Oval Definition:oval:org.opensuse.security:def:57270
Revision Date:2020-12-01Version:1
Title:Security update for Xen and libvirt
Description:



Xen was updated to fix several security issues:

*

CVE-2012-3433: A xen HVM guest destroy p2m teardown host DoS vulnerability was fixed, where malicious guest could lock/crash the host.

*

CVE-2012-3432: A xen HVM guest user mode MMIO emulation DoS was fixed.

*

CVE-2012-2625: The xen pv bootloader doesn't check the size of the bzip2 or lzma compressed kernel, leading to denial of service (crash).

Also the following bug in XEN has been fixed:

* bnc#746702 - Xen HVM DomU crash during Windows Server 2008 R2 install, when maxmem > memory

This update also included bugfixes for:

*

vm-install: - bnc#762963 - ReaR: Unable to recover a paravirtualized XEN guest

*

virt-manager - SLE11-SP2 ONLY

* bnc#764982 - virt-manager fails to start after upgrade to SLES11 SP2 from SLES10

Security Issue reference:

* CVE-2012-3432

Family:unixClass:patch
Status:Reference(s):1002991
1007454
1008519
1009109
1012382
1013285
1013341
1013764
1013767
1014109
1014110
1014111
1014112
1014256
1014514
1016779
1069708
1071471
1075697
1077358
1082943
1088268
1090036
1096723
1098599
1099510
1101288
1102682
1102959
1105323
1105402
1106191
1107829
1107832
1108145
1109137
1109330
1110233
1110286
1117645
1119019
1120691
1121698
1121805
1122821
1124728
1124732
1124735
1125315
1125401
1127155
1127758
1127961
1128166
1128525
1129080
1129179
1138459
1139083
1141853
746702
762484
762963
764982
766283
773393
773401
773955
925502
937125
937339
985657
995352
996004
CVE-2012-3432
CVE-2014-0578
CVE-2014-5044
CVE-2015-2775
CVE-2015-3114
CVE-2015-3115
CVE-2015-3116
CVE-2015-3117
CVE-2015-3118
CVE-2015-3119
CVE-2015-3120
CVE-2015-3121
CVE-2015-3122
CVE-2015-3123
CVE-2015-3124
CVE-2015-3125
CVE-2015-3126
CVE-2015-3127
CVE-2015-3128
CVE-2015-3129
CVE-2015-3130
CVE-2015-3131
CVE-2015-3132
CVE-2015-3133
CVE-2015-3134
CVE-2015-3135
CVE-2015-3136
CVE-2015-3137
CVE-2015-4428
CVE-2015-4429
CVE-2015-4430
CVE-2015-4431
CVE-2015-4432
CVE-2015-4433
CVE-2015-5116
CVE-2015-5117
CVE-2015-5118
CVE-2015-5119
CVE-2015-5276
CVE-2016-3189
CVE-2016-6893
CVE-2016-7103
CVE-2016-7942
CVE-2016-9102
CVE-2016-9103
CVE-2016-9381
CVE-2016-9776
CVE-2016-9845
CVE-2016-9846
CVE-2016-9907
CVE-2016-9908
CVE-2016-9911
CVE-2016-9912
CVE-2016-9913
CVE-2016-9921
CVE-2016-9922
CVE-2017-0861
CVE-2017-15868
CVE-2017-16939
CVE-2018-0618
CVE-2018-1000026
CVE-2018-1000199
CVE-2018-10902
CVE-2018-10938
CVE-2018-13796
CVE-2018-14633
CVE-2018-17182
CVE-2018-20852
CVE-2018-5390
CVE-2018-5950
CVE-2019-10160
CVE-2019-12900
CVE-2019-2024
CVE-2019-6974
CVE-2019-7221
CVE-2019-7222
CVE-2019-8936
CVE-2019-9213
SUSE-SU-2016:3001-1
SUSE-SU-2017:0127-1
SUSE-SU-2017:2351-1
SUSE-SU-2018:0276-1
SUSE-SU-2018:1251-1
SUSE-SU-2018:4296-1
SUSE-SU-2019:0789-1
SUSE-SU-2019:0828-1
SUSE-SU-2019:1955-1
SUSE-SU-2019:2091-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.1 NonFree
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • glibc-2.26-lp150.10 is installed
  • OR glibc-32bit-2.26-lp150.10 is installed
  • OR glibc-extra-2.26-lp150.10 is installed
  • OR glibc-locale-2.26-lp150.10 is installed
  • OR glibc-locale-32bit-2.26-lp150.10 is installed
  • OR nscd-2.26-lp150.10 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.2-lp151.2.7 is installed
  • OR MozillaThunderbird-buildsymbols-60.7.2-lp151.2.7 is installed
