OVAL Reference oval:org.opensuse.security:def:56954

Oval Definition:

oval:org.opensuse.security:def:56954

Revision Date:	2020-12-01	Version:	1
Title:	Security update for xen (Important)
Description:	This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionaly also use CPU Microcode updates. The mitigation can be controlled via the 'mds' commandline option, see the documentation. For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736 Security issue fixed: - CVE-2018-20815: Fixed a heap buffer overflow while loading device tree blob (bsc#1130680) Other fixes: - Added code to change LIBXL_HOTPLUG_TIMEOUT at runtime. The included README has details about the impact of this change (bsc#1120095) - Fixes in Live migrating PV domUs An earlier change broke live migration of PV domUs without a device model. The migration would stall for 10 seconds while the domU was paused, which caused network connections to drop. Fix this by tracking the need for a device model within libxl. (bsc#1079730, bsc#1098403, bsc#1111025)
Family:	unix	Class:	patch
Status:		Reference(s):	1015964 1020983 1027519 1033466 1033467 1033468 1044995 1051510 1053431 1055117 1058425 1063671 1064392 1066471 1066472 1071995 1079730 1081741 1083647 1083710 1097356 1098403 1102247 1103411 1111025 1111331 1111666 1115339 1118319 1118320 1119222 1120095 1121571 1121816 1121818 1121821 1123080 1127034 1127315 1129770 1130680 1130972 1133021 1134097 1134390 1134399 1135335 1135642 1136896 1137458 1137534 1137535 1137584 1137609 1137811 1137827 1139358 1140133 1140139 1140322 1140652 1140887 1140888 1140889 1140891 1140893 1140903 1140945 1140954 1140955 1140956 1140957 1140958 1140959 1140960 1140961 1140962 1140964 1140971 1140972 1140992 1141401 1141402 1141452 1141453 1141454 1141478 1142023 1142112 1142220 1142221 1142254 1142350 1142351 1142354 1142359 1142450 1142701 1142868 1143003 1143045 1143105 1143185 1143189 1143191 1143507 1167890 1168930 1176579 729190 932483 945484 945493 947458 948902 960414 961368 962313 965576 970632 975865 986631 986639 987866 989528 CVE-2013-3571 CVE-2014-0019 CVE-2014-2892 CVE-2015-4000 CVE-2015-8325 CVE-2016-1908 CVE-2016-2775 CVE-2016-3115 CVE-2016-5824 CVE-2016-5827 CVE-2016-6170 CVE-2016-9584 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10078 CVE-2017-10081 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10115 CVE-2017-10116 CVE-2017-10125 CVE-2017-10243 CVE-2017-13080 CVE-2017-14482 CVE-2017-15649 CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 CVE-2018-1050 CVE-2018-10858 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-20685 CVE-2018-20815 CVE-2018-20855 CVE-2018-5848 CVE-2018-9568 CVE-2019-11091 CVE-2019-1125 CVE-2019-11810 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-1472 CVE-2020-5260 SUSE-SU-2016:1386-1 SUSE-SU-2017:0998-1 SUSE-SU-2017:1989-1 SUSE-SU-2017:2263-1 SUSE-SU-2017:2280-1 SUSE-SU-2017:2529-1 SUSE-SU-2017:3124-1 SUSE-SU-2018:2339-1 SUSE-SU-2019:0132-1 SUSE-SU-2019:2072-1 SUSE-SU-2020:0992-1 SUSE-SU-2020:2724-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libgif7-5.1.4-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libsvn_auth_gnome_keyring-1-0-1.10.6-lp151.4.3 is installed OR libsvn_auth_kwallet-1-0-1.10.6-lp151.4.3 is installed OR subversion-1.10.6-lp151.4.3 is installed OR subversion-bash-completion-1.10.6-lp151.4.3 is installed OR subversion-devel-1.10.6-lp151.4.3 is installed OR subversion-perl-1.10.6-lp151.4.3 is installed OR subversion-python-1.10.6-lp151.4.3 is installed OR subversion-python-ctypes-1.10.6-lp151.4.3 is installed OR subversion-ruby-1.10.6-lp151.4.3 is installed OR subversion-server-1.10.6-lp151.4.3 is installed OR subversion-tools-1.10.6-lp151.4.3 is installed
Definition Synopsis
openSUSE Leap 15.1 NonFree is installed AND opera-63.0.3368.66-lp151.2.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information xen-4.11.1_06-2.11 is installed OR xen-libs-4.11.1_06-2.11 is installed OR xen-libs-32bit-4.11.1_06-2.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information openssh-6.6p1-42 is installed OR openssh-askpass-gnome-6.6p1-42 is installed OR openssh-fips-6.6p1-42 is installed OR openssh-helpers-6.6p1-42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information emacs-24.3-25.3 is installed OR emacs-el-24.3-25.3 is installed OR emacs-info-24.3-25.3 is installed OR emacs-nox-24.3-25.3 is installed OR emacs-x11-24.3-25.3 is installed OR etags-24.3-25.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND libmms0-0.6.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-60.3.0-109.50 is installed OR MozillaFirefox-devel-60.3.0-109.50 is installed OR MozillaFirefox-translations-common-60.3.0-109.50 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information dbus-1-glib-0.100.2-3 is installed OR dbus-1-glib-32bit-0.100.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libgcrypt-1.6.1-16.68 is installed OR libgcrypt20-1.6.1-16.68 is installed OR libgcrypt20-32bit-1.6.1-16.68 is installed OR libgcrypt20-hmac-1.6.1-16.68 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information exempi-2.2.1-5.7 is installed OR libexempi3-2.2.1-5.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information tomcat-9.0.12-1 is installed OR tomcat-admin-webapps-9.0.12-1 is installed OR tomcat-docs-webapp-9.0.12-1 is installed OR tomcat-el-3_0-api-9.0.12-1 is installed OR tomcat-javadoc-9.0.12-1 is installed OR tomcat-jsp-2_3-api-9.0.12-1 is installed OR tomcat-lib-9.0.12-1 is installed OR tomcat-servlet-4_0-api-9.0.12-1 is installed OR tomcat-webapps-9.0.12-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information openssh-7.2p2-74.35 is installed OR openssh-askpass-gnome-7.2p2-74.35 is installed OR openssh-fips-7.2p2-74.35 is installed OR openssh-helpers-7.2p2-74.35 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libmysqlclient18-10.0.38-29.27 is installed OR mariadb-10.0.38-29.27 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-activejob-4_2-4.2.9-3.6 is installed OR rubygem-activejob-4_2-4.2.9-3.6 is installed

BACK