Oval Definition:oval:org.opensuse.security:def:59358
Revision Date:2020-12-01Version:1
Title:Security update for ovmf (Moderate)
Description:

This update for ovmf fixes the following issues:

Security issues fixed:

- CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth (bsc#1094291). - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation (bsc#1163959). - CVE-2019-14559: Fixed a remotely exploitable memory leak in the ARP handling code (bsc#1163927). - CVE-2019-14575: Fixed an insufficient signature check in the DxeImageVerificationHandler (bsc#1163969).

Bug fixes:

- Only use SLES-UEFI-CA-Certificate-2048.crt for the SUSE flavor to provide the better compatibility. (bsc#1077330)
Family:unixClass:patch
Status:Reference(s):1061599
1077330
1080891
1082318
1088681
1092544
1094291
1107116
1107121
1107832
1108308
1110233
1112142
1112143
1112144
1112146
1112147
1112148
1112152
1112153
1117632
1130103
1133528
1137001
1141322
1158527
1159819
1163927
1163959
1163969
1167976
1168994
1172437
1173986
1174420
1174633
1174635
1174638
1175534
1175626
1175656
1176343
1176344
1176345
1176346
1176347
1176348
1176349
1176350
1176756
CVE-2010-2640
CVE-2010-2641
CVE-2010-2642
CVE-2010-2643
CVE-2016-6354
CVE-2017-8422
CVE-2018-0739
CVE-2018-13785
CVE-2018-14633
CVE-2018-16428
CVE-2018-16429
CVE-2018-16435
CVE-2018-16476
CVE-2018-17182
CVE-2018-2755
CVE-2018-2759
CVE-2018-2761
CVE-2018-2766
CVE-2018-2767
CVE-2018-2771
CVE-2018-2777
CVE-2018-2781
CVE-2018-2782
CVE-2018-2784
CVE-2018-2786
CVE-2018-2787
CVE-2018-2810
CVE-2018-2813
CVE-2018-2817
CVE-2018-2819
CVE-2018-3136
CVE-2018-3139
CVE-2018-3149
CVE-2018-3169
CVE-2018-3180
CVE-2018-3183
CVE-2018-3214
CVE-2019-11745
CVE-2019-12450
CVE-2019-14559
CVE-2019-14563
CVE-2019-14575
CVE-2019-17006
CVE-2019-3859
CVE-2020-10713
CVE-2020-10757
CVE-2020-14345
CVE-2020-14346
CVE-2020-14347
CVE-2020-14364
CVE-2020-15673
CVE-2020-15676
CVE-2020-15677
CVE-2020-15678
CVE-2020-25595
CVE-2020-25596
CVE-2020-25597
CVE-2020-25599
CVE-2020-25600
CVE-2020-25601
CVE-2020-25603
CVE-2020-25604
SUSE-SU-2018:1771-1
SUSE-SU-2018:3074-2
SUSE-SU-2019:0057-1
SUSE-SU-2019:0152-1
SUSE-SU-2019:1060-1
SUSE-SU-2019:1722-1
SUSE-SU-2020:0088-1
SUSE-SU-2020:0495-1
SUSE-SU-2020:2331-1
SUSE-SU-2020:2628-1
SUSE-SU-2020:2759-1
SUSE-SU-2020:2787-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • ImageMagick-7.0.7.29-lp150.1 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.29-lp150.1 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-branding-upstream-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-buildsymbols-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-devel-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-translations-common-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-translations-other-60.8.0-lp151.2.10 is installed
  • OR libfreebl3-3.44.1-lp151.2.3 is installed
  • OR libfreebl3-32bit-3.44.1-lp151.2.3 is installed
  • OR libfreebl3-hmac-3.44.1-lp151.2.3 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-32bit-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-hmac-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-certs-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-devel-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-sysinit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-tools-3.44.1-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libecpg6-10.5-1.3 is installed
  • OR libpq5-10.5-1.3 is installed
  • OR libpq5-32bit-10.5-1.3 is installed
  • OR postgresql-init-10-17.20 is installed
  • OR postgresql10-10.5-1.3 is installed
  • OR postgresql10-contrib-10.5-1.3 is installed
  • OR postgresql10-docs-10.5-1.3 is installed
  • OR postgresql10-libs-10.5-1.3 is installed
  • OR postgresql10-server-10.5-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_92-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_24-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • ovmf-2015+git1462940744.321151f-19.10 is installed
  • OR ovmf-tools-2015+git1462940744.321151f-19.10 is installed
  • OR qemu-ovmf-x86_64-2015+git1462940744.321151f-19.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • evince-3.20.1-5 is installed
  • OR evince-browser-plugin-3.20.1-5 is installed
  • OR evince-lang-3.20.1-5 is installed
  • OR evince-plugin-djvudocument-3.20.1-5 is installed
  • OR evince-plugin-dvidocument-3.20.1-5 is installed
  • OR evince-plugin-pdfdocument-3.20.1-5 is installed
  • OR evince-plugin-psdocument-3.20.1-5 is installed
  • OR evince-plugin-tiffdocument-3.20.1-5 is installed
  • OR evince-plugin-xpsdocument-3.20.1-5 is installed
  • OR libevdocument3-4-3.20.1-5 is installed
  • OR libevview3-3-3.20.1-5 is installed
  • OR nautilus-evince-3.20.1-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • git-2.12.3-27.22 is installed
  • OR git-core-2.12.3-27.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
  • OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
  • OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
  • OR webkit2gtk3-2.24.4-2.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_perl-2.0.8-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • kernel-default-4.12.14-95.57 is installed
  • OR kernel-default-base-4.12.14-95.57 is installed
  • OR kernel-default-devel-4.12.14-95.57 is installed
  • OR kernel-default-man-4.12.14-95.57 is installed
  • OR kernel-devel-4.12.14-95.57 is installed
  • OR kernel-macros-4.12.14-95.57 is installed
  • OR kernel-source-4.12.14-95.57 is installed
  • OR kernel-syms-4.12.14-95.57 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libmariadb3-3.0.3-3.3 is installed
  • OR mariadb-10.2.15-4.3 is installed
  • OR mariadb-client-10.2.15-4.3 is installed
  • OR mariadb-connector-c-3.0.3-3.3 is installed
  • OR mariadb-errormessages-10.2.15-4.3 is installed
  • OR mariadb-galera-10.2.15-4.3 is installed
  • OR mariadb-tools-10.2.15-4.3 is installed
  • OR xtrabackup-2.4.10-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-activejob-4_2-4.2.9-3.6 is installed
  • OR rubygem-activejob-4_2-4.2.9-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • libX11-1.6.2-12.12 is installed
  • OR libX11-6-1.6.2-12.12 is installed
  • OR libX11-6-32bit-1.6.2-12.12 is installed
  • OR libX11-data-1.6.2-12.12 is installed
  • OR libX11-xcb1-1.6.2-12.12 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.12 is installed
    • BACK