OVAL Reference oval:org.opensuse.security:def:57561

Oval Definition:

oval:org.opensuse.security:def:57561

Revision Date:	2021-03-02	Version:	1
Title:	Security update for grub2 (Important)
Description:	This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057) Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)
Family:	unix	Class:	patch
Status:		Reference(s):	1011276 1048688 1056421 1056562 1056621 1056622 1057511 1059463 1073230 1076017 1083125 1083488 1085114 1085447 1090368 1090646 1090869 1111789 1123022 1130116 1151021 1156275 1156402 1170643 1175970 1176711 1177883 1179264 1179265 1182057 1182262 1182263 930189 937339 CVE-2009-0023 CVE-2009-1191 CVE-2009-1195 CVE-2009-1890 CVE-2009-1891 CVE-2009-1955 CVE-2009-1956 CVE-2009-2412 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3555 CVE-2009-3560 CVE-2009-3720 CVE-2010-0408 CVE-2010-0425 CVE-2010-0434 CVE-2010-1452 CVE-2010-1623 CVE-2010-2068 CVE-2011-1176 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-2687 CVE-2012-2738 CVE-2012-3499 CVE-2012-3502 CVE-2012-4453 CVE-2013-1896 CVE-2013-2249 CVE-2013-5704 CVE-2013-6438 CVE-2013-7440 CVE-2014-0011 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-0578 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2014-8240 CVE-2015-0228 CVE-2015-0253 CVE-2015-0255 CVE-2015-3114 CVE-2015-3115 CVE-2015-3116 CVE-2015-3117 CVE-2015-3118 CVE-2015-3119 CVE-2015-3120 CVE-2015-3121 CVE-2015-3122 CVE-2015-3123 CVE-2015-3124 CVE-2015-3125 CVE-2015-3126 CVE-2015-3127 CVE-2015-3128 CVE-2015-3129 CVE-2015-3130 CVE-2015-3131 CVE-2015-3132 CVE-2015-3133 CVE-2015-3134 CVE-2015-3135 CVE-2015-3136 CVE-2015-3137 CVE-2015-4000 CVE-2015-4428 CVE-2015-4429 CVE-2015-4430 CVE-2015-4431 CVE-2015-4432 CVE-2015-4433 CVE-2015-5116 CVE-2015-5117 CVE-2015-5118 CVE-2015-5119 CVE-2016-10507 CVE-2016-1546 CVE-2016-4979 CVE-2016-5387 CVE-2016-9427 CVE-2017-13166 CVE-2017-14039 CVE-2017-14040 CVE-2017-14041 CVE-2017-14164 CVE-2017-9799 CVE-2018-1000004 CVE-2018-1068 CVE-2018-1087 CVE-2018-7566 CVE-2018-8781 CVE-2018-8897 CVE-2019-14835 CVE-2019-14869 CVE-2019-2201 CVE-2019-3814 CVE-2019-7524 CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2020-3899 CVE-2021-20225 CVE-2021-20233 SUSE-SU-2015:1651-1 SUSE-SU-2016:3057-1 SUSE-SU-2017:2649-1 SUSE-SU-2017:3000-1 SUSE-SU-2018:0993-1 SUSE-SU-2018:1530-1 SUSE-SU-2019:0900-1 SUSE-SU-2019:2972-1 SUSE-SU-2019:2983-1 SUSE-SU-2020:1211-1 SUSE-SU-2021:0682-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libICE6-1.0.9-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information kconf_update5-5.32.0-7 is installed OR kconfig-5.32.0-7 is installed OR kconfig-devel-5.32.0-7 is installed OR kconfig-devel-32bit-5.55.0-lp151.2.5 is installed OR kconfig-devel-64bit-5.32.0-7 is installed OR kdelibs4-4.14.33-7 is installed OR kdelibs4-apidocs-4.14.33-7 is installed OR kdelibs4-branding-upstream-4.14.33-7 is installed OR kdelibs4-core-4.14.33-7 is installed OR kdelibs4-doc-4.14.33-7 is installed OR libKF5ConfigCore5-5.32.0-7 is installed OR libKF5ConfigCore5-32bit-5.55.0-lp151.2.5 is installed OR libKF5ConfigCore5-64bit-5.32.0-7 is installed OR libKF5ConfigCore5-lang-5.32.0-7 is installed OR libKF5ConfigGui5-5.32.0-7 is installed OR libKF5ConfigGui5-32bit-5.55.0-lp151.2.5 is installed OR libKF5ConfigGui5-64bit-5.32.0-7 is installed OR libkde4-4.14.33-7 is installed OR libkde4-32bit-4.14.38-lp151.9.5 is installed OR libkde4-64bit-4.14.33-7 is installed OR libkde4-devel-4.14.33-7 is installed OR libkdecore4-4.14.33-7 is installed OR libkdecore4-32bit-4.14.38-lp151.9.5 is installed OR libkdecore4-64bit-4.14.33-7 is installed OR libkdecore4-devel-4.14.33-7 is installed OR libksuseinstall-devel-4.14.33-7 is installed OR libksuseinstall1-4.14.33-7 is installed OR libksuseinstall1-32bit-4.14.38-lp151.9.5 is installed OR libksuseinstall1-64bit-4.14.33-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.481-0.8 is installed OR flash-player-gnome-11.2.202.481-0.8 is installed OR flash-player-kde4-11.2.202.481-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information dovecot22-2.2.31-19.14 is installed OR dovecot22-backend-mysql-2.2.31-19.14 is installed OR dovecot22-backend-pgsql-2.2.31-19.14 is installed OR dovecot22-backend-sqlite-2.2.31-19.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache2-2.4.23-14 is installed OR apache2-doc-2.4.23-14 is installed OR apache2-example-pages-2.4.23-14 is installed OR apache2-prefork-2.4.23-14 is installed OR apache2-utils-2.4.23-14 is installed OR apache2-worker-2.4.23-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.25-30.39 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information coreutils-8.25-12 is installed OR coreutils-lang-8.25-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information grub2-2.02-4.69.1 is installed OR grub2-i386-pc-2.02-4.69.1 is installed OR grub2-snapper-plugin-2.02-4.69.1 is installed OR grub2-systemd-sleep-plugin-2.02-4.69.1 is installed OR grub2-x86_64-efi-2.02-4.69.1 is installed OR grub2-x86_64-xen-2.02-4.69.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information xen-4.9.4_08-3.66 is installed OR xen-doc-html-4.9.4_08-3.66 is installed OR xen-libs-4.9.4_08-3.66 is installed OR xen-libs-32bit-4.9.4_08-3.66 is installed OR xen-tools-4.9.4_08-3.66 is installed OR xen-tools-domU-4.9.4_08-3.66 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information Mesa-17.0.5-117.8 is installed OR Mesa-32bit-17.0.5-117.8 is installed OR Mesa-libEGL1-17.0.5-117.8 is installed OR Mesa-libEGL1-32bit-17.0.5-117.8 is installed OR Mesa-libGL1-17.0.5-117.8 is installed OR Mesa-libGL1-32bit-17.0.5-117.8 is installed OR Mesa-libGLESv2-2-17.0.5-117.8 is installed OR Mesa-libglapi0-17.0.5-117.8 is installed OR Mesa-libglapi0-32bit-17.0.5-117.8 is installed OR libgbm1-17.0.5-117.8 is installed OR libgbm1-32bit-17.0.5-117.8 is installed OR libxatracker2-1.0.0-117.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND ft2demos-2.6.3-7.15 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information storm-1.0.5-5 is installed OR storm-nimbus-1.0.5-5 is installed OR storm-supervisor-1.0.5-5 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed

BACK