OVAL Reference oval:org.opensuse.security:def:59235

Oval Definition:

oval:org.opensuse.security:def:59235

Revision Date:	2020-12-01	Version:	1
Title:	Security update for ucode-intel (Moderate)
Description:	This update for ucode-intel fixes the following issues: Updated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466) This update contains security mitigations for: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824). - CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to mitigate the Vector Register and L1D Eviction Sampling aka 'CacheOutAttack' attacks. (bsc#1156353) Microcode Table: Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ HSW C0 6-3c-3/32 00000027->00000028 Core Gen4 BDW-U/Y E0/F0 6-3d-4/c0 0000002e->0000002f Core Gen5 HSW-U C0/D0 6-45-1/72 00000025->00000026 Core Gen4 HSW-H C0 6-46-1/32 0000001b->0000001c Core Gen4 BDW-H/E3 E0/G0 6-47-1/22 00000021->00000022 Core Gen5 SKL-U/Y D0 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKL-U23e K1 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKX-SP B1 6-55-3/97 01000151->01000157 Xeon Scalable SKX-SP H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable SKX-D M1 6-55-4/b7 02000065->02006906 Xeon D-21xx CLX-SP B0 6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2 CLX-SP B1 6-55-7/bf 0500002c->04002f01 Xeon Scalable Gen2 SKL-H/S R0/N0 6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5 AML-Y22 H0 6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile KBL-U/Y H0 6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile CFL-U43e D0 6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile WHL-U W0 6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile AML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile CML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile WHL-U V0 6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6 CFL-H/S/E3 U0 6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E CFL-S B0 6-9e-b/02 000000ca->000000d6 Core Gen8 CFL-H/S P0 6-9e-c/22 000000ca->000000d6 Core Gen9 CFL-H R0 6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile Also contains the Intel CPU Microcode update to 20200520: Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f->00000621 Xeon E3/E5, Core X SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718->0000071a Xeon E3/E5, Core X
Family:	unix	Class:	patch
Status:		Reference(s):	1051510 1082318 1084878 1088004 1088009 1092548 1117665 1122292 1122299 1126230 1128828 1130840 1131107 1133140 1135966 1135967 1136082 1136261 1137865 1138954 1139073 1140671 1141013 1141035 1141054 1141322 1141780 1141782 1141783 1141785 1141787 1141789 1141853 1142458 1142614 1143187 1144123 1144327 1144379 1144524 1144903 1145477 1146042 1146163 1146285 1146361 1146378 1146391 1146413 1146425 1146512 1146514 1146516 1146519 1146524 1146526 1146529 1146540 1146543 1146547 1146550 1146584 1146589 1147021 1147022 1147122 1148394 1148938 1149083 1149376 1149522 1149527 1149555 1149612 1149955 1150025 1150112 1150452 1150457 1150465 1150584 1150727 1150942 1151347 1151350 1152685 1152711 1152782 1152788 1153108 1153158 1153161 1153238 1153263 1153471 1154043 1154103 1154372 1154824 1155131 1155671 1155789 1155952 1155988 1156353 1157607 1157860 1158527 1159819 1161096 1162423 1162553 1166847 1171670 1171921 1171960 1171961 1171963 1172466 1173274 1173580 1174091 1174701 1175193 1175194 1176410 1177143 1178666 1178667 1178668 CVE-2014-3430 CVE-2016-10906 CVE-2016-4983 CVE-2016-5104 CVE-2017-18379 CVE-2017-18509 CVE-2017-18551 CVE-2017-18595 CVE-2017-2669 CVE-2017-6967 CVE-2018-11212 CVE-2018-12207 CVE-2018-14647 CVE-2018-20852 CVE-2018-20976 CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5174 CVE-2018-5178 CVE-2018-5183 CVE-2019-0154 CVE-2019-0155 CVE-2019-10220 CVE-2019-10220 CVE-2019-11135 CVE-2019-11139 CVE-2019-11745 CVE-2019-11771 CVE-2019-11772 CVE-2019-11775 CVE-2019-13272 CVE-2019-13456 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14821 CVE-2019-14835 CVE-2019-15098 CVE-2019-15211 CVE-2019-15212 CVE-2019-15214 CVE-2019-15215 CVE-2019-15216 CVE-2019-15217 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15239 CVE-2019-15290 CVE-2019-15291 CVE-2019-15505 CVE-2019-15666 CVE-2019-15807 CVE-2019-15902 CVE-2019-15924 CVE-2019-15926 CVE-2019-15927 CVE-2019-16056 