Oval Definition:	oval:org.opensuse.security:def:58090
Revision Date: 2021-03-02 Version: 1 Title: Security update for grub2 (Important) Description: This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057) Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263) Family: unix Class: patch Status: Reference(s): 1063535 1073230 1074662 1076017 1082318 1083488 1085114 1085447 1104668 1112767 1113107 1118004 1118597 1120114 1120115 1120116 1120117 1120118 1120119 1120120 1120121 1120122 1120767 1122053 1122875 1123709 1127558 1127752 1128828 1128954 1128987 1130246 1130414 1131053 1131291 1138459 1140738 1141329 1141332 1141853 1142614 1160467 1160468 1161167 1164692 1170715 1172698 1172704 1173902 1173948 1173994 1174538 1175070 1175071 1175072 1175970 1176711 1177883 1179264 1179265 1182057 1182262 1182263 967970 975500 979907 997857 CVE-2015-8871 CVE-2016-2533 CVE-2016-4009 CVE-2016-7163 CVE-2017-1000433 CVE-2017-13166 CVE-2018-1000004 CVE-2018-1000872 CVE-2018-1068 CVE-2018-12539 CVE-2018-15126 CVE-2018-15127 CVE-2018-1517 CVE-2018-1656 CVE-2018-19870 CVE-2018-19872 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-20852 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-6307 CVE-2018-7566 CVE-2019-10160 CVE-2019-12525 CVE-2019-12529 CVE-2019-13345 CVE-2019-14896 CVE-2019-14897 CVE-2019-9893 CVE-2020-0569 CVE-2020-11985 CVE-2020-11993 CVE-2020-14318 CVE-2020-14323 CVE-2020-14372 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-1938 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2020-6463 CVE-2020-6514 CVE-2020-8023 CVE-2020-9490 CVE-2021-20225 CVE-2021-20233 SUSE-SU-2017:2144-1 SUSE-SU-2018:0989-1 SUSE-SU-2018:2649-1 SUSE-SU-2019:0060-1 SUSE-SU-2019:1136-1 SUSE-SU-2019:1450-1 SUSE-SU-2019:2089-1 SUSE-SU-2019:2091-1 SUSE-SU-2019:2334-1 SUSE-SU-2019:2941-1 SUSE-SU-2020:0318-1 SUSE-SU-2020:0725-1 SUSE-SU-2020:1859-1 SUSE-SU-2020:2100-1 SUSE-SU-2020:2450-1 SUSE-SU-2020:3083-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libminizip1-1.2.11-lp150.1 is installed OR libz1-1.2.11-lp150.1 is installed OR libz1-32bit-1.2.11-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information cpio-2.12-lp151.3.3 is installed OR cpio-lang-2.12-lp151.3.3 is installed OR cpio-mt-2.12-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_110-default-8-2 is installed OR kgraft-patch-3_12_74-60_64_110-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_33-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libopenjp2-7-2.1.0-4.3 is installed OR openjpeg2-2.1.0-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20190507-13.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND mailman-2.1.17-3.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information grub2-2.02-4.69.1 is installed OR grub2-arm64-efi-2.02-4.69.1 is installed OR grub2-i386-pc-2.02-4.69.1 is installed OR grub2-snapper-plugin-2.02-4.69.1 is installed OR grub2-systemd-sleep-plugin-2.02-4.69.1 is installed OR grub2-x86_64-efi-2.02-4.69.1 is installed OR grub2-x86_64-xen-2.02-4.69.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.1-2.50 is installed OR libwebkit2gtk-4_0-37-2.28.1-2.50 is installed OR libwebkit2gtk3-lang-2.28.1-2.50 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50 is installed OR typelib-1_0-WebKit2-4_0-2.28.1-2.50 is installed OR webkit2gtk-4_0-injected-bundles-2.28.1-2.50 is installed OR webkit2gtk3-2.28.1-2.50 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND sblim-sfcb-1.4.8-17.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libopenssl-devel-1.0.2j-60.52 is installed OR libopenssl1_0_0-1.0.2j-60.52 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.52 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.52 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.52 is installed OR openssl-1.0.2j-60.52 is installed OR openssl-doc-1.0.2j-60.52 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libmysqlclient18-10.0.38-29.27 is installed OR mariadb-10.0.38-29.27 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
BACK