.12.74-60.64.51 is installed OR kernel-syms-3.12.74-60.64.51 is installed OR kernel-xen-3.12.74-60.64.51 is installed OR kernel-xen-base-3.12.74-60.64.51 is installed OR kernel-xen-devel-3.12.74-60.64.51 is installed OR kgraft-patch-3_12_74-60_64_51-default-1-2 is installed OR kgraft-patch-3_12_74-60_64_51-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_18-1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information at-3.1.14-7 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed OR libkde4-4.12.0-7 is installed OR libkde4-32bit-4.12.0-7 is installed OR libkdecore4-4.12.0-7 is installed OR libkdecore4-32bit-4.12.0-7 is installed OR libksuseinstall1-4.12.0-7 is installed OR libksuseinstall1-32bit-4.12.0-7 is installed OR libnetpbm11-10.66.3-4 is installed OR libnetpbm11-32bit-10.66.3-4 is installed OR netpbm-10.66.3-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information qemu-2.6.2-41.40 is installed OR qemu-block-curl-2.6.2-41.40 is installed OR qemu-block-rbd-2.6.2-41.40 is installed OR qemu-block-ssh-2.6.2-41.40 is installed OR qemu-guest-agent-2.6.2-41.40 is installed OR qemu-ipxe-1.0.0-41.40 is installed OR qemu-kvm-2.6.2-41.40 is installed OR qemu-lang-2.6.2-41.40 is installed OR qemu-seabios-1.9.1-41.40 is installed OR qemu-sgabios-8-41.40 is installed OR qemu-tools-2.6.2-41.40 is installed OR qemu-vgabios-1.9.1-41.40 is installed OR qemu-x86-2.6.2-41.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND yast2-smt-3.0.14-17.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXi6-1.7.4-17 is installed OR libXi6-32bit-1.7.4-17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ibus-1.5.13-15.11 is installed OR ibus-gtk-1.5.13-15.11 is installed OR ibus-gtk3-1.5.13-15.11 is installed OR ibus-lang-1.5.13-15.11 is installed OR libibus-1_0-5-1.5.13-15.11 is installed OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information adns-1.4-103.3 is installed OR libadns1-1.4-103.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.8.0-109.119 is installed OR MozillaFirefox-translations-common-68.8.0-109.119 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libopenssl-1_0_0-devel-1.0.2p-2 is installed OR libopenssl1_0_0-1.0.2p-2 is installed OR libopenssl1_0_0-32bit-1.0.2p-2 is installed OR libopenssl1_0_0-hmac-1.0.2p-2 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2p-2 is installed OR openssl-1_0_0-1.0.2p-2 is installed OR openssl-1_0_0-doc-1.0.2p-2 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-cryptography-2.0.3-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1582892022.cbd70e833-3.19 is installed OR crowbar-core-branding-upstream-6.0+git.1582892022.cbd70e833-3.19 is installed OR crowbar-ha-6.0+git.1574286261.6fd1a34-3.13 is installed OR crowbar-openstack-6.0+git.1580922461.67fb3c087-3.19 is installed OR crowbar-ui-1.3.0+git.1575896697.a01a3a08-17 is installed OR keepalived-2.0.19-3.3 is installed OR openstack-barbican-7.0.1~dev24-3.6 is installed OR openstack-barbican-api-7.0.1~dev24-3.6 is installed OR openstack-barbican-keystone-listener-7.0.1~dev24-3.6 is installed OR openstack-barbican-retry-7.0.1~dev24-3.6 is installed OR openstack-barbican-worker-7.0.1~dev24-3.6 is installed OR openstack-ceilometer-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-central-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-compute-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-ipmi-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-notification-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-polling-11.0.2~dev21-3.10 is installed OR openstack-cinder-13.0.9~dev11-3.16 is installed OR openstack-cinder-api-13.0.9~dev11-3.16 is installed OR openstack-cinder-backup-13.0.9~dev11-3.16 is installed OR openstack-cinder-scheduler-13.0.9~dev11-3.16 is installed OR openstack-cinder-volume-13.0.9~dev11-3.16 is installed OR openstack-dashboard-14.1.1~dev1-3.12 is installed OR openstack-dashboard-theme-SUSE-2018.2+git.1555335229.5c8dec9-3.3 is installed OR openstack-designate-7.0.1~dev23-3.13 is installed OR openstack-designate-agent-7.0.1~dev23-3.13 is installed OR openstack-designate-api-7.0.1~dev23-3.13 is installed OR openstack-designate-central-7.0.1~dev23-3.13 is installed OR openstack-designate-producer-7.0.1~dev23-3.13 is installed OR openstack-designate-sink-7.0.1~dev23-3.13 is installed OR openstack-designate-worker-7.0.1~dev23-3.13 is installed OR openstack-heat-11.0.3~dev31-3.13 is installed OR openstack-heat-api-11.0.3~dev31-3.13 is installed OR openstack-heat-api-cfn-11.0.3~dev31-3.13 is installed OR openstack-heat-engine-11.0.3~dev31-3.13 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev31-3.13 is installed OR openstack-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed OR