Oval Definition:oval:org.opensuse.security:def:58152
Revision Date:2020-12-01Version:1
Title:Security update for libvirt (Important)
Description:

This update for libvirt fixes the following issues:

Security issues fixed:

- CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). - CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303).

Non-security issue fixed:

- qemu: Add support for overriding max threads per process limit (bsc#1133719)
Family:unixClass:patch
Status:Reference(s):1013669
1027519
1042419
1058565
1058622
1058624
1064016
1065892
1076957
1077291
1091107
1091836
1093414
1103276
1111331
1112142
1112143
1112144
1112146
1112147
1112148
1112152
1112153
1120932
1131595
1133719
1135273
1138301
1138303
1138461
1141670
1150734
1157198
1163933
1167373
1173304
1174955
1177155
1178671
CVE-2015-9542
CVE-2016-10708
CVE-2016-9811
CVE-2017-12150
CVE-2017-12151
CVE-2017-12163
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-13785
CVE-2018-16435
CVE-2018-3136
CVE-2018-3139
CVE-2018-3149
CVE-2018-3169
CVE-2018-3180
CVE-2018-3183
CVE-2018-3214
CVE-2018-3646
CVE-2018-5089
CVE-2018-5091
CVE-2018-5095
CVE-2018-5096
CVE-2018-5097
CVE-2018-5098
CVE-2018-5099
CVE-2018-5102
CVE-2018-5103
CVE-2018-5104
CVE-2018-5117
CVE-2019-10161
CVE-2019-10167
CVE-2019-11091
CVE-2019-12855
CVE-2019-18860
CVE-2019-3498
CVE-2019-3688
CVE-2019-3690
CVE-2019-3886
CVE-2020-12321
CVE-2020-14059
CVE-2020-15708
CVE-2020-25637
SUSE-SU-2017:0211-1
SUSE-SU-2017:2971-1
SUSE-SU-2018:0374-1
SUSE-SU-2019:0057-1
SUSE-SU-2019:0483-1
SUSE-SU-2019:1438-1
SUSE-SU-2019:2105-1
SUSE-SU-2019:2453-1
SUSE-SU-2019:3180-1
SUSE-SU-2020:1117-1
SUSE-SU-2020:1803-1
SUSE-SU-2020:3143-1
SUSE-SU-2020:3354-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libusbmuxd4-1.0.10-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • bzip2-1.0.6-lp151.5.3 is installed
  • OR bzip2-doc-1.0.6-lp151.5.3 is installed
  • OR libbz2-1-1.0.6-lp151.5.3 is installed
  • OR libbz2-1-32bit-1.0.6-lp151.5.3 is installed
  • OR libbz2-devel-1.0.6-lp151.5.3 is installed
  • OR libbz2-devel-32bit-1.0.6-lp151.5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gstreamer-plugins-base-1.8.3-9 is installed
  • OR gstreamer-plugins-base-lang-1.8.3-9 is installed
  • OR libgstallocators-1_0-0-1.8.3-9 is installed
  • OR libgstapp-1_0-0-1.8.3-9 is installed
  • OR libgstapp-1_0-0-32bit-1.8.3-9 is installed
  • OR libgstaudio-1_0-0-1.8.3-9 is installed
  • OR libgstaudio-1_0-0-32bit-1.8.3-9 is installed
  • OR libgstfft-1_0-0-1.8.3-9 is installed
  • OR libgstpbutils-1_0-0-1.8.3-9 is installed
  • OR libgstpbutils-1_0-0-32bit-1.8.3-9 is installed
  • OR libgstriff-1_0-0-1.8.3-9 is installed
  • OR libgstrtp-1_0-0-1.8.3-9 is installed
  • OR libgstrtsp-1_0-0-1.8.3-9 is installed
  • OR libgstsdp-1_0-0-1.8.3-9 is installed
  • OR libgsttag-1_0-0-1.8.3-9 is installed
  • OR libgsttag-1_0-0-32bit-1.8.3-9 is installed
  • OR libgstvideo-1_0-0-1.8.3-9 is installed
  • OR libgstvideo-1_0-0-32bit-1.8.3-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.191-27.29 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.191-27.29 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.191-27.29 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.191-27.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20180425-13.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libvirt-2.0.0-27.54 is installed
  • OR libvirt-client-2.0.0-27.54 is installed
  • OR libvirt-daemon-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.54 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.54 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.54 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.54 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.54 is installed
  • OR libvirt-daemon-xen-2.0.0-27.54 is installed
  • OR libvirt-doc-2.0.0-27.54 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.54 is installed
  • OR libvirt-nss-2.0.0-27.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cups-pk-helper-0.2.5-5 is installed
  • OR cups-pk-helper-lang-0.2.5-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • bzip2-1.0.6-30.5 is installed
  • OR bzip2-doc-1.0.6-30.5 is installed
  • OR libbz2-1-1.0.6-30.5 is installed
  • OR libbz2-1-32bit-1.0.6-30.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.21 is installed
  • OR python3-3.4.6-25.21 is installed
  • OR python3-base-3.4.6-25.21 is installed
  • OR python3-curses-3.4.6-25.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • crash-7.2.1-2 is installed
  • OR crash-kmp-default-7.2.1_k4.12.14_94.41-2 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libvirt-2.0.0-27.61 is installed
  • OR libvirt-client-2.0.0-27.61 is installed
  • OR libvirt-daemon-2.0.0-27.61 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.61 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.61 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.61 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.61 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.61 is installed
  • OR libvirt-daemon-xen-2.0.0-27.61 is installed
  • OR libvirt-doc-2.0.0-27.61 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.61 is installed
  • OR libvirt-nss-2.0.0-27.61 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Werkzeug-0.14.1-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • kafka-0.10.2.2-5.6 is installed
  • OR openstack-monasca-api-2.2.1~dev24-3.6 is installed
  • OR python-monasca-api-2.2.1~dev24-3.6 is installed
    • BACK