OVAL Reference oval:org.opensuse.security:def:58195

Oval Definition:

oval:org.opensuse.security:def:58195

Revision Date:	2020-12-01	Version:	1
Title:	Security update for libseccomp (Moderate)
Description:	This update for libseccomp fixes the following issues: Update to new upstream release 2.4.1: Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 (bsc#1128828 CVE-2019-9893): Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS action * Added support for the SCMP_ACT_LOG action and SCMP_FLTATR_CTL_LOG attribute * Added explicit 32-bit (SCMP_AX_32(...)) and 64-bit (SCMP_AX_64(...)) argument comparison macros to help protect against unexpected sign extension * Added support for the parisc and parisc64 architectures * Added the ability to query and set the libseccomp API level via seccomp_api_get(3) and seccomp_api_set(3) * Return -EDOM on an endian mismatch when adding an architecture to a filter * Renumber the pseudo syscall number for subpage_prot() so it no longer conflicts with spu_run() * Fix PFC generation when a syscall is prioritized, but no rule exists * Numerous fixes to the seccomp-bpf filter generation code * Switch our internal hashing function to jhash/Lookup3 to MurmurHash3 * Numerous tests added to the included test suite, coverage now at ~92% * Update our Travis CI configuration to use Ubuntu 16.04 * Numerous documentation fixes and updates Update to release 2.3.3: Updated the syscall table for Linux v4.15-rc7 Update to release 2.3.2: Achieved full compliance with the CII Best Practices program * Added Travis CI builds to the GitHub repository * Added code coverage reporting with the '--enable-code-coverage' configure flag and added Coveralls to the GitHub repository * Updated the syscall tables to match Linux v4.10-rc6+ * Support for building with Python v3.x * Allow rules with the -1 syscall if the SCMP\_FLTATR\_API\_TSKIP attribute is set to true * Several small documentation fixes - ignore make check error for ppc64/ppc64le, bypass bsc#1142614
Family:	unix	Class:	patch
Status:		Reference(s):	1007829 1013882 1022263 1022264 1022265 1022283 1022284 1022553 1043983 1046853 1046858 1047964 1047965 1048072 1049344 1055265 1056286 1056782 1058754 1058755 1058757 1062452 1069607 1069632 1073002 1077724 1077725 1077978 1078782 1082007 1082008 1082009 1082010 1082011 1082014 1082058 1082318 1087433 1087434 1087436 1087437 1087440 1087441 1088004 1088009 1101676 1101677 1101678 1102682 1103342 1106923 1107832 1108835 1109160 1109252 1110233 1110445 1111278 1111498 1112024 1112368 1112397 1112417 1112421 1112432 1112530 1112532 1113083 1113632 1113665 1116686 1117025 1117382 1118367 1118368 1118754 1120658 1122000 1122344 1123333 1123892 1125352 1128828 1129186 1130611 1130617 1130620 1130622 1130623 1130627 1130840 1132666 1136037 1141853 1142614 1149955 1152990 1152992 1152994 1152995 1153238 1159913 1162423 1165439 1165631 1171517 1171740 1172275 1173274 1174091 1174701 965748 984650 CVE-2015-9096 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-1372 CVE-2016-2339 CVE-2016-6906 CVE-2016-6912 CVE-2016-7798 CVE-2016-8864 CVE-2016-9317 CVE-2016-9843 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10684 CVE-2017-10685 CVE-2017-10784 CVE-2017-11112 CVE-2017-11113 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2017-17969 CVE-2017-9228 CVE-2017-9229 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-14633 CVE-2018-14647 CVE-2018-15686 CVE-2018-15688 CVE-2018-16395 CVE-2018-16396 CVE-2018-17182 CVE-2018-20852 CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 CVE-2018-3143 CVE-2018-3156 CVE-2018-3174 CVE-2018-3251 CVE-2018-3282 CVE-2018-5390 CVE-2018-5741 CVE-2018-5996 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2019-15845 CVE-2019-16056 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-16935 CVE-2019-20907 CVE-2019-2529 CVE-2019-2537 CVE-2019-3838 CVE-2019-5108 CVE-2019-6454 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2019-9893 CVE-2019-9947 CVE-2020-10663 CVE-2020-14422 CVE-2020-1747 CVE-2020-1749 CVE-2020-8616 CVE-2020-8617 SUSE-SU-2016:2697-1 SUSE-SU-2017:0468-1 SUSE-SU-2017:2075-1 SUSE-SU-2018:0464-1 SUSE-SU-2019:0428-1 SUSE-SU-2019:0719-1 SUSE-SU-2019:2048-1 SUSE-SU-2019:2941-1 SUSE-SU-2020:1285-1 SUSE-SU-2020:1570-1 SUSE-SU-2020:1914-1 SUSE-SU-2020:2699-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information python3-3.6.5-lp150.1 is installed OR python3-curses-3.6.5-lp150.1 is installed OR python3-dbm-3.6.5-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libu2f-host-1.1.6-lp151.2.3 is installed OR libu2f-host-devel-1.1.6-lp151.2.3 is installed OR libu2f-host-doc-1.1.6-lp151.2.3 is installed OR libu2f-host0-1.1.6-lp151.2.3 is installed OR u2f-host-1.1.6-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information bind-9.9.9P1-49 is installed OR bind-chrootenv-9.9.9P1-49 is installed OR bind-doc-9.9.9P1-49 is installed OR bind-libs-9.9.9P1-49 is installed OR bind-libs-32bit-9.9.9P1-49 is installed OR bind-utils-9.9.9P1-49 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libruby2_1-2_1-2.1.9-19.3 is installed OR ruby2.1-2.1.9-19.3 is installed OR ruby2.1-stdlib-2.1.9-19.3 is installed OR yast2-ruby-bindings-3.1.53-9.