OVAL Reference oval:org.opensuse.security:def:57274

Oval Definition:

oval:org.opensuse.security:def:57274

Revision Date:	2020-12-01	Version:	1
Title:	Security update for Xen
Description:	XEN has been updated to version 4.1.6 which fixes various bugs and security issues. * * CVE-2013-4416: XSA-72: Fixed ocaml xenstored that mishandled oversized message replies. * CVE-2013-4355: XSA-63: Fixed information leaks through I/O instruction emulation * CVE-2013-4361: XSA-66: Fixed information leak through fbld instruction emulation * CVE-2013-4368: XSA-67: Fixed information leak through outs instruction emulation * CVE-2013-1442: XSA-62: Fixed information leak on AVX and/or LWP capable CPUs * CVE-2013-4329: XSA-61: libxl partially sets up HVM passthrough even with disabled iommu * CVE-2013-1432: XSA-58: x86: fix page refcount handling in page table pin error path * CVE-2013-2211: XSA-57: libxl allows guest write access to sensitive console related xenstore keys * xen: XSA-55: Multiple vulnerabilities in libelf PV kernel handling (CVE-2013-2194 CVE-2013-2195 CVE-2013-2196) Various bugs have also been fixed: * Improvements to block-dmmd script (bnc#828623) * MTU size on Dom0 gets reset when booting DomU with e1000 device (bnc#840196) * In HP's UEFI x86_64 platform and with xen environment, in booting stage ,xen hypervisor will panic. (bnc#833251) * Xen: migration broken from xsave-capable to xsave-incapable host (bnc#833796) * In xen, 'shutdown -y 0 -h' cannot power off system (bnc#834751) * In HP's UEFI x86_64 platform and sles11sp3 with xen environment, xen hypervisor will panic on multiple blades nPar. (bnc#839600) * Failed to setup devices for vm instance when start multiple vms simultaneously (bnc#824676) * migrate.py support of short options dropped by PTF (bnc#824676) * after live migration rcu_sched_state detected stalls add new option xm migrate --min_remaing (bnc#803712) * various upstream fixes have been included Security Issue references: * CVE-2013-1432 * CVE-2013-1442 * CVE-2013-2194 * CVE-2013-2195 * CVE-2013-2196 * CVE-2013-2211 * CVE-2013-4329 * CVE-2013-4355 * CVE-2013-4361 * CVE-2013-4368 * CVE-2013-4416
Family:	unix	Class:	patch
Status:		Reference(s):	1012964 1015499 1015547 1021636 1026102 1030071 1035082 1037811 1040543 1041447 1041470 1047002 1055962 1061310 1081557 1088268 1090036 1097560 1105437 1105459 1105460 1107832 1110233 1111622 1130721 1135902 1140402 1143794 803712 823011 823608 823786 824676 826882 828623 833251 833796 834751 839596 839600 839618 840196 840592 841766 842511 845520 950169 968849 977043 983639 993302 993313 CVE-2009-0163 CVE-2009-2820 CVE-2009-3553 CVE-2010-0393 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2941 CVE-2012-5519 CVE-2012-6094 CVE-2013-1432 CVE-2013-1442 CVE-2013-2194 CVE-2013-2195 CVE-2013-2196 CVE-2013-2211 CVE-2013-4329 CVE-2013-4355 CVE-2013-4361 CVE-2013-4368 CVE-2013-4416 CVE-2014-2856 CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 CVE-2014-9679 CVE-2015-1158 CVE-2015-1159 CVE-2015-5569 CVE-2015-7625 CVE-2015-7626 CVE-2015-7627 CVE-2015-7628 CVE-2015-7629 CVE-2015-7630 CVE-2015-7631 CVE-2015-7632 CVE-2015-7633 CVE-2015-7634 CVE-2015-7643 CVE-2015-7644 CVE-2016-1950 CVE-2016-2098 CVE-2016-2834 CVE-2016-6316 CVE-2016-6317 CVE-2016-8635 CVE-2016-9079 CVE-2016-9574 CVE-2017-0861 CVE-2017-10790 CVE-2017-14970 CVE-2017-18190 CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5469 CVE-2017-9214 CVE-2017-9263 CVE-2017-9265 CVE-2018-1000199 CVE-2018-10844 CVE-2018-10845 CVE-2018-10846 CVE-2018-14633 CVE-2018-17182 CVE-2018-18074 CVE-2019-12155 CVE-2019-13164 