Oval Definition:	oval:org.opensuse.security:def:59680
Revision Date: 2020-12-01 Version: 1 Title: Security update for shim (Moderate) Description: This update for shim fixes the following issues: - Update to the unified shim binary from SUSE Linux Enterprise 15-SP1 (bsc#1168994) This update addresses the 'BootHole' security issue (master CVE CVE-2020-10713), by disallowing binaries signed by the previous SUSE UEFI signing key from booting. This update should only be installed after updates of grub2, the Linux kernel and (if used) Xen from July / August 2020 are applied. Additional fixes: + shim-install: install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656) Family: unix Class: patch Status: Reference(s): 1005778 1005780 1005781 1006166 1012382 1012917 1015342 1015343 1019784 1022476 1022595 1022912 1024296 1024376 1031395 1031492 1031717 1037838 1038078 1038085 1040182 1043652 1048325 1048367 1048585 1053472 1060279 1062129 1065000 1066163 1066223 1068032 1068038 1068310 1068569 1068984 1069138 1069160 1069509 1070052 1070799 1072163 1072484 1073229 1073928 1074134 1074488 1074621 1074709 1074839 1074847 1075066 1075078 1075087 1075091 1075397 1075428 1075617 1075621 1075627 1075811 1075994 1076017 1076110 1076187 1076232 1076805 1076847 1076872 1076899 1077068 1077560 1077592 1077704 1077871 1077993 1078002 1078681 1078806 1078813 1087066 1090023 1090024 1090025 1090026 1090027 1090028 1090029 1090030 1090032 1090033 1090638 1093414 1104076 1109663 1109847 1111056 1112209 1113534 1113652 1113742 1119947 1138459 1140868 1150734 1152497 1154448 1154456 1154458 1154461 1155945 1157198 1157888 1158003 1158004 1158005 1158006 1158007 1161181 1162002 1168994 1170383 1171189 1171191 1171220 1171732 1171988 1172049 1172453 1172458 1172775 1172781 1172782 1172783 1172999 1173274 1174115 1174462 1174543 1175626 1175656 963844 966170 966172 973818 985025 CVE-2008-1483 CVE-2016-2851 CVE-2016-5131 CVE-2017-15129 CVE-2017-15412 CVE-2017-15906 CVE-2017-17712 CVE-2017-17833 CVE-2017-17862 CVE-2017-17864 CVE-2017-18017 CVE-2017-5130 CVE-2017-5715 CVE-2018-0734 CVE-2018-1000004 CVE-2018-1000802 CVE-2018-12207 CVE-2018-12472 CVE-2018-14647 CVE-2018-16884 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-5332 CVE-2018-5333 CVE-2018-5407 CVE-2019-10160 CVE-2019-11135 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-18420 CVE-2019-18421 CVE-2019-18424 CVE-2019-18425 CVE-2019-19577 CVE-2019-19578 CVE-2019-19579 CVE-2019-19580 CVE-2019-19581 CVE-2019-19583 CVE-2019-20810 CVE-2019-20812 CVE-2019-3688 CVE-2019-3690 CVE-2019-9811 CVE-2020-0305 CVE-2020-10135 CVE-2020-10711 CVE-2020-10713 CVE-2020-10732 CVE-2020-10751 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10773 CVE-2020-12771 CVE-2020-13974 CVE-2020-14416 CVE-2020-14422 CVE-2020-7211 SUSE-SU-2017:3230-1 SUSE-SU-2018:0383-1 SUSE-SU-2018:0401-1 SUSE-SU-2018:3467-1 SUSE-SU-2019:2053-1 SUSE-SU-2019:3180-1 SUSE-SU-2020:0334-1 SUSE-SU-2020:1939-1 SUSE-SU-2020:2628-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND tftp-5.2-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information qbittorrent-4.1.5-lp151.2.3 is installed OR qbittorrent-nox-4.1.5-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND shim-15+git47-22.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND libotr5-4.0.0-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND binutils-2.32-9.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ghostscript-9.25-23.13 is installed OR ghostscript-x11-9.25-23.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND dstat-0.7.3-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information ghostscript-9.52-23.39 is installed OR ghostscript-x11-9.52-23.39 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND permissions-2015.09.28.1626-17.20 is installed
BACK