Oval Definition:	oval:org.opensuse.security:def:59027
Revision Date: 2020-12-01 Version: 1 Title: Security update for xen (Important) Description: This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionally also use CPU Microcode updates. The mitigation can be controlled via the 'mds' commandline option, see the documentation. For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736 Other fixes: - CVE-2018-20815: Fixed a heap buffer overflow while loading device tree blob (bsc#1130680). - Fixed an issue with live migration when spectre is enabled on xen boot cmdline (bsc#1116380). - Fixed an issue with live migration (bsc#1133818). - Added upstream bug fix (bsc#1027519). Family: unix Class: patch Status: Reference(s): 1027519 1085449 1086039 1089152 1089635 1090820 1090822 1090823 1093311 1111331 1112142 1112143 1112144 1112146 1112147 1112148 1112152 1112153 1116380 1122706 1130680 1133191 1133818 1136446 1136935 1137597 1148987 1155321 1155787 1156318 1157763 1159329 1161719 1163809 1165528 1169658 1170603 1171186 1172405 1177513 CVE-2006-4484 CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738 CVE-2017-2518 CVE-2017-5754 CVE-2018-10471 CVE-2018-10472 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-13785 CVE-2018-1417 CVE-2018-16435 CVE-2018-20815 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2825 CVE-2018-2826 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 CVE-2018-8897 CVE-2019-11091 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-13627 CVE-2019-15961 CVE-2019-3813 CVE-2019-3846 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2020-10018 CVE-2020-11793 CVE-2020-12268 CVE-2020-12387 CVE-2020-12388 CVE-2020-12389 CVE-2020-12392 CVE-2020-12393 CVE-2020-12395 CVE-2020-25645 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-6831 CVE-2020-8022 SUSE-SU-2018:3230-1 SUSE-SU-2019:0057-1 SUSE-SU-2019:1371-1 SUSE-SU-2019:2510-1 SUSE-SU-2019:3050-1 SUSE-SU-2019:3177-1 SUSE-SU-2020:1212-1 SUSE-SU-2020:1218-1 SUSE-SU-2020:1791-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information ghostscript-9.26a-lp150.2.12 is installed OR ghostscript-devel-9.26a-lp150.2.12 is installed OR ghostscript-mini-9.26a-lp150.2.12 is installed OR ghostscript-mini-devel-9.26a-lp150.2.12 is installed OR ghostscript-x11-9.26a-lp150.2.12 is installed OR libspectre-devel-0.2.8-lp150.2.9 is installed OR libspectre1-0.2.8-lp150.2.9 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND ucode-intel-20190618-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.5_02-43.30 is installed OR xen-doc-html-4.7.5_02-43.30 is installed OR xen-libs-4.7.5_02-43.30 is installed OR xen-libs-32bit-4.7.5_02-43.30 is installed OR xen-tools-4.7.5_02-43.30 is installed OR xen-tools-domU-4.7.5_02-43.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.6_06-43.51 is installed OR xen-doc-html-4.7.6_06-43.51 is installed OR xen-libs-4.7.6_06-43.51 is installed OR xen-libs-32bit-4.7.6_06-43.51 is installed OR xen-tools-4.7.6_06-43.51 is installed OR xen-tools-domU-4.7.6_06-43.51 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND binutils-2.26.1-9.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libxerces-c-3_1-3.1.1-13.3 is installed OR libxerces-c-3_1-32bit-3.1.1-13.3 is installed OR xerces-c-3.1.1-13.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information ibus-1.5.13-15.11 is installed OR ibus-gtk-1.5.13-15.11 is installed OR ibus-gtk3-1.5.13-15.11 is installed OR ibus-lang-1.5.13-15.11 is installed OR libibus-1_0-5-1.5.13-15.11 is installed OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information augeas-1.2.0-17.3 is installed OR augeas-lenses-1.2.0-17.3 is installed OR libaugeas0-1.2.0-17.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND xrdp-0.9.0~git.1456906198.f422461-21.27 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND clamav-0.100.3-33.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
BACK