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16413 CVE-2019-16935 CVE-2019-16995 CVE-2019-17006 CVE-2019-17055 CVE-2019-17056 CVE-2019-17133 CVE-2019-17133 CVE-2019-17185 CVE-2019-17666 CVE-2019-20907 CVE-2019-2449 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-4473 CVE-2019-7317 CVE-2019-9456 CVE-2019-9506 CVE-2019-9893 CVE-2019-9947 CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-10753 CVE-2020-14349 CVE-2020-14350 CVE-2020-14422 CVE-2020-25219 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-26154 CVE-2020-4044 SUSE-SU-2018:1334-2 SUSE-SU-2019:2371-1 SUSE-SU-2019:2941-1 SUSE-SU-2019:2949-1 SUSE-SU-2019:2959-1 SUSE-SU-2020:0088-1 SUSE-SU-2020:1595-1 SUSE-SU-2020:1748-1 SUSE-SU-2020:1943-1 SUSE-SU-2020:2391-1 SUSE-SU-2020:2900-1 SUSE-SU-2020:3464-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information liblouis-data-3.3.0-lp150.2 is installed OR liblouis14-3.3.0-lp150.2 is installed OR python3-louis-3.3.0-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information aubio-0.4.6-lp151.6.7 is installed OR aubio-tools-0.4.6-lp151.6.7 is installed OR libaubio-devel-0.4.6-lp151.6.7 is installed OR libaubio5-0.4.6-lp151.6.7 is installed OR libaubio5-32bit-0.4.6-lp151.6.7 is installed OR python-aubio-0.4.6-lp151.6.7 is installed OR python2-aubio-0.4.6-lp151.6.7 is installed OR python3-aubio-0.4.6-lp151.6.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.0esr-109.31 is installed OR MozillaFirefox-devel-52.8.0esr-109.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_101-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_27-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND ucode-intel-20200602-13.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information dovecot22-2.2.30.2-14 is installed OR dovecot22-backend-mysql-2.2.30.2-14 is installed OR dovecot22-backend-pgsql-2.2.30.2-14 is installed OR dovecot22-backend-sqlite-2.2.30.2-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND permissions-2015.09.28.1626-17.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND ucode-intel-20180807-13.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information ceph-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR librados2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR librbd1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR librgw2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-rados-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information xorg-x11-server-1.19.6-4.8 is installed OR xorg-x11-server-extra-1.19.6-4.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1566321308.1de18b9a4-3.7 is installed OR crowbar-core-branding-upstream-6.0+git.1566321308.1de18b9a4-3.7 is installed OR crowbar-ha-6.0+git.1566406179.7549de2-3.7 is installed OR crowbar-openstack-6.0+git.1566404979.41279a88e-3.7 is installed OR crowbar-ui-1.3.0+git.1563181545.65360af5-8 is installed OR openstack-ceilometer-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-central-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-compute-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-ipmi-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-agent-notification-11.0.2~dev14-3.7 is installed OR openstack-ceilometer-polling-11.0.2~dev14-3.7 is installed OR openstack-cinder-13.0.7~dev3-3.7 is installed OR openstack-cinder-api-13.0.7~dev3-3.7 is installed OR openstack-cinder-backup-13.0.7~dev3-3.7 is installed OR openstack-cinder-scheduler-13.0.7~dev3-3.7 is installed OR openstack-cinder-volume-13.0.7~dev3-3.7 is installed OR openstack-designate-7.0.1~dev21-3.7 is installed OR openstack-designate-agent-7.0.1~dev21-3.7 is installed OR openstack-designate-api-7.0.1~dev21-3.7 is installed OR openstack-designate-central-7.0.1~dev21-3.7 is installed OR openstack-designate-producer-7.0.1~dev21-3.7 is installed OR openstack-designate-sink-7.0.1~dev21-3.7 is installed OR openstack-designate-worker-7.0.1~dev21-3.7 is installed OR openstack-heat-11.0.3~dev19-3.7 is installed OR openstack-heat-api-11.0.3~dev19-3.7 is installed OR openstack-heat-api-cfn-11.0.3~dev19-3.7 is installed OR openstack-heat-engine-11.0.3~dev19-3.7 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev19-3.7 is installed OR openstack-horizon-plugin-neutron-fwaas-ui-1.5.1~dev6-8 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev7-8 is