OVAL Reference oval:org.opensuse.security:def:58980

Oval Definition:

oval:org.opensuse.security:def:58980

Revision Date:	2020-12-01	Version:	1
Title:	Security update for xen (Important)
Description:	This update for xen fixes several issues. These security issues were fixed: - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260, bsc#1090820) - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially privilege escalation/information leaks (XSA-261, bsc#1090822) - Prevent unbounded loop, induced by qemu allowing an attacker to permanently keep a physical CPU core busy (XSA-262, bsc#1090823) - CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were able to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot (bsc#1089152). - CVE-2018-10471: x86 PV guest OS users were able to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754 (bsc#1089635). These non-security issues were fixed: - bsc#1086039: Ensure that Dom0 does represent DomU cpu flags correctly - bsc#1027519: Fixed shadow mode guests
Family:	unix	Class:	patch
Status:		Reference(s):	1027519 1045640 1076033 1081741 1086039 1089152 1089635 1090820 1090822 1090823 1102682 1103411 1106989 1106996 1107256 1107609 1119947 1120381 1122033 1123161 1124365 1124366 1124368 1128649 1129180 1129346 1130330 1130972 1131317 1131863 1132053 1132054 1132060 1133191 1134156 1134399 1137832 1138459 1139358 1140012 1140359 1140652 1140903 1140945 1141401 1141402 1141452 1141453 1141454 1141628 1141853 1142023 1142098 1142857 1143045 1143048 1143189 1143191 1144257 1144273 1144288 1144902 1144920 1145920 1145922 1146163 1146882 1146884 1148987 1159646 1165631 1173659 1173942 1174247 1178588 CVE-2017-18551 CVE-2017-8779 CVE-2018-10471 CVE-2018-10472 CVE-2018-1050 CVE-2018-10858 CVE-2018-16412 CVE-2018-16413 CVE-2018-16644 CVE-2018-16884 CVE-2018-20467 CVE-2018-20852 CVE-2018-20855 CVE-2018-20856 CVE-2018-5390 CVE-2018-8897 CVE-2019-10160 CVE-2019-10207 CVE-2019-10218 CVE-2019-10650 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-1125 CVE-2019-11487 CVE-2019-11810 CVE-2019-12749 CVE-2019-12973 CVE-2019-13627 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284 CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 CVE-2019-15117 CVE-2019-15118 CVE-2019-16746 CVE-2019-17571 CVE-2019-3819 CVE-2019-3835 CVE-2019-3839 CVE-2019-7175 CVE-2019-7395 CVE-2019-7397 CVE-2019-7398 CVE-2019-9636 CVE-2019-9956 CVE-2020-11668 CVE-2020-14331 CVE-2020-1749 CVE-2020-26950 SUSE-SU-2018:1216-1 SUSE-SU-2018:2339-2 SUSE-SU-2019:0961-1 SUSE-SU-2019:1033-1 SUSE-SU-2019:1767-1 SUSE-SU-2019:2091-1 SUSE-SU-2019:2299-1 SUSE-SU-2019:2478-1 SUSE-SU-2019:2510-1 SUSE-SU-2019:2893-1 SUSE-SU-2020:3331-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND texlive-lm-fonts-2017.133.2.004svn28119-lp150.4 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libipa_hbac-devel-1.16.1-lp151.7.3 is installed OR libipa_hbac0-1.16.1-lp151.7.3 is installed OR libnfsidmap-sss-1.16.1-lp151.7.3 is installed OR libsss_certmap-devel-1.16.1-lp151.7.3 is installed OR libsss_certmap0-1.16.1-lp151.7.3 is installed OR libsss_idmap-devel-1.16.1-lp151.7.3 is installed OR libsss_idmap0-1.16.1-lp151.7.3 is installed OR libsss_nss_idmap-devel-1.16.1-lp151.7.3 is installed OR libsss_nss_idmap0-1.16.1-lp151.7.3 is installed OR libsss_simpleifp-devel-1.16.1-lp151.7.3 is installed OR libsss_simpleifp0-1.16.1-lp151.7.3 