OVAL Reference oval:org.opensuse.security:def:58593

Oval Definition:

oval:org.opensuse.security:def:58593

Revision Date:	2020-12-01	Version:	1
Title:	Security update for xen (Important)
Description:	This update for xen to version 4.7.4 (bsc#1027519) fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand (PoD) code allowed for DoS (XSA-246) - bsc#1068191: Missing p2m error checking in PoD code allowed unprivileged guests to retain a writable mapping of freed memory leading to information leaks, privilege escalation or DoS (XSA-247). - CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation (bsc#1063123) - CVE-2017-15597: A grant copy operation being done on a grant of a dying domain allowed a malicious guest administrator to corrupt hypervisor memory, allowing for DoS or potentially privilege escalation and information leaks (bsc#1061075). This non-security issue was fixed: - bsc#1055047: Fixed --initrd-inject option in virt-install
Family:	unix	Class:	patch
Status:		Reference(s):	1002626 1010457 1012546 1024218 1027519 1035442 1039514 1039515 1051729 1055047 1061075 1061081 1063123 1068032 1068187 1068191 1070158 1070159 1070160 1070163 1074562 1076116 1076180 1090023 1090024 1090025 1090026 1090027 1090028 1090029 1090030 1090032 1090033 1096723 1102682 1105323 1106191 1107832 1110233 1111331 1111789 1123022 1129346 1130116 1131595 1135273 1154609 1167976 1173986 1174420 1176756 985012 CVE-2009-0758 CVE-2009-4029 CVE-2010-2244 CVE-2011-1002 CVE-2016-1246 CVE-2016-1249 CVE-2016-1251 CVE-2016-2183 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2017-15289 CVE-2017-15595 CVE-2017-15597 CVE-2017-17563 CVE-2017-17564 CVE-2017-17565 CVE-2017-17566 CVE-2017-18030 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3259 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 CVE-2017-9022 CVE-2017-9023 CVE-2018-1000026 CVE-2018-10902 CVE-2018-10938 CVE-2018-12126 CVE-2018-12126 CVE-2018-12127 CVE-2018-12127 CVE-2018-12130 CVE-2018-12130 CVE-2018-14633 CVE-2018-17182 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-5390 CVE-2018-5683 CVE-2019-11091 CVE-2019-11091 CVE-2019-18197 CVE-2019-3814 CVE-2019-3886 CVE-2019-7524 CVE-2019-9636 CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 SUSE-SU-2017:0123-1 SUSE-SU-2017:0460-1 SUSE-SU-2017:1473-1 SUSE-SU-2017:3178-1 SUSE-SU-2018:0472-1 SUSE-SU-2018:1692-1 SUSE-SU-2019:0961-1 SUSE-SU-2019:1235-1 SUSE-SU-2019:1438-1 SUSE-SU-2020:2759-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gstreamer-plugins-good-1.12.5-lp150.1 is installed OR gstreamer-plugins-good-lang-1.12.5-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information nodejs8-8.15.1-lp151.2.3 is installed OR nodejs8-devel-8.15.1-lp151.2.3 is installed OR nodejs8-docs-8.15.1-lp151.2.3 is installed OR npm8-8.15.1-lp151.2.3 is installed
Definition Synopsis
openSUSE Leap 15.1 NonFree is installed AND opera-63.0.3368.66-lp151.2.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information xen-4.7.4_02-43.21 is installed OR xen-doc-html-4.7.4_02-43.21 is installed OR xen-libs-4.7.4_02-43.21 is installed OR xen-libs-32bit-4.7.4_02-43.21 is installed OR xen-tools-4.7.4_02-43.21 is installed OR xen-tools-domU-4.7.4_02-43.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libvirt-2.0.0-27.54 is installed OR libvirt-client-2.0.0-27.54 is installed OR libvirt-daemon-2.0.0-27.54 is installed OR libvirt-daemon-config-network-2.0.0-27.54 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.54 is installed OR libvirt-daemon-driver-interface-2.0.0-27.54 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.54 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.54 is installed OR libvirt-daemon-driver-network-2.0.0-27.54 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.54 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.54 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.54 is installed OR libvirt-daemon-driver-secret-2.0.0-27.54 is installed OR libvirt-daemon-driver-storage-2.0.0-27.54 is installed OR libvirt-daemon-hooks-2.0.0-27.54 is installed OR libvirt-daemon-lxc-2.0.0-27.54 is installed OR libvirt-daemon-qemu-2.0.0-27.54 is installed OR libvirt-daemon-xen-2.0.0-27.54 is installed OR libvirt-doc-2.0.0-27.54 is installed OR libvirt-lock-sanlock-2.0.0-27.54 is installed OR libvirt-nss-2.0.0-27.54 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_92-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_24-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-78.2.0-112.19 is installed OR MozillaFirefox-devel-78.2.0-112.19 is installed OR MozillaFirefox-translations-common-78.2.0-112.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libSoundTouch0-1.7.1-5.6 is installed OR soundtouch-1.7.1-5.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libkde4-4.12.0-10 is installed OR libkde4-32bit-4.12.0-10 is installed OR libkdecore4-4.12.0-10 is installed OR libkdecore4-32bit-4.12.0-10 is installed OR libksuseinstall1-4.12.0-10 is installed OR libksuseinstall1-32bit-4.12.0-10 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.124 is installed OR kernel-default-base-4.4.180-94.124 is installed OR kernel-default-devel-4.4.180-94.124 is installed OR kernel-default-kgraft-4.4.180-94.124 is installed OR kernel-devel-4.4.180-94.124 is installed OR kernel-macros-4.4.180-94.124 is installed OR kernel-source-4.4.180-94.124 is installed OR kernel-syms-4.4.180-94.124 is installed OR kgraft-patch-4_4_180-94_124-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_33-1-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-actionview-4_2-4.2.9-9.9 is installed OR ruby2.1-rubygem-activesupport-4_2-4.2.9-7.6 is installed OR rubygem-actionview-4_2-4.2.9-9.9 is installed OR rubygem-activesupport-4_2-4.2.9-7.6 is installed

BACK