Oval Definition:	oval:org.opensuse.security:def:56952
Revision Date: 2020-12-01 Version: 1 Title: Security update for qemu (Important) Description: This update for qemu fixes the following issues: - CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue (bsc#1126455) - CVE-2019-3812: Fixed OOB memory access and information leak in virtual monitor interface (bsc#1125721) - CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) - Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature 'md-clear' (bsc#1111331) Other bugs fixed: - Use a new approach to handling the file input to -smbios option, which accepts either legacy or per-spec formats regardless of the machine type. - Drop the 'ampersand 0x25 shift altgr' line in pt-br keymap file (bsc#1129962) Family: unix Class: patch Status: Reference(s): 1005480 1005893 1006221 1012382 1016366 1016368 1016369 1016370 1023616 1024051 1024908 1034113 1043055 1043485 1048576 1049086 1056278 1056280 1056281 1056282 1063671 1064392 1066471 1066472 1068032 1073311 1080157 1080533 1082632 1082858 1087231 1087659 1087906 1093158 1094268 1096748 1100152 1101410 1101412 1101654 1103040 1103186 1106913 1109772 1111331 1112178 1113399 1115375 1116841 1118319 1118320 1118338 1119019 1122822 1124832 1125580 1125721 1126455 1129279 1129622 1129962 1130675 1131416 1131427 1131587 1132673 1132828 1133188 1141780 1141782 1141783 1141784 1141785 1141786 1141787 1141789 1168630 1176262 959886 960158 963230 965897 967122 970423 970860 972612 972727 973848 976766 978275 CVE-2014-5461 CVE-2014-9770 CVE-2015-5185 CVE-2015-8842 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-8636 CVE-2016-8858 CVE-2017-10978 CVE-2017-10983 CVE-2017-10984 CVE-2017-10985 CVE-2017-10987 CVE-2017-10988 CVE-2017-13080 CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 CVE-2017-15649 CVE-2017-17741 CVE-2017-18174 CVE-2017-5838 CVE-2017-9788 CVE-2018-0360 CVE-2018-0361 CVE-2018-1000085 CVE-2018-1091 CVE-2018-1120 CVE-2018-1128 CVE-2018-1129 CVE-2018-12126 CVE-2018-12126 CVE-2018-12127 CVE-2018-12127 CVE-2018-12130 CVE-2018-12130 CVE-2018-14679 CVE-2018-19407 CVE-2018-20815 CVE-2018-9568 CVE-2019-11091 CVE-2019-11091 CVE-2019-11486 CVE-2019-20916 CVE-2019-2745 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 CVE-2019-3812 CVE-2019-3882 CVE-2019-7317 CVE-2019-8564 CVE-2019-8934 CVE-2019-9503 CVE-2019-9824 CVE-2020-6819 CVE-2020-6820 SUSE-SU-2016:1346-1 SUSE-SU-2017:0264-1 SUSE-SU-2017:0967-1 SUSE-SU-2017:1961-1 SUSE-SU-2017:2243-1 SUSE-SU-2017:2466-1 SUSE-SU-2017:3118-1 SUSE-SU-2018:2323-1 SUSE-SU-2019:1238-1 SUSE-SU-2019:1287-1 SUSE-SU-2019:2036-1 SUSE-SU-2020:0928-1 SUSE-SU-2020:2698-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.0 NonFree openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libgcrypt20-1.8.2-lp150.4 is installed OR libgcrypt20-32bit-1.8.2-lp150.4 is installed Definition Synopsis openSUSE Leap 15.0 NonFree is installed AND opera-63.0.3368.66-lp151.2.6 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information nodejs8-8.15.1-lp151.2.3 is installed OR nodejs8-devel-8.15.1-lp151.2.3 is installed OR nodejs8-docs-8.15.1-lp151.2.3 is installed OR npm8-8.15.1-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information qemu-2.11.2-5.13 is installed OR qemu-block-curl-2.11.2-5.13 is installed OR qemu-ipxe-1.0.0+-5.13 is installed OR qemu-kvm-2.11.2-5.13 is installed OR qemu-seabios-1.11.0-5.13 is installed OR qemu-sgabios-8-5.13 is installed OR qemu-tools-2.11.2-5.13 is installed OR qemu-vgabios-1.11.0-5.13 is installed OR qemu-x86-2.11.2-5.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libgudev-1_0-0-210-104 is installed OR libgudev-1_0-0-32bit-210-104 is installed OR libudev1-210-104 is installed OR libudev1-32bit-210-104 is installed OR systemd-210-104 is installed OR systemd-32bit-210-104 is installed OR systemd-bash-completion-210-104 is installed OR systemd-sysvinit-210-104 is installed OR udev-210-104 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xen-4.5.5_16-22.28 is installed OR xen-doc-html-4.5.5_16-22.28 is installed OR xen-kmp-default-4.5.5_16_k3.12.74_60.64.57-22.28 is installed OR xen-libs-4.5.5_16-22.28 is installed OR xen-libs-32bit-4.5.5_16-22.28 is installed OR xen-tools-4.5.5_16-22.28 is installed OR xen-tools-domU-4.5.5_16-22.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information liblua5_2-5.2.2-4 is installed OR liblua5_2-32bit-5.2.2-4 is installed OR lua-5.2.2-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libwireshark9-2.4.10-48.32 is installed OR libwiretap7-2.4.10-48.32 is installed OR libwscodecs1-2.4.10-48.32 is installed OR libwsutil8-2.4.10-48.32 is installed OR wireshark-2.4.10-48.32 is installed OR wireshark-gtk-2.4.10-48.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND davfs2-1.5.2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20191112-13.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information tomcat-8.0.53-29.16 is installed OR tomcat-admin-webapps-8.0.53-29.16 is installed OR tomcat-docs-webapp-8.0.53-29.16 is installed OR tomcat-el-3_0-api-8.0.53-29.16 is installed OR tomcat-javadoc-8.0.53-29.16 is installed OR tomcat-jsp-2_3-api-8.0.53-29.16 is installed OR tomcat-lib-8.0.53-29.16 is installed OR tomcat-servlet-3_1-api-8.0.53-29.16 is installed OR tomcat-webapps-8.0.53-29.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND tcpdump-4.9.2-14.5 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information kernel-default-4.4.121-92.109 is installed OR kernel-default-base-4.4.121-92.109 is installed OR kernel-default-devel-4.4.121-92.109 is installed OR kernel-default-man-4.4.121-92.109 is installed OR kernel-devel-4.4.121-92.109 is installed OR kernel-macros-4.4.121-92.109 is installed OR kernel-source-4.4.121-92.109 is installed OR kernel-syms-4.4.121-92.109 is installed OR kgraft-patch-4_4_121-92_109-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_29-1-3.5 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-SQLAlchemy-1.2.10-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed
BACK