Oval Definition:oval:org.opensuse.security:def:59269
Revision Date:2020-12-01Version:1
Title:Security update for grub2 (Important)
Description:

This update for grub2 fixes the following issues:

- Fix for CVE-2020-10713 (bsc#1168994) - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) - Fix for CVE-2020-15706 (bsc#1174463) - Fix for CVE-2020-15707 (bsc#1174570)

- Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data - Use gcc-9 compiler for overflow check builtins - Backport gcc-9 build fixes - Fix packed-not-aligned error on GCC 8 (bsc#1084632) - Backport gcc-7 build fixes
Family:unixClass:patch
Status:Reference(s):1082828
1084632
1091236
1093414
1106383
1119947
1120943
1128471
1128472
1128474
1128476
1128480
1128481
1128490
1128492
1128493
1133495
1137443
1139459
1150734
1151377
1151506
1154043
1155574
1156482
1157198
1159814
1159913
1160770
1162108
1165631
1168994
1170643
1170771
1173659
1173812
1173942
1174247
1174463
1174570
1174633
1174635
1174638
1175194
1178666
1178667
1178668
CVE-2011-3172
CVE-2016-9445
CVE-2016-9446
CVE-2016-9809
CVE-2016-9812
CVE-2016-9813
CVE-2017-15130
CVE-2017-5843
CVE-2017-5848
CVE-2018-16884
CVE-2018-20030
CVE-2019-12735
CVE-2019-16746
CVE-2019-3688
CVE-2019-3690
CVE-2019-3855
CVE-2019-3856
CVE-2019-3857
CVE-2019-3858
CVE-2019-3859
CVE-2019-3860
CVE-2019-3861
CVE-2019-3862
CVE-2019-3863
CVE-2019-5108
CVE-2019-9278
CVE-2020-10713
CVE-2020-11668
CVE-2020-12243
CVE-2020-14308
CVE-2020-14309
CVE-2020-14310
CVE-2020-14311
CVE-2020-14331
CVE-2020-14345
CVE-2020-14346
CVE-2020-14347
CVE-2020-14350
CVE-2020-15706
CVE-2020-15707
CVE-2020-1712
CVE-2020-1749
CVE-2020-25694
CVE-2020-25695
CVE-2020-25696
CVE-2020-3899
SUSE-SU-2018:2632-2
SUSE-SU-2019:0655-1
SUSE-SU-2019:1456-1
SUSE-SU-2019:3180-1
SUSE-SU-2020:0331-1
SUSE-SU-2020:1193-1
SUSE-SU-2020:1211-1
SUSE-SU-2020:2076-1
SUSE-SU-2020:2331-1
SUSE-SU-2020:2502-1
SUSE-SU-2020:3477-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libpurple-2.13.0-lp150.3 is installed
  • OR libpurple-lang-2.13.0-lp150.3 is installed
  • OR libpurple-tcl-2.13.0-lp150.3 is installed
  • OR pidgin-2.13.0-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • sudo-1.8.22-lp151.5.6 is installed
  • OR sudo-devel-1.8.22-lp151.5.6 is installed
  • OR sudo-test-1.8.22-lp151.5.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • dovecot22-2.2.31-19.11 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.11 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.11 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_80-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • grub2-2.02~beta2-115.49 is installed
  • OR grub2-i386-pc-2.02~beta2-115.49 is installed
  • OR grub2-powerpc-ieee1275-2.02~beta2-115.49 is installed
  • OR grub2-s390x-emu-2.02~beta2-115.49 is installed
  • OR grub2-snapper-plugin-2.02~beta2-115.49 is installed
  • OR grub2-systemd-sleep-plugin-2.02~beta2-115.49 is installed
  • OR grub2-x86_64-efi-2.02~beta2-115.49 is installed
  • OR grub2-x86_64-xen-2.02~beta2-115.49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gstreamer-plugins-bad-1.8.3-17 is installed
  • OR gstreamer-plugins-bad-lang-1.8.3-17 is installed
  • OR libgstadaptivedemux-1_0-0-1.8.3-17 is installed
  • OR libgstbadaudio-1_0-0-1.8.3-17 is installed
  • OR libgstbadbase-1_0-0-1.8.3-17 is installed
  • OR libgstbadvideo-1_0-0-1.8.3-17 is installed
  • OR libgstbasecamerabinsrc-1_0-0-1.8.3-17 is installed
  • OR libgstcodecparsers-1_0-0-1.8.3-17 is installed
  • OR libgstgl-1_0-0-1.8.3-17 is installed
  • OR libgstmpegts-1_0-0-1.8.3-17 is installed
  • OR libgstphotography-1_0-0-1.8.3-17 is installed
  • OR libgsturidownloader-1_0-0-1.8.3-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.1-2.50 is installed
  • OR libwebkit2gtk-4_0-37-2.28.1-2.50 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.1-2.50 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.1-2.50 is installed
  • OR webkit2gtk3-2.28.1-2.50 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • apache2-2.4.23-29.54 is installed
  • OR apache2-doc-2.4.23-29.54 is installed
  • OR apache2-example-pages-2.4.23-29.54 is installed
  • OR apache2-prefork-2.4.23-29.54 is installed
  • OR apache2-utils-2.4.23-29.54 is installed
  • OR apache2-worker-2.4.23-29.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libXtst6-1.2.2-7 is installed
  • OR libXtst6-32bit-1.2.2-7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • xorg-x11-server-7.6_1.18.3-76.26 is installed
  • OR xorg-x11-server-extra-7.6_1.18.3-76.26 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-SQLAlchemy-1.2.10-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND permissions-2015.09.28.1626-17.20 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND squid-3.5.21-26.29 is installed
    • BACK