installed OR openstack-horizon-plugin-neutron-vpnaas-ui-1.4.1~dev7-8 is installed OR openstack-ironic-11.1.4~dev9-3.7 is installed OR openstack-ironic-api-11.1.4~dev9-3.7 is installed OR openstack-ironic-conductor-11.1.4~dev9-3.7 is installed OR openstack-ironic-python-agent-3.3.3~dev4-3.7 is installed OR openstack-keystone-14.1.1~dev8-3.7 is installed OR openstack-magnum-7.1.1~dev28-3.7 is installed OR openstack-magnum-api-7.1.1~dev28-3.7 is installed OR openstack-magnum-conductor-7.1.1~dev28-3.7 is installed OR openstack-manila-7.3.1~dev3-4.7 is installed OR openstack-manila-api-7.3.1~dev3-4.7 is installed OR openstack-manila-data-7.3.1~dev3-4.7 is installed OR openstack-manila-scheduler-7.3.1~dev3-4.7 is installed OR openstack-manila-share-7.3.1~dev3-4.7 is installed OR openstack-monasca-notification-1.14.2~dev1-6.7 is installed OR openstack-monasca-persister-1.12.1~dev9-9 is installed OR openstack-monasca-persister-java-1.12.1~dev9-9 is installed OR openstack-neutron-13.0.5~dev22-3.7 is installed OR openstack-neutron-dhcp-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-gbp-5.0.1~dev459-3.7 is installed OR openstack-neutron-ha-tool-13.0.5~dev22-3.7 is installed OR openstack-neutron-l3-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-lbaas-13.0.1~dev14-3.7 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev14-3.7 is installed OR openstack-neutron-linuxbridge-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-macvtap-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-metadata-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-metering-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-openvswitch-agent-13.0.5~dev22-3.7 is installed OR openstack-neutron-server-13.0.5~dev22-3.7 is installed OR openstack-nova-18.2.2~dev9-3.7 is installed OR openstack-nova-api-18.2.2~dev9-3.7 is installed OR openstack-nova-cells-18.2.2~dev9-3.7 is installed OR openstack-nova-compute-18.2.2~dev9-3.7 is installed OR openstack-nova-conductor-18.2.2~dev9-3.7 is installed OR openstack-nova-console-18.2.2~dev9-3.7 is installed OR openstack-nova-novncproxy-18.2.2~dev9-3.7 is installed OR openstack-nova-placement-api-18.2.2~dev9-3.7 is installed OR openstack-nova-scheduler-18.2.2~dev9-3.7 is installed OR openstack-nova-serialproxy-18.2.2~dev9-3.7 is installed OR openstack-nova-vncproxy-18.2.2~dev9-3.7 is installed OR openstack-octavia-3.1.2~dev8-3.7 is installed OR openstack-octavia-amphora-agent-3.1.2~dev8-3.7 is installed OR openstack-octavia-api-3.1.2~dev8-3.7 is installed OR openstack-octavia-health-manager-3.1.2~dev8-3.7 is installed OR openstack-octavia-housekeeping-3.1.2~dev8-3.7 is installed OR openstack-octavia-worker-3.1.2~dev8-3.7 is installed OR openstack-tempest-19.0.0-12 is installed OR openstack-tempest-test-19.0.0-12 is installed OR python-ceilometer-11.0.2~dev14-3.7 is installed OR python-cinder-13.0.7~dev3-3.7 is installed OR python-cinder-tempest-plugin-0.1.0-8 is installed OR python-designate-7.0.1~dev21-3.7 is installed OR python-heat-11.0.3~dev19-3.7 is installed OR python-horizon-plugin-neutron-fwaas-ui-1.5.1~dev6-8 is installed OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev7-8 is installed OR python-horizon-plugin-neutron-vpnaas-ui-1.4.1~dev7-8 is installed OR python-ironic-11.1.4~dev9-3.7 is installed OR python-ironicclient-2.5.3-4.7 is installed OR python-ironicclient-doc-2.5.3-4.7 is installed OR python-keystone-14.1.1~dev8-3.7 is installed OR python-keystonemiddleware-5.2.0-8 is installed OR python-magnum-7.1.1~dev28-3.7 is installed OR python-manila-7.3.1~dev3-4.7 is installed OR python-monasca-notification-1.14.2~dev1-6.7 is installed OR python-monasca-persister-1.12.1~dev9-9 is installed OR python-monasca-tempest-plugin-0.3.0-8 is installed OR python-neutron-13.0.5~dev22-3.7 is installed OR python-neutron-gbp-5.0.1~dev459-3.7 is installed OR python-neutron-lbaas-13.0.1~dev14-3.7 is installed OR python-nova-18.2.2~dev9-3.7 is installed OR python-octavia-3.1.2~dev8-3.7 is installed OR python-openstackclient-3.16.2-8 is installed OR python-openstacksdk-0.17.3-8 is installed OR python-proliantutils-2.8.4-8 is installed OR python-tempest-19.0.0-12 is installed OR python-vmware-nsx-13.0.1~dev146-9 is installed OR python-vmware-nsxlib-13.0.1~dev24-8 is installed OR yast2-crowbar-3.4.2-8 is installed

BACK