openstack-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed OR openstack-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed OR openstack-ironic-11.1.4~dev22-3.13 is installed OR openstack-ironic-api-11.1.4~dev22-3.13 is installed OR openstack-ironic-conductor-11.1.4~dev22-3.13 is installed OR openstack-ironic-python-agent-3.3.3~dev6-3.13 is installed OR openstack-keystone-14.1.1~dev36-3.19 is installed OR openstack-magnum-7.2.1~dev1-3.10 is installed OR openstack-magnum-api-7.2.1~dev1-3.10 is installed OR openstack-magnum-conductor-7.2.1~dev1-3.10 is installed OR openstack-monasca-agent-2.8.1~dev13-3.6 is installed OR openstack-neutron-13.0.7~dev48-3.19 is installed OR openstack-neutron-dhcp-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-fwaas-13.0.3~dev4-3.9 is installed OR openstack-neutron-gbp-5.0.1~dev491-3.16 is installed OR openstack-neutron-ha-tool-13.0.7~dev48-3.19 is installed OR openstack-neutron-l3-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-linuxbridge-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-macvtap-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-metadata-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-metering-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-openvswitch-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-server-13.0.7~dev48-3.19 is installed OR openstack-neutron-vpnaas-13.0.2~dev6-3.6 is installed OR openstack-neutron-vyatta-agent-13.0.2~dev6-3.6 is installed OR openstack-nova-18.2.4~dev63-3.19 is installed OR openstack-nova-api-18.2.4~dev63-3.19 is installed OR openstack-nova-cells-18.2.4~dev63-3.19 is installed OR openstack-nova-compute-18.2.4~dev63-3.19 is installed OR openstack-nova-conductor-18.2.4~dev63-3.19 is installed OR openstack-nova-console-18.2.4~dev63-3.19 is installed OR openstack-nova-novncproxy-18.2.4~dev63-3.19 is installed OR openstack-nova-placement-api-18.2.4~dev63-3.19 is installed OR openstack-nova-scheduler-18.2.4~dev63-3.19 is installed OR openstack-nova-serialproxy-18.2.4~dev63-3.19 is installed OR openstack-nova-vncproxy-18.2.4~dev63-3.19 is installed OR openstack-octavia-3.2.2~dev8-3.19 is installed OR openstack-octavia-amphora-agent-3.2.2~dev8-3.19 is installed OR openstack-octavia-amphora-image-0.1.2-7.6 is installed OR openstack-octavia-amphora-image-x86_64-0.1.2-7.6 is installed OR openstack-octavia-api-3.2.2~dev8-3.19 is installed OR openstack-octavia-health-manager-3.2.2~dev8-3.19 is installed OR openstack-octavia-housekeeping-3.2.2~dev8-3.19 is installed OR openstack-octavia-worker-3.2.2~dev8-3.19 is installed OR openstack-sahara-9.0.2~dev15-3.9 is installed OR openstack-sahara-api-9.0.2~dev15-3.9 is installed OR openstack-sahara-engine-9.0.2~dev15-3.9 is installed OR openstack-swift-2.19.2~dev48-3.3 is installed OR openstack-swift-account-2.19.2~dev48-3.3 is installed OR openstack-swift-container-2.19.2~dev48-3.3 is installed OR openstack-swift-object-2.19.2~dev48-3.3 is installed OR openstack-swift-proxy-2.19.2~dev48-3.3 is installed OR python-amqp-2.4.2-4.3 is installed OR python-barbican-7.0.1~dev24-3.6 is installed OR python-ceilometer-11.0.2~dev21-3.10 is installed OR python-cinder-13.0.9~dev11-3.16 is installed OR python-designate-7.0.1~dev23-3.13 is installed OR python-heat-11.0.3~dev31-3.13 is installed OR python-horizon-14.1.1~dev1-3.12 is installed OR python-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed OR python-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed OR python-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed OR python-ironic-11.1.4~dev22-3.13 is installed OR python-ironic-lib-2.14.2-3.3 is installed OR python-keystone-14.1.1~dev36-3.19 is installed OR python-keystoneauth1-3.10.1~dev10-3.3 is installed OR python-keystoneclient-3.17.1~dev5-3.3 is installed OR python-keystoneclient-doc-3.17.1~dev5-3.3 is installed OR python-keystonemiddleware-5.2.2~dev3-14 is installed OR python-magnum-7.2.1~dev1-3.10 is installed OR python-monasca-agent-2.8.1~dev13-3.6 is installed OR python-neutron-13.0.7~dev48-3.19 is installed OR python-neutron-fwaas-13.0.3~dev4-3.9 is installed OR python-neutron-gbp-5.0.1~dev491-3.16 is installed OR python-neutron-vpnaas-13.0.2~dev6-3.6 is installed OR python-nova-18.2.4~dev63-3.19 is installed OR python-octavia-3.2.2~dev8-3.19 is installed OR python-openstack_auth-14.1.1~dev1-3.12 is installed OR python-ovs-2.9.0-3.3 is installed OR python-sahara-9.0.2~dev15-3.9 is installed OR python-swift-2.19.2~dev48-3.3 is installed OR ruby2.1-rubygem-crowbar-client-3.9.1-3.3 is installed OR ruby2.1-rubygem-puma-2.16.0-4.3 is installed OR rubygem-crowbar-client-3.9.1-3.3 is installed OR rubygem-puma-2.16.0-4.3 is installed OR supportutils-plugin-suse-openstack-cloud-9.0.1574431436.987b47d-3.6 is installed

BACK