  • OR MozillaThunderbird-translations-common-60.7.2-lp151.2.7 is installed
  • OR MozillaThunderbird-translations-other-60.7.2-lp151.2.7 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 NonFree is installed
  • AND opera-68.0.3618.63-lp151.2.15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libvirt-0.9.6-0.21 is installed
  • OR libvirt-client-0.9.6-0.21 is installed
  • OR libvirt-client-32bit-0.9.6-0.21 is installed
  • OR libvirt-doc-0.9.6-0.21 is installed
  • OR libvirt-python-0.9.6-0.21 is installed
  • OR virt-manager-0.9.0-3.19 is installed
  • OR vm-install-0.5.10-0.5 is installed
  • OR xen-4.1.2_20-0.5 is installed
  • OR xen-doc-html-4.1.2_20-0.5 is installed
  • OR xen-doc-pdf-4.1.2_20-0.5 is installed
  • OR xen-kmp-default-4.1.2_20_3.0.38_0.5-0.5 is installed
  • OR xen-kmp-trace-4.1.2_20_3.0.38_0.5-0.5 is installed
  • OR xen-libs-4.1.2_20-0.5 is installed
  • OR xen-libs-32bit-4.1.2_20-0.5 is installed
  • OR xen-tools-4.1.2_20-0.5 is installed
  • OR xen-tools-domU-4.1.2_20-0.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • flash-player-11.2.202.481-0.8 is installed
  • OR flash-player-gnome-11.2.202.481-0.8 is installed
  • OR flash-player-kde4-11.2.202.481-0.8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_32-default-10-2 is installed
  • OR kgraft-patch-3_12_69-60_64_32-xen-10-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_13-10-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • cpp48-4.8.5-30 is installed
  • OR gcc48-4.8.5-30 is installed
  • OR gcc48-32bit-4.8.5-30 is installed
  • OR gcc48-c++-4.8.5-30 is installed
  • OR gcc48-info-4.8.5-30 is installed
  • OR gcc48-locale-4.8.5-30 is installed
  • OR libasan0-4.8.5-30 is installed
  • OR libasan0-32bit-4.8.5-30 is installed
  • OR libstdc++48-devel-4.8.5-30 is installed
  • OR libstdc++48-devel-32bit-4.8.5-30 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • perl-5.18.2-12.14 is installed
  • OR perl-32bit-5.18.2-12.14 is installed
  • OR perl-base-5.18.2-12.14 is installed
  • OR perl-doc-5.18.2-12.14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.6_02-43.36 is installed
  • OR xen-doc-html-4.7.6_02-43.36 is installed
  • OR xen-libs-4.7.6_02-43.36 is installed
  • OR xen-libs-32bit-4.7.6_02-43.36 is installed
  • OR xen-tools-4.7.6_02-43.36 is installed
  • OR xen-tools-domU-4.7.6_02-43.36 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_67-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_19-7-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR avahi-utils-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • bzip2-1.0.6-30.8 is installed
  • OR bzip2-doc-1.0.6-30.8 is installed
  • OR libbz2-1-1.0.6-30.8 is installed
  • OR libbz2-1-32bit-1.0.6-30.8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND ucode-intel-20190618-13.47 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.58 is installed
  • OR libgcrypt20-1.6.1-16.58 is installed
  • OR libgcrypt20-32bit-1.6.1-16.58 is installed
  • OR libgcrypt20-hmac-1.6.1-16.58 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.58 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libssh-0.6.3-12.9 is installed
  • OR libssh4-0.6.3-12.9 is installed
  • OR libssh4-32bit-0.6.3-12.9 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND python-XStatic-jquery-ui-1.11.0.1-2.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ansible-2.4.6.0-3.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
  • BACK