Oval Definition:oval:org.opensuse.security:def:59429
Revision Date:2020-12-01Version:1
Title:Security update for qemu (Moderate)
Description:

This update for qemu fixes the following security issues:

- CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket causing DoS (bsc#1098735) - CVE-2018-11806: Prevent heap-based buffer overflow via incoming fragmented datagrams (bsc#1096223)

With this release the mitigations for Spectre v4 are moved the the patches from upstream (CVE-2018-3639, bsc#1092885).
Family:unixClass:patch
Status:Reference(s):1002734
1041447
1041470
1042812
1042826
1043289
1049072
1050896
1091836
1092885
1096223
1097410
1098735
1106873
1109673
1119069
1119105
1128829
1128963
1132728
1132729
1132732
1132734
1134718
1149294
1149295
1149296
1149297
1149298
1149299
1149303
1149304
1149324
1152497
1153165
1154217
1154448
1154456
1154458
1154460
1154461
1154464
1155945
1157888
1158003
1158004
1158005
1158006
1158007
1163927
1168630
1174628
1175476
CVE-2013-2002
CVE-2013-2005
CVE-2013-6393
CVE-2014-2525
CVE-2014-9130
CVE-2016-1000031
CVE-2017-11403
CVE-2017-9263
CVE-2017-9265
CVE-2017-9439
CVE-2017-9440
CVE-2017-9501
CVE-2018-0495
CVE-2018-11806
CVE-2018-12207
CVE-2018-12384
CVE-2018-12404
CVE-2018-12405
CVE-2018-12617
CVE-2018-17407
CVE-2018-17466
CVE-2018-18492
CVE-2018-18493
CVE-2018-18494
CVE-2018-18498
CVE-2018-3639
CVE-2019-10245
CVE-2019-11135
CVE-2019-11740
CVE-2019-11742
CVE-2019-11743
CVE-2019-11744
CVE-2019-11746
CVE-2019-11752
CVE-2019-11753
CVE-2019-14559
CVE-2019-14562
CVE-2019-14853
CVE-2019-14859
CVE-2019-18420
CVE-2019-18421
CVE-2019-18422
CVE-2019-18423
CVE-2019-18424
CVE-2019-18425
CVE-2019-19577
CVE-2019-19578
CVE-2019-19579
CVE-2019-19580
CVE-2019-19581
CVE-2019-19582
CVE-2019-19583
CVE-2019-2602
CVE-2019-2684
CVE-2019-2697
CVE-2019-2698
CVE-2019-9812
CVE-2020-14344
CVE-2020-6819
CVE-2020-6820
SUSE-SU-2017:2199-1
SUSE-SU-2017:2212-1
SUSE-SU-2018:2973-2
SUSE-SU-2018:3033-2
SUSE-SU-2018:4236-1
SUSE-SU-2019:1644-1
SUSE-SU-2019:2436-1
SUSE-SU-2019:3024-1
SUSE-SU-2019:3297-1
SUSE-SU-2020:0928-1
SUSE-SU-2020:2117-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gnome-settings-daemon-3.26.2-lp150.5 is installed
  • OR gnome-settings-daemon-lang-3.26.2-lp150.5 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • nodejs10-10.16.3-lp151.2.6 is installed
  • OR nodejs10-devel-10.16.3-lp151.2.6 is installed
  • OR nodejs10-docs-10.16.3-lp151.2.6 is installed
  • OR npm10-10.16.3-lp151.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • qemu-2.6.2-41.43 is installed
  • OR qemu-block-curl-2.6.2-41.43 is installed
  • OR qemu-block-rbd-2.6.2-41.43 is installed
  • OR qemu-block-ssh-2.6.2-41.43 is installed
  • OR qemu-guest-agent-2.6.2-41.43 is installed
  • OR qemu-ipxe-1.0.0-41.43 is installed
  • OR qemu-kvm-2.6.2-41.43 is installed
  • OR qemu-lang-2.6.2-41.43 is installed
  • OR qemu-seabios-1.9.1-41.43 is installed
  • OR qemu-sgabios-8-41.43 is installed
  • OR qemu-tools-2.6.2-41.43 is installed
  • OR qemu-vgabios-1.9.1-41.43 is installed
  • OR qemu-x86-2.6.2-41.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20180425-13.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libXt6-1.1.4-3 is installed
  • OR libXt6-32bit-1.1.4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.31 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed
  • OR python-2.7.13-28.31 is installed
  • OR python-32bit-2.7.13-28.31 is installed
  • OR python-base-2.7.13-28.31 is installed
  • OR python-base-32bit-2.7.13-28.31 is installed
  • OR python-curses-2.7.13-28.31 is installed
  • OR python-demo-2.7.13-28.31 is installed
  • OR python-devel-2.7.13-28.31 is installed
  • OR python-doc-2.7.13-28.31 is installed
  • OR python-doc-pdf-2.7.13-28.31 is installed
  • OR python-gdbm-2.7.13-28.31 is installed
  • OR python-idle-2.7.13-28.31 is installed
  • OR python-tk-2.7.13-28.31 is installed
  • OR python-xml-2.7.13-28.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_178-94_91-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_25-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND openvswitch-2.7.6-3.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND dosfstools-3.0.26-6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-ecdsa-0.13.3-5.10 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • tomcat-9.0.36-3.42 is installed
  • OR tomcat-admin-webapps-9.0.36-3.42 is installed
  • OR tomcat-docs-webapp-9.0.36-3.42 is installed
  • OR tomcat-el-3_0-api-9.0.36-3.42 is installed
  • OR tomcat-javadoc-9.0.36-3.42 is installed
  • OR tomcat-jsp-2_3-api-9.0.36-3.42 is installed
  • OR tomcat-lib-9.0.36-3.42 is installed
  • OR tomcat-servlet-4_0-api-9.0.36-3.42 is installed
  • OR tomcat-webapps-9.0.36-3.42 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • xen-4.9.4_06-3.59 is installed
  • OR xen-doc-html-4.9.4_06-3.59 is installed
  • OR xen-libs-4.9.4_06-3.59 is installed
  • OR xen-libs-32bit-4.9.4_06-3.59 is installed
  • OR xen-tools-4.9.4_06-3.59 is installed
  • OR xen-tools-domU-4.9.4_06-3.59 is installed
    • BACK