CVE-2019-14378 CVE-2019-1787 CVE-2019-1787 CVE-2019-1788 CVE-2019-1788 CVE-2019-1789 CVE-2019-1789 SUSE-SU-2015:1742-1 SUSE-SU-2016:3048-1 SUSE-SU-2017:1248-1 SUSE-SU-2017:2716-1 SUSE-SU-2018:0311-1 SUSE-SU-2018:0604-1 SUSE-SU-2018:1254-1 SUSE-SU-2018:2825-1 SUSE-SU-2018:2902-1 SUSE-SU-2019:0897-1 SUSE-SU-2019:2027-1 SUSE-SU-2019:2221-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gnome-settings-daemon-3.26.2-lp150.5 is installed OR gnome-settings-daemon-lang-3.26.2-lp150.5 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information docker-18.09.6_ce-lp151.2.6 is installed OR docker-bash-completion-18.09.6_ce-lp151.2.6 is installed OR docker-test-18.09.6_ce-lp151.2.6 is installed OR docker-zsh-completion-18.09.6_ce-lp151.2.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xen-4.1.6_02-0.5 is installed OR xen-doc-html-4.1.6_02-0.5 is installed OR xen-doc-pdf-4.1.6_02-0.5 is installed OR xen-kmp-default-4.1.6_02_3.0.93_0.5-0.5 is installed OR xen-kmp-pae-4.1.6_02_3.0.93_0.5-0.5 is installed OR xen-kmp-trace-4.1.6_02_3.0.93_0.5-0.5 is installed OR xen-libs-4.1.6_02-0.5 is installed OR xen-libs-32bit-4.1.6_02-0.5 is installed OR xen-tools-4.1.6_02-0.5 is installed OR xen-tools-domU-4.1.6_02-0.5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.535-0.20 is installed OR flash-player-gnome-11.2.202.535-0.20 is installed OR flash-player-kde4-11.2.202.535-0.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cups-1.7.5-12 is installed OR cups-client-1.7.5-12 is installed OR cups-libs-1.7.5-12 is installed OR cups-libs-32bit-1.7.5-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-devel-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND yast2-smt-3.0.14-17.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND busybox-1.21.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information rsyslog-8.24.0-3.7 is installed OR rsyslog-diag-tools-8.24.0-3.7 is installed OR rsyslog-doc-8.24.0-3.7 is installed OR rsyslog-module-gssapi-8.24.0-3.7 is installed OR rsyslog-module-gtls-8.24.0-3.7 is installed OR rsyslog-module-mysql-8.24.0-3.7 is installed OR rsyslog-module-pgsql-8.24.0-3.7 is installed OR rsyslog-module-relp-8.24.0-3.7 is installed OR rsyslog-module-snmp-8.24.0-3.7 is installed OR rsyslog-module-udpspoof-8.24.0-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information ruby2.1-rubygem-actionmailer-4_2-4.2.9-3.3 is installed OR ruby2.1-rubygem-actionpack-4_2-4.2.9-7.3 is installed OR ruby2.1-rubygem-actionview-4_2-4.2.9-9.3 is installed OR ruby2.1-rubygem-activejob-4_2-4.2.9-3.3 is installed OR ruby2.1-rubygem-activemodel-4_2-4.2.9-6.3 is installed OR ruby2.1-rubygem-activerecord-4_2-4.2.9-6.3 is installed OR ruby2.1-rubygem-activesupport-4_2-4.2.9-7.3 is installed OR ruby2.1-rubygem-rails-4_2-4.2.9-3.3 is installed OR ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.3 is installed OR ruby2.1-rubygem-railties-4_2-4.2.9-3.3 is installed OR rubygem-actionmailer-4_2-4.2.9-3.3 is installed OR rubygem-actionpack-4_2-4.2.9-7.3 is installed OR rubygem-actionview-4_2-4.2.9-9.3 is installed OR rubygem-activejob-4_2-4.2.9-3.3 is installed OR rubygem-activemodel-4_2-4.2.9-6.3 is installed OR rubygem-activerecord-4_2-4.2.9-6.3 is installed OR rubygem-activesupport-4_2-4.2.9-7.3 is installed OR rubygem-rails-4_2-4.2.9-3.3 is installed OR rubygem-rails-html-sanitizer-1.0.3-8.3 is installed OR rubygem-railties-4_2-4.2.9-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information dnsmasq-2.78-18.6 is installed OR dnsmasq-utils-2.78-18.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed

BACK