OVAL Reference oval:org.opensuse.security:def:59347 - CERT Civis.Net

Oval Definition:

oval:org.opensuse.security:def:59347

Revision Date:	2020-12-01	Version:	1
Title:	Security update for ucode-intel (Moderate)
Description:	This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201118 official release. (bsc#1178971) - Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) INTEL-SA-00389 (bsc#1170446) - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594) - CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592) - Release notes: - Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html). - Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html). - Update for functional issues. Refer to [Second Generation Intel? Xeon? Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details. - Update for functional issues. Refer to [Intel? Xeon? Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details. - Update for functional issues. Refer to [Intel? Xeon? Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details. - Update for functional issues. Refer to [10th Gen Intel? Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details. - Update for functional issues. Refer to [8th and 9th Gen Intel? Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details. - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel? Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details. - Update for functional issues. Refer to [6th Gen Intel? Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details. - Update for functional issues. Refer to [Intel? Xeon? E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details. - Update for functional issues. Refer to [Intel? Xeon? E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details. ### New Platforms \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| CPX-SP \| A1 \| 06-55-0b/bf \| \| 0700001e \| Xeon Scalable Gen3 \| LKF \| B2/B3 \| 06-8a-01/10 \| \| 00000028 \| Core w/Hybrid Technology \| TGL \| B1 \| 06-8c-01/80 \| \| 00000068 \| Core Gen11 Mobile \| CML-H \| R1 \| 06-a5-02/20 \| \| 000000e0 \| Core Gen10 Mobile \| CML-S62 \| G1 \| 06-a5-03/22 \| \| 000000e0 \| Core Gen10 \| CML-S102 \| Q0 \| 06-a5-05/22 \| \| 000000e0 \| Core Gen10 \| CML-U62 V2 \| K0 \| 06-a6-01/80 \| \| 000000e0 \| Core Gen10 Mobile ### Updated Platforms \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| HSX-E/EP \| Cx/M1 \| 06-3f-02/6f \| 00000043 \| 00000044 \| Core Gen4 X series; Xeon E5 v3 \| SKL-U/Y \| D0 \| 06-4e-03/c0 \| 000000d6 \| 000000e2 \| Core Gen6 Mobile \| SKL-U23e \| K1 \| 06-4e-03/c0 \| 000000d6 \| 000000e2 \| Core Gen6 Mobile \| SKX-SP \| B1 \| 06-55-03/97 \| 01000157 \| 01000159 \| Xeon Scalable \| SKX-SP \| H0/M0/U0 \| 06-55-04/b7 \| 02006906 \| 02006a08 \| Xeon Scalable \| SKX-D \| M1 \| 06-55-04/b7 \| 02006906 \| 02006a08 \| Xeon D-21xx \| CLX-SP \| B0 \| 06-55-06/bf \| 04002f01 \| 04003003 \| Xeon Scalable Gen2 \| CLX-SP \| B1 \| 06-55-07/bf \| 05002f01 \| 05003003 \| Xeon Scalable Gen2 \| APL \| D0 \| 06-5c-09/03 \| 00000038 \| 00000040 \| Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx \| APL \| E0 \| 06-5c-0a/03 \| 00000016 \| 0000001e \| Atom x5-E39xx \| SKL-H/S \| R0/N0 \| 06-5e-03/36 \| 000000d6 \| 000000e2 \| Core Gen6; Xeon E3 v5 \| GKL-R \| R0 \| 06-7a-08/01 \| 00000016 \| 00000018 \| Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 \| ICL-U/Y \| D1 \| 06-7e-05/80 \| 00000078 \| 000000a0 \| Core Gen10 Mobile \| AML-Y22 \| H0 \| 06-8e-09/10 \| 000000d6 \| 000000de \| Core Gen8 Mobile \| KBL-U/Y \| H0 \| 06-8e-09/c0 \| 000000d6 \| 000000de \| Core Gen7 Mobile \| CFL-U43e \| D0 \| 06-8e-0a/c0 \| 000000d6 \| 000000e0 \| Core Gen8 Mobile \| WHL-U \| W0 \| 06-8e-0b/d0 \| 000000d6 \| 000000de \| Core Gen8 Mobile \| AML-Y42 \| V0 \| 06-8e-0c/94 \| 000000d6 \| 000000de \| Core Gen10 Mobile \| CML-Y42 \| V0 \| 06-8e-0c/94 \| 000000d6 \| 000000de \| Core Gen10 Mobile \| WHL-U \| V0 \| 06-8e-0c/94 \| 000000d6 \| 000000de \| Core Gen8 Mobile \| KBL-G/H/S/E3 \| B0 \| 06-9e-09/2a \| 000000d6 \| 000000de \| Core Gen7; Xeon E3 v6 \| CFL-H/S/E3 \| U0 \| 06-9e-0a/22 \| 000000d6 \| 000000de \| Core Gen8 Desktop, Mobile, Xeon E \| CFL-S \| B0 \| 06-9e-0b/02 \| 000000d6 \| 000000de \| Core Gen8 \| CFL-H/S \| P0 \| 06-9e-0c/22 \| 000000d6 \| 000000de \| Core Gen9 \| CFL-H \| R0 \| 06-9e-0d/22 \| 000000d6 \| 000000de \| Core Gen9 Mobile \| CML-U62 \| A0 \| 06-a6-00/80 \| 000000ca \| 000000e0 \| Core Gen10 Mobile