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_92-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_24-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libmysqlclient18-10.0.38-29.27 is installed OR libmysqlclient18-32bit-10.0.38-29.27 is installed OR mariadb-10.0.38-29.27 is installed OR mariadb-client-10.0.38-29.27 is installed OR mariadb-errormessages-10.0.38-29.27 is installed OR mariadb-tools-10.0.38-29.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gstreamer-1.8.3-9 is installed OR gstreamer-lang-1.8.3-9 is installed OR gstreamer-utils-1.8.3-9 is installed OR libgstreamer-1_0-0-1.8.3-9 is installed OR libgstreamer-1_0-0-32bit-1.8.3-9 is installed OR typelib-1_0-Gst-1_0-1.8.3-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libexif-0.6.22-8.9 is installed OR libexif12-0.6.22-8.9 is installed OR libexif12-32bit-0.6.22-8.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gnome-settings-daemon-3.20.1-50.5 is installed OR gnome-settings-daemon-lang-3.20.1-50.5 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmariadb3-3.0.3-3.3 is installed OR mariadb-10.2.15-4.3 is installed OR mariadb-client-10.2.15-4.3 is installed OR mariadb-connector-c-3.0.3-3.3 is installed OR mariadb-errormessages-10.2.15-4.3 is installed OR mariadb-galera-10.2.15-4.3 is installed OR mariadb-tools-10.2.15-4.3 is installed OR xtrabackup-2.4.10-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-core-branding-upstream-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-openstack-6.0+git.1572264221.3826a58b8-3.13 is installed OR grafana-6.2.5-3.9 is installed OR openstack-cinder-13.0.8~dev8-3.13 is installed OR openstack-cinder-api-13.0.8~dev8-3.13 is installed OR openstack-cinder-backup-13.0.8~dev8-3.13 is installed OR openstack-cinder-scheduler-13.0.8~dev8-3.13 is installed OR openstack-cinder-volume-13.0.8~dev8-3.13 is installed OR openstack-dashboard-14.0.5~dev1-3.9 is installed OR openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR openstack-keystone-14.1.1~dev26-3.13 is installed OR openstack-manila-7.3.1~dev15-4.13 is installed OR openstack-manila-api-7.3.1~dev15-4.13 is installed OR openstack-manila-data-7.3.1~dev15-4.13 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.13 is installed OR openstack-manila-share-7.3.1~dev15-4.13 is installed OR openstack-neutron-13.0.6~dev3-3.13 is installed OR openstack-neutron-dhcp-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-fwaas-13.0.3~dev2-3.6 is installed OR openstack-neutron-ha-tool-13.0.6~dev3-3.13 is installed OR openstack-neutron-l3-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-lbaas-13.0.1~dev15-3.10 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev15-3.10 is installed OR openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-macvtap-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metadata-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metering-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-server-13.0.6~dev3-3.13 is installed OR openstack-nova-18.2.4~dev18-3.13 is installed OR openstack-nova-api-18.2.4~dev18-3.13 is installed OR openstack-nova-cells-18.2.4~dev18-3.13 is installed OR openstack-nova-compute-18.2.4~dev18-3.13 is installed OR openstack-nova-conductor-18.2.4~dev18-3.13 is installed OR openstack-nova-console-18.2.4~dev18-3.13 is installed OR openstack-nova-novncproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-placement-api-18.2.4~dev18-3.13 is installed OR openstack-nova-scheduler-18.2.4~dev18-3.13 is installed OR openstack-nova-serialproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-vncproxy-18.2.4~dev18-3.13 is installed OR openstack-octavia-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-agent-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-image-0.1.1-7.3 is installed OR openstack-octavia-amphora-image-x86_64-0.1.1-7.3 is installed OR openstack-octavia-api-3.2.1~dev1-3.13 is installed OR openstack-octavia-health-manager-3.2.1~dev1-3.13 is installed OR openstack-octavia-housekeeping-3.2.1~dev1-3.13 is installed OR openstack-octavia-worker-3.2.1~dev1-3.13 is installed OR python-Django1-1.11.24-3.12 is installed OR python-cinder-13.0.8~dev8-3.13 is installed OR python-horizon-14.0.5~dev1-3.9 is installed OR python-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR python-keystone-14.1.1~dev26-3.13 is installed OR python-keystonemiddleware-5.2.1-11 is installed OR python-manila-7.3.1~dev15-4.13 is installed OR python-neutron-13.0.6~dev3-3.13 is installed OR python-neutron-fwaas-13.0.3~dev2-3.6 is installed OR python-neutron-lbaas-13.0.1~dev15-3.10 is installed OR python-nova-18.2.4~dev18-3.13 is installed OR python-octavia-3.2.1~dev1-3.13 is installed OR python-octaviaclient-1.6.1-3.3 is installed OR python-openstack_auth-14.0.5~dev1-3.9 is installed OR python-os-brick-2.5.8-3.6 is installed OR python-os-brick-common-2.5.8-3.6 is installed OR python-oslo.cache-1.30.4-3.3 is installed OR python-oslo.messaging-8.1.4-3.3 is installed

BACK