Oval Definition:	oval:org.opensuse.security:def:59033
Revision Date: 2020-12-01 Version: 1 Title: Security update for libvirt (Important) Description: This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Sampling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the libvirt adjustments, that pass through the new 'md-clear' CPU flag (bsc#1135273). For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736 Other security issues fixed: - CVE-2019-3886: Fixed an information leak which allowed to retrieve the guest hostname under readonly mode (bsc#1131595). - qemu: Add support for using AES secret for SCSI hotplug Family: unix Class: patch Status: Reference(s): 1034674 1034678 1067203 1072193 1077999 1087932 1097158 1097624 1098592 1111331 1124729 1124734 1128378 1131595 1135273 1139959 1140122 1149792 1150003 1150250 1151021 1157763 1158328 1160968 1162972 1167068 1168930 1169605 1169786 1169936 1170302 1170558 1170603 1170715 1170741 1170939 1171363 1172698 1172704 682920 929629 990636 CVE-2011-4349 CVE-2014-4038 CVE-2014-4039 CVE-2014-8146 CVE-2014-8147 CVE-2016-6293 CVE-2017-14952 CVE-2017-15422 CVE-2017-17484 CVE-2017-7867 CVE-2017-7868 CVE-2018-0732 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 CVE-2019-11745 CVE-2019-13012 CVE-2019-13722 CVE-2019-14835 CVE-2019-1547 CVE-2019-1563 CVE-2019-15961 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-3886 CVE-2019-6974 CVE-2019-7221 CVE-2019-9213 CVE-2020-11008 CVE-2020-12108 CVE-2020-12137 CVE-2020-12268 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 CVE-2020-5260 CVE-2020-8023 SUSE-SU-2018:1401-2 SUSE-SU-2019:0683-1 SUSE-SU-2019:1438-1 SUSE-SU-2019:1830-1 SUSE-SU-2019:3177-1 SUSE-SU-2019:3347-1 SUSE-SU-2020:0456-1 SUSE-SU-2020:1295-1 SUSE-SU-2020:1301-1 SUSE-SU-2020:1859-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-lp150.4.13 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-lp150.4.13 is installed OR qemu-ovmf-ia32-2017+git1510945757.b2662641d5-lp150.4.13 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-lp150.4.13 is installed OR qemu-ovmf-x86_64-debug-2017+git1510945757.b2662641d5-lp150.4.13 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information rmt-server-2.3.1-lp151.2.3 is installed OR rmt-server-config-2.3.1-lp151.2.3 is installed OR rmt-server-pubcloud-2.3.1-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information icu-52.1-8.7 is installed OR libicu-doc-52.1-8.7 is installed OR libicu52_1-52.1-8.7 is installed OR libicu52_1-32bit-52.1-8.7 is installed OR libicu52_1-data-52.1-8.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libvirt-2.0.0-27.54 is installed OR libvirt-client-2.0.0-27.54 is installed OR libvirt-daemon-2.0.0-27.54 is installed OR libvirt-daemon-config-network-2.0.0-27.54 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.54 is installed OR libvirt-daemon-driver-interface-2.0.0-27.54 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.54 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.54 is installed OR libvirt-daemon-driver-network-2.0.0-27.54 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.54 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.54 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.54 is installed OR libvirt-daemon-driver-secret-2.0.0-27.54 is installed OR libvirt-daemon-driver-storage-2.0.0-27.54 is installed OR libvirt-daemon-hooks-2.0.0-27.54 is installed OR libvirt-daemon-lxc-2.0.0-27.54 is installed OR libvirt-daemon-qemu-2.0.0-27.54 is installed OR libvirt-daemon-xen-2.0.0-27.54 is installed OR libvirt-doc-2.0.0-27.54 is installed OR libvirt-lock-sanlock-2.0.0-27.54 is installed OR libvirt-nss-2.0.0-27.54 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_156-94_61-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_19-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND binutils-2.32-9.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openslp-2.0.0-18.17 is installed OR openslp-32bit-2.0.0-18.17 is installed OR openslp-server-2.0.0-18.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information bind-9.11.2-1 is installed OR bind-chrootenv-9.11.2-1 is installed OR bind-doc-9.11.2-1 is installed OR bind-utils-9.11.2-1 is installed OR libbind9-160-9.11.2-1 is installed OR libdns169-9.11.2-1 is installed OR libirs160-9.11.2-1 is installed OR libisc166-9.11.2-1 is installed OR libisc166-32bit-9.11.2-1 is installed OR libisccc160-9.11.2-1 is installed OR libisccfg160-9.11.2-1 is installed OR liblwres160-9.11.2-1 is installed OR python-bind-9.11.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information ghostscript-9.52-23.39 is installed OR ghostscript-x11-9.52-23.39 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND squid-3.5.21-26.17 is installed
BACK