is installed OR python3-ipa_hbac-1.16.1-lp151.7.3 is installed OR python3-sss-murmur-1.16.1-lp151.7.3 is installed OR python3-sss_nss_idmap-1.16.1-lp151.7.3 is installed OR python3-sssd-config-1.16.1-lp151.7.3 is installed OR sssd-1.16.1-lp151.7.3 is installed OR sssd-32bit-1.16.1-lp151.7.3 is installed OR sssd-ad-1.16.1-lp151.7.3 is installed OR sssd-dbus-1.16.1-lp151.7.3 is installed OR sssd-ipa-1.16.1-lp151.7.3 is installed OR sssd-krb5-1.16.1-lp151.7.3 is installed OR sssd-krb5-common-1.16.1-lp151.7.3 is installed OR sssd-ldap-1.16.1-lp151.7.3 is installed OR sssd-proxy-1.16.1-lp151.7.3 is installed OR sssd-tools-1.16.1-lp151.7.3 is installed OR sssd-wbclient-1.16.1-lp151.7.3 is installed OR sssd-wbclient-devel-1.16.1-lp151.7.3 is installed OR sssd-winbind-idmap-1.16.1-lp151.7.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libdcerpc-atsvc0-4.2.4-28.29 is installed OR samba-4.2.4-28.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information dbus-1-1.8.22-24.19 is installed OR dbus-1-x11-1.8.22-24.19 is installed OR libdbus-1-3-1.8.22-24.19 is installed OR libdbus-1-3-32bit-1.8.22-24.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.5_02-43.30 is installed OR xen-doc-html-4.7.5_02-43.30 is installed OR xen-libs-4.7.5_02-43.30 is installed OR xen-libs-32bit-4.7.5_02-43.30 is installed OR xen-tools-4.7.5_02-43.30 is installed OR xen-tools-domU-4.7.5_02-43.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libtirpc-netconfig-1.0.1-16 is installed OR libtirpc3-1.0.1-16 is installed OR libtirpc3-32bit-1.0.1-16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpython2_7-1_0-2.7.17-28.42 is installed OR libpython2_7-1_0-32bit-2.7.17-28.42 is installed OR python-2.7.17-28.42 is installed OR python-32bit-2.7.17-28.42 is installed OR python-base-2.7.17-28.42 is installed OR python-base-32bit-2.7.17-28.42 is installed OR python-curses-2.7.17-28.42 is installed OR python-demo-2.7.17-28.42 is installed OR python-devel-2.7.17-28.42 is installed OR python-doc-2.7.17-28.42 is installed OR python-doc-pdf-2.7.17-28.42 is installed OR python-gdbm-2.7.17-28.42 is installed OR python-idle-2.7.17-28.42 is installed OR python-rpm-macros-20200207.5feb6c1-3.19 is installed OR python-tk-2.7.17-28.42 is installed OR python-xml-2.7.17-28.42 is installed OR shared-python-startup-0.1-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information tomcat-8.0.53-29.27 is installed OR tomcat-admin-webapps-8.0.53-29.27 is installed OR tomcat-docs-webapp-8.0.53-29.27 is installed OR tomcat-el-3_0-api-8.0.53-29.27 is installed OR tomcat-javadoc-8.0.53-29.27 is installed OR tomcat-jsp-2_3-api-8.0.53-29.27 is installed OR tomcat-lib-8.0.53-29.27 is installed OR tomcat-servlet-3_1-api-8.0.53-29.27 is installed OR tomcat-webapps-8.0.53-29.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_143-94_47-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_16-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information kernel-default-4.12.14-94.41 is installed OR kernel-default-base-4.12.14-94.41 is installed OR kernel-default-devel-4.12.14-94.41 is installed OR kernel-default-man-4.12.14-94.41 is installed OR kernel-devel-4.12.14-94.41 is installed OR kernel-macros-4.12.14-94.41 is installed OR kernel-source-4.12.14-94.41 is installed OR kernel-syms-4.12.14-94.41 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed

BACK