Oval Definition:	oval:org.opensuse.security:def:58334
Revision Date: 2020-12-01 Version: 1 Title: Security update for shim (Moderate) Description: This update for shim fixes the following issues: - Update to the unified shim binary from SUSE Linux Enterprise 15-SP1 (bsc#1168994) This update addresses the 'BootHole' security issue (master CVE CVE-2020-10713), by disallowing binaries signed by the previous SUSE UEFI signing key from booting. This update should only be installed after updates of grub2, the Linux kernel and (if used) Xen from July / August 2020 are applied. Additional fixes: + shim-install: install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656) Family: unix Class: patch Status: Reference(s): 1011276 1026978 1026979 1026980 1026981 1026982 1026983 1026984 1026985 1026986 1026987 1026988 1037216 1046554 1046555 1047002 1047536 1075091 1075994 1077717 1087082 1087813 1090338 1091041 1096740 1099279 1105437 1105459 1105460 1114674 1118597 1120386 1130246 1131107 1132728 1132729 1132732 1132734 1133037 1133147 1134718 1136449 1137325 1141619 1146519 1146544 1146612 1149591 1151021 1153811 1154844 1155311 1155897 1156060 1156669 1157038 1157042 1157070 1157143 1157155 1157157 1157158 1157303 1157324 1157333 1157464 1157804 1157923 1158021 1158132 1158381 1158394 1158398 1158410 1158413 1158417 1158427 1158445 1158819 1158823 1158824 1158827 1158834 1158900 1158903 1158904 1159199 1159285 1159297 1159841 1159908 1159910 1159911 1159912 1160195 1160878 1160883 1160895 1160912 1161167 1162227 1162298 1162388 1162928 1162929 1162931 1163971 1164069 1164078 1164846 1165111 1165311 1165873 1165881 1165984 1165985 1167629 1168075 1168295 1168424 1168829 1168854 1168994 1170056 1170345 1170778 1175626 1175656 1176012 1176072 1176382 1176896 1176931 814241 879138 949399 CVE-2015-7747 CVE-2016-9427 CVE-2017-10790 CVE-2017-18255 CVE-2017-3142 CVE-2017-3143 CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830 CVE-2017-6831 CVE-2017-6832 CVE-2017-6833 CVE-2017-6834 CVE-2017-6835 CVE-2017-6836 CVE-2017-6837 CVE-2017-6838 CVE-2017-6839 CVE-2018-10844 CVE-2018-10845 CVE-2018-10846 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-18311 CVE-2018-19870 CVE-2018-19872 CVE-2018-21008 CVE-2018-3665 CVE-2019-1010006 CVE-2019-10245 CVE-2019-11091 CVE-2019-11459 CVE-2019-14615 CVE-2019-14835 CVE-2019-14895 CVE-2019-14896 CVE-2019-14897 CVE-2019-14901 CVE-2019-15213 CVE-2019-18660 CVE-2019-18675 CVE-2019-18683 CVE-2019-18901 CVE-2019-19052 CVE-2019-19062 CVE-2019-19066 CVE-2019-19073 CVE-2019-19074 CVE-2019-19319 CVE-2019-19332 CVE-2019-19447 CVE-2019-19523 CVE-2019-19524 CVE-2019-19525 CVE-2019-19527 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19535 CVE-2019-19536 CVE-2019-19537 CVE-2019-19767 CVE-2019-19768 CVE-2019-19965 CVE-2019-19966 CVE-2019-20054 CVE-2019-20096 CVE-2019-2602 CVE-2019-2684 CVE-2019-2697 CVE-2019-2698 CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2758 CVE-2019-2805 CVE-2019-2938 CVE-2019-2974 CVE-2019-3701 CVE-2019-5108 CVE-2019-9455 CVE-2019-9458 CVE-2020-0429 CVE-2020-0431 CVE-2020-0569 CVE-2020-10690 CVE-2020-10713 CVE-2020-10720 CVE-2020-10942 CVE-2020-11494 CVE-2020-11608 CVE-2020-11609 CVE-2020-14381 CVE-2020-14386 CVE-2020-25212 CVE-2020-2574 CVE-2020-2732 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-8992 CVE-2020-9383 SUSE-SU-2016:3057-1 SUSE-SU-2017:0940-1 SUSE-SU-2017:1736-1 SUSE-SU-2017:2744-1 SUSE-SU-2018:1946-1 SUSE-SU-2019:1644-1 SUSE-SU-2019:2080-1 SUSE-SU-2020:0318-1 SUSE-SU-2020:0831-1 SUSE-SU-2020:1255-1 SUSE-SU-2020:2628-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND kdebase4-workspace-libs-4.11.22-lp150.7 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information python3-virtualbox-6.0.10-lp151.2.6 is installed OR virtualbox-6.0.10-lp151.2.6 is installed OR virtualbox-devel-6.0.10-lp151.2.6 is installed OR virtualbox-guest-desktop-icons-6.0.10-lp151.2.6 is installed OR virtualbox-guest-kmp-default-6.0.10_k4.12.14_lp151.28.10-lp151.2.6 is installed OR virtualbox-guest-source-6.0.10-lp151.2.6 is installed OR virtualbox-guest-tools-6.0.10-lp151.2.6 is installed OR virtualbox-guest-x11-6.0.10-lp151.2.6 is installed OR virtualbox-host-kmp-default-6.0.10_k4.12.14_lp151.28.10-lp151.2.6 is installed OR virtualbox-host-source-6.0.10-lp151.2.6 is installed OR virtualbox-qt-6.0.10-lp151.2.6 is installed OR virtualbox-vnc-6.0.10-lp151.2.6 is installed OR virtualbox-websrv-6.0.10-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gc-7.2d-5 is installed OR libgc1-7.2d-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information dracut-044-113 is installed OR dracut-fips-044-113 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND ant-1.9.4-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND libplist3-1.12-20.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND shim-15+git47-22.8 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information perl-5.18.2-12.23 is installed OR perl-32bit-5.18.2-12.23 is installed OR perl-base-5.18.2-12.23 is installed OR perl-doc-5.18.2-12.23 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-urllib3-1.22-5.6 is installed
BACK