OVAL Reference oval:org.opensuse.security:def:59857

Oval Definition:

oval:org.opensuse.security:def:59857

Revision Date:	2021-03-02	Version:	1
Title:	Security update for grub2 (Important)
Description:	This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057) Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)
Family:	unix	Class:	patch
Status:		Reference(s):	1000396 1001299 1027519 1052916 1086247 1104129 1106383 1111331 1112852 1119553 1119554 1119555 1119556 1119557 1119558 1119947 1120095 1126068 1126069 1130680 1133185 1133495 1135902 1137443 1139459 1140402 1143794 1144903 1151377 1151506 1153108 1153158 1153161 1154043 1155574 1155787 1156482 1159814 1160968 1162108 1169511 1171352 1172277 1175970 1176711 1177883 1178512 1179264 1179265 1182057 1182262 1182263 CVE-2008-4316 CVE-2012-3524 CVE-2016-0634 CVE-2016-7543 CVE-2017-2518 CVE-2017-2885 CVE-2018-12126 CVE-2018-12126 CVE-2018-12127 CVE-2018-12127 CVE-2018-12130 CVE-2018-12130 CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 CVE-2018-16884 CVE-2018-20815 CVE-2018-4437 CVE-2018-4438 CVE-2018-4441 CVE-2018-4442 CVE-2018-4443 CVE-2018-4464 CVE-2018-5740 CVE-2018-5743 CVE-2018-5745 CVE-2019-10220 CVE-2019-11091 CVE-2019-11091 CVE-2019-12155 CVE-2019-12735 CVE-2019-13164 CVE-2019-14378 CVE-2019-17133 CVE-2019-2949 CVE-2019-6465 CVE-2020-14372 CVE-2020-1712 CVE-2020-25632 CVE-2020-25647 CVE-2020-2654 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-27749 CVE-2020-27779 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-28196 CVE-2020-2830 CVE-2021-20225 CVE-2021-20233 SUSE-SU-2017:2129-1 SUSE-SU-2018:3749-1 SUSE-SU-2019:0146-1 SUSE-SU-2019:1456-1 SUSE-SU-2019:1954-1 SUSE-SU-2019:3050-1 SUSE-SU-2020:0331-1 SUSE-SU-2021:0681-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND less-530-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND system-user-root-20190513-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information bash-4.3-83.10 is installed OR bash-doc-4.3-83.10 is installed OR libreadline6-6.3-83.10 is installed OR libreadline6-32bit-6.3-83.10 is installed OR readline-doc-6.3-83.10 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information glib2-lang-2.48.2-10 is installed OR glib2-tools-2.48.2-10 is installed OR libgio-2_0-0-2.48.2-10 is installed OR libgio-2_0-0-32bit-2.48.2-10 is installed OR libglib-2_0-0-2.48.2-10 is installed OR libglib-2_0-0-32bit-2.48.2-10 is installed OR libgmodule-2_0-0-2.48.2-10 is installed OR libgmodule-2_0-0-32bit-2.48.2-10 is installed OR libgobject-2_0-0-2.48.2-10 is installed OR libgobject-2_0-0-32bit-2.48.2-10 is installed OR libgthread-2_0-0-2.48.2-10 is installed OR libgthread-2_0-0-32bit-2.48.2-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND shim-15+git47-25.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_156-94_64-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_20-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND mutt-1.10.1-55.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information augeas-1.2.0-17.3 is installed OR augeas-lenses-1.2.0-17.3 is installed OR libaugeas0-1.2.0-17.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information grub2-2.02-12.47.1 is installed OR grub2-arm64-efi-2.02-12.47.1 is installed OR grub2-i386-pc-2.02-12.47.1 is installed OR grub2-powerpc-ieee1275-2.02-12.47.1 is installed OR grub2-s390x-emu-2.02-12.47.1 is installed OR grub2-snapper-plugin-2.02-12.47.1 is installed OR grub2-systemd-sleep-plugin-2.02-12.47.1 is installed OR grub2-x86_64-efi-2.02-12.47.1 is installed OR grub2-x86_64-xen-2.02-12.47.1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libsqlite3-0-3.8.10.2-9.15 is installed OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed OR sqlite3-3.8.10.2-9.15 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information tomcat-9.0.36-3.42 is installed OR tomcat-admin-webapps-9.0.36-3.42 is installed OR tomcat-docs-webapp-9.0.36-3.42 is installed OR tomcat-el-3_0-api-9.0.36-3.42 is installed OR tomcat-javadoc-9.0.36-3.42 is installed OR tomcat-jsp-2_3-api-9.0.36-3.42 is installed OR tomcat-lib-9.0.36-3.42 is installed OR tomcat-servlet-4_0-api-9.0.36-3.42 is installed OR tomcat-webapps-9.0.36-3.42 is installed

BACK