Oval Definition:	oval:org.opensuse.security:def:59081
Revision Date: 2020-12-01 Version: 1 Title: Security update for libvirt (Important) Description: This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). - CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303). Non-security issue fixed: - qemu: Add support for overriding max threads per process limit (bsc#1133719) Family: unix Class: patch Status: Reference(s): 1054413 1073879 1096449 1102682 1104076 1107832 1111056 1111622 1119947 1122668 1123156 1124729 1124734 1128378 1133719 1138301 1138303 1138954 1139083 1144327 1144379 1146873 1149811 1150584 1151021 1152711 1153108 1153471 1155789 1155952 1156321 1156331 1157860 1161066 1163018 1166240 1170940 1173274 1173477 1173580 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1176579 761500 922448 929736 935252 945455 947357 961596 967128 985657 CVE-2010-4000 CVE-2011-0904 CVE-2011-0905 CVE-2011-1164 CVE-2015-2296 CVE-2016-3189 CVE-2017-18922 CVE-2017-6967 CVE-2018-12472 CVE-2018-14633 CVE-2018-16884 CVE-2018-18074 CVE-2018-20856 CVE-2018-21247 CVE-2018-5390 CVE-2018-6126 CVE-2019-10161 CVE-2019-10167 CVE-2019-10220 CVE-2019-12068 CVE-2019-12900 CVE-2019-13272 CVE-2019-14835 CVE-2019-15890 CVE-2019-20839 CVE-2019-20840 CVE-2019-6778 CVE-2019-6974 CVE-2019-7221 CVE-2019-9213 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-14422 CVE-2020-1472 CVE-2020-1711 CVE-2020-1983 CVE-2020-4044 CVE-2020-7039 CVE-2020-8608 SUSE-SU-2018:1783-2 SUSE-SU-2019:1955-1 SUSE-SU-2019:2105-1 SUSE-SU-2020:1526-1 SUSE-SU-2020:1792-1 SUSE-SU-2020:2157-1 SUSE-SU-2020:2167-1 SUSE-SU-2020:2724-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND cifs-utils-6.5-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libwavpack1-5.1.0-lp151.5.3 is installed OR libwavpack1-32bit-5.1.0-lp151.5.3 is installed OR wavpack-5.1.0-lp151.5.3 is installed OR wavpack-devel-5.1.0-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libvirt-2.0.0-27.61 is installed OR libvirt-client-2.0.0-27.61 is installed OR libvirt-daemon-2.0.0-27.61 is installed OR libvirt-daemon-config-network-2.0.0-27.61 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.61 is installed OR libvirt-daemon-driver-interface-2.0.0-27.61 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.61 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.61 is installed OR libvirt-daemon-driver-network-2.0.0-27.61 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.61 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.61 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.61 is installed OR libvirt-daemon-driver-secret-2.0.0-27.61 is installed OR libvirt-daemon-driver-storage-2.0.0-27.61 is installed OR libvirt-daemon-hooks-2.0.0-27.61 is installed OR libvirt-daemon-lxc-2.0.0-27.61 is installed OR libvirt-daemon-qemu-2.0.0-27.61 is installed OR libvirt-daemon-xen-2.0.0-27.61 is installed OR libvirt-doc-2.0.0-27.61 is installed OR libvirt-lock-sanlock-2.0.0-27.61 is installed OR libvirt-nss-2.0.0-27.61 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gnome-shell-3.20.4-76 is installed OR gnome-shell-browser-plugin-3.20.4-76 is installed OR gnome-shell-lang-3.20.4-76 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_143-94_47-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_16-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libXcursor-1.1.14-4.6 is installed OR libXcursor1-1.1.14-4.6 is installed OR libXcursor1-32bit-1.1.14-4.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND gd-2.1.0-24.9 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information python-certifi-2018.4.16-3.6 is installed OR python-chardet-3.0.4-5.6 is installed OR python-urllib3-1.22-3.20 is installed OR python3-certifi-2018.4.16-3.6 is installed OR python3-chardet-3.0.4-5.6 is installed OR python3-requests-2.20.1-5 is installed OR python3-urllib3-1.22-3.20 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed
BACK