Oval Definition:	oval:org.opensuse.security:def:58913
Revision Date: 2021-03-02 Version: 1 Title: Security update for grub2 (Important) Description: This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057) Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263) Family: unix Class: patch Status: Reference(s): 1005776 1006867 1012382 1012829 1014524 1015567 1022098 1023988 1024908 1027054 1029912 1031717 1034113 1034503 1035432 1042286 1042824 1042911 1043441 1043485 1045330 1045640 1048110 1048272 1049374 1049375 1050048 1050119 1050122 1050126 1050132 1050617 1052207 1052248 1052251 1052254 1052472 1052688 1052711 1052747 1052750 1052754 1052761 1055069 1055229 1056768 1057163 1058009 1060644 1062840 1065600 1065615 1066223 1067118 1068032 1068569 1069135 1069591 1071306 1071892 1072363 1072689 1072739 1072865 1072898 1073311 1073401 1074119 1074170 1074198 1074426 1075087 1075821 1076033 1076182 1076282 1077285 1077513 1077560 1077779 1078433 1078583 1078609 1078672 1078673 1078787 1079029 1079038 1079384 1079989 1080014 1080157 1080263 1080344 1080360 1080364 1080384 1080464 1080533 1080774 1080809 1080813 1080851 1081134 1081431 1081491 1081498 1081500 1081512 1081671 1082223 1082299 1082478 1082632 1082795 1082864 1082897 1082979 1082993 1083494 1083548 1084610 1085053 1085107 1085224 1085239 1087231 1087659 1087906 1088268 1090036 1090174 1093158 1094268 1096748 1100152 1100453 1101506 1103098 1103186 1106913 1107256 1109772 1111331 1112178 1113399 1116841 1118338 1119019 1122822 1123161 1124832 1125580 1129279 1130972 1131416 1131427 1131587 1132673 1132828 1133188 1134399 1139358 1140012 1140652 1140903 1140945 1141401 1141402 1141452 1141453 1141454 1141628 1142023 1142098 1142857 1143045 1143048 1143189 1143191 1144257 1144273 1144288 1144920 1145920 1145922 1146163 1155787 1160398 1165787 1169511 1173948 1174538 1175970 1176711 1177513 1177883 1179264 1179265 1182057 1182262 1182263 863764 966328 975772 983145 CVE-2012-0862 CVE-2012-2150 CVE-2013-1430 CVE-2013-4342 CVE-2014-3634 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 CVE-2016-6489 CVE-2016-8636 CVE-2017-0861 CVE-2017-11166 CVE-2017-11170 CVE-2017-11448 CVE-2017-11450 CVE-2017-11528 CVE-2017-11530 CVE-2017-11531 CVE-2017-11533 CVE-2017-11537 CVE-2017-11638 CVE-2017-11642 CVE-2017-12418 CVE-2017-12427 CVE-2017-12429 CVE-2017-12432 CVE-2017-12566 CVE-2017-12654 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12668 CVE-2017-12674 CVE-2017-13058 CVE-2017-13131 CVE-2017-13166 CVE-2017-14060 CVE-2017-14139 CVE-2017-14224 CVE-2017-15951 CVE-2017-16644 CVE-2017-16912 CVE-2017-16913 CVE-2017-16927 CVE-2017-17682 CVE-2017-17741 CVE-2017-17885 CVE-2017-17934 CVE-2017-17975 CVE-2017-18028 CVE-2017-18174 CVE-2017-18208 CVE-2017-18551 CVE-2017-2518 CVE-2017-6967 CVE-2017-9405 CVE-2017-9407 CVE-2018-1000026 CVE-2018-1000199 CVE-2018-1068 CVE-2018-1091 CVE-2018-1120 CVE-2018-1128 CVE-2018-1129 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-19407 CVE-2018-20855 CVE-2018-20856 CVE-2018-5357 CVE-2018-5391 CVE-2018-6405 CVE-2018-8087 CVE-2019-10207 CVE-2019-11091 CVE-2019-1125 CVE-2019-11486 CVE-2019-11810 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284 CVE-2019-15117 CVE-2019-15118 CVE-2019-3819 CVE-2019-3882 CVE-2019-8564 CVE-2019-9503 CVE-2020-10188 CVE-2020-14372 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-25632 CVE-2020-25645 CVE-2020-25647 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-27749 CVE-2020-27779 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-6463 CVE-2020-6514 CVE-2021-20225 CVE-2021-20233 SUSE-SU-2018:0581-1 SUSE-SU-2018:0785-1 SUSE-SU-2018:1253-1 SUSE-SU-2019:1287-1 SUSE-SU-2019:1860-1 SUSE-SU-2019:3050-1 SUSE-SU-2020:1533-1 SUSE-SU-2020:1686-1 SUSE-SU-2020:3433-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libvirglrenderer0-0.6.0-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libsingularity1-2.6.1-lp151.2.3 is installed OR singularity-2.6.1-lp151.2.3 is installed OR singularity-devel-2.6.1-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-71.42 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.42 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-openjdk-1.8.0.252-27.45 is installed OR java-1_8_0-openjdk-demo-1.8.0.252-27.45 is installed OR java-1_8_0-openjdk-devel-1.8.0.252-27.45 is installed OR java-1_8_0-openjdk-headless-1.8.0.252-27.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libhogweed2-2.7.1-12 is installed OR libhogweed2-32bit-2.7.1-12 is installed OR libnettle4-2.7.1-12 is installed OR libnettle4-32bit-2.7.1-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information grub2-2.02-4.69.1 is installed OR grub2-i386-pc-2.02-4.69.1 is installed OR grub2-snapper-plugin-2.02-4.69.1 is installed OR grub2-systemd-sleep-plugin-2.02-4.69.1 is installed OR grub2-x86_64-efi-2.02-4.69.1 is installed OR grub2-x86_64-xen-2.02-4.69.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cyrus-sasl-2.1.26-8.7 is installed OR cyrus-sasl-32bit-2.1.26-8.7 is installed OR cyrus-sasl-crammd5-2.1.26-8.7 is installed OR cyrus-sasl-crammd5-32bit-2.1.26-8.7 is installed OR cyrus-sasl-digestmd5-2.1.26-8.7 is installed OR cyrus-sasl-gssapi-2.1.26-8.7 is installed OR cyrus-sasl-gssapi-32bit-2.1.26-8.7 is installed OR cyrus-sasl-otp-2.1.26-8.7 is installed OR cyrus-sasl-otp-32bit-2.1.26-8.7 is installed OR cyrus-sasl-plain-2.1.26-8.7 is installed OR cyrus-sasl-plain-32bit-2.1.26-8.7 is installed OR cyrus-sasl-saslauthd-2.1.26-8.7 is installed OR cyrus-sasl-sqlauxprop-2.1.26-8.7 is installed OR cyrus-sasl-sqlauxprop-32bit-2.1.26-8.7 is installed OR libsasl2-3-2.1.26-8.7 is installed OR libsasl2-3-32bit-2.1.26-8.7 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
BACK