Family:	unix	Class:	patch
Status:		Reference(s):	1047002 1072947 1078662 1080740 1084300 1086774 1086775 1086813 1086814 1086817 1086820 1090336 1090849 1094301 1094448 1095603 1096985 1097847 1101366 1101776 1101777 1101786 1101788 1101791 1101794 1101800 1101802 1101804 1101810 1105437 1105459 1105460 1106514 1132665 1137443 1144524 1160968 1164860 1166238 1166847 1169511 1170446 1173144 1173592 1173594 1174117 1178971 CVE-2009-1892 CVE-2010-2156 CVE-2010-3611 CVE-2010-3616 CVE-2011-0413 CVE-2011-0997 CVE-2011-2748 CVE-2011-2749 CVE-2011-2895 CVE-2011-4539 CVE-2011-4868 CVE-2012-3570 CVE-2012-3571 CVE-2012-3954 CVE-2012-3955 CVE-2013-2266 CVE-2014-9654 CVE-2015-8605 CVE-2017-10790 CVE-2017-15710 CVE-2017-15715 CVE-2018-10844 CVE-2018-10845 CVE-2018-10846 CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 CVE-2018-12099 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-14339 CVE-2018-14340 CVE-2018-14341 CVE-2018-14342 CVE-2018-14343 CVE-2018-14344 CVE-2018-14367 CVE-2018-14368 CVE-2018-14369 CVE-2018-14370 CVE-2018-16056 CVE-2018-16057 CVE-2018-16058 CVE-2018-3817 CVE-2018-7738 CVE-2019-12735 CVE-2019-13456 CVE-2019-17185 CVE-2019-20503 CVE-2020-13935 CVE-2020-1935 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2020-8163 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 SUSE-SU-2018:1161-2 SUSE-SU-2018:2317-1 SUSE-SU-2018:2825-2 SUSE-SU-2019:0390-1 SUSE-SU-2019:1456-1 SUSE-SU-2020:0261-1 SUSE-SU-2020:0717-1 SUSE-SU-2020:2140-1 SUSE-SU-2020:2391-1 SUSE-SU-2020:2611-1 SUSE-SU-2020:3514-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND python3-libxml2-python-2.9.7-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.2-lp151.2.3 is installed OR libjavascriptcoregtk-4_0-18-32bit-2.24.2-lp151.2.3 is installed OR libwebkit2gtk-4_0-37-2.24.2-lp151.2.3 is installed OR libwebkit2gtk-4_0-37-32bit-2.24.2-lp151.2.3 is installed OR libwebkit2gtk3-lang-2.24.2-lp151.2.3 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.2-lp151.2.3 is installed OR typelib-1_0-WebKit2-4_0-2.24.2-lp151.2.3 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.24.2-lp151.2.3 is installed OR webkit-jsc-4-2.24.2-lp151.2.3 is installed OR webkit2gtk-4_0-injected-bundles-2.24.2-lp151.2.3 is installed OR webkit2gtk3-2.24.2-lp151.2.3 is installed OR webkit2gtk3-devel-2.24.2-lp151.2.3 is installed OR webkit2gtk3-minibrowser-2.24.2-lp151.2.3 is installed OR webkit2gtk3-plugin-process-gtk2-2.24.2-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND ucode-intel-20201118-13.81 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information dhcp-4.3.3-9 is installed OR dhcp-client-4.3.3-9 is installed OR dhcp-relay-4.3.3-9 is installed OR dhcp-server-4.3.3-9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.8 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information tomcat-9.0.36-3.42 is installed OR tomcat-admin-webapps-9.0.36-3.42 is installed OR tomcat-docs-webapp-9.0.36-3.42 is installed OR tomcat-el-3_0-api-9.0.36-3.42 is installed OR tomcat-javadoc-9.0.36-3.42 is installed OR tomcat-jsp-2_3-api-9.0.36-3.42 is installed OR tomcat-lib-9.0.36-3.42 is installed OR tomcat-servlet-4_0-api-9.0.36-3.42 is installed OR tomcat-webapps-9.0.36-3.42 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information libdcerpc-binding0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc-binding0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-doc-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed