Oval Definition:oval:org.opensuse.security:def:60117
Revision Date:2020-12-01Version:1
Title:Security update for grub2 (Important)
Description:

This update for grub2 fixes the following issues:

- Fix for CVE-2020-10713 (bsc#1168994) - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) - Fix for CVE-2020-15706 (bsc#1174463) - Fix for CVE-2020-15707 (bsc#1174570)

- Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data - Use gcc-9 compiler for overflow check builtins - Backport gcc-9 build fixes - Fix packed-not-aligned error on GCC 8 (bsc#1084632) - Backport gcc-7 build fixes
Family:unixClass:patch
Status:Reference(s):1068689
1077993
1078806
1078813
1083630
1084632
1114592
1135254
1140738
1141329
1141332
1141897
1142649
1142654
1145604
1148517
1149145
1151021
1160467
1160468
1166751
1168994
1173812
1173991
1174284
1174463
1174570
1174628
1175686
CVE-2010-2252
CVE-2012-4425
CVE-2012-4929
CVE-2013-1983
CVE-2013-6473
CVE-2013-6474
CVE-2013-6475
CVE-2013-6476
CVE-2014-2707
CVE-2014-2977
CVE-2014-2978
CVE-2014-4336
CVE-2014-4337
CVE-2014-4338
CVE-2014-4877
CVE-2015-2059
CVE-2015-2265
CVE-2015-3258
CVE-2015-3279
CVE-2015-8327
CVE-2015-8560
CVE-2016-4971
CVE-2016-5131
CVE-2016-7098
CVE-2016-7944
CVE-2017-12627
CVE-2017-15412
CVE-2017-16852
CVE-2017-18379
CVE-2017-5130
CVE-2017-6508
CVE-2019-12525
CVE-2019-12529
CVE-2019-13345
CVE-2019-14250
CVE-2019-14835
CVE-2019-14896
CVE-2019-14897
CVE-2019-15847
CVE-2020-0556
CVE-2020-10713
CVE-2020-14308
CVE-2020-14309
CVE-2020-14310
CVE-2020-14311
CVE-2020-14344
CVE-2020-15663
CVE-2020-15664
CVE-2020-15670
CVE-2020-15706
CVE-2020-15707
SUSE-SU-2017:3215-1
SUSE-SU-2018:0401-1
SUSE-SU-2019:2089-2
SUSE-SU-2020:0394-1
SUSE-SU-2020:2196-1
SUSE-SU-2020:2225-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libwireshark9-2.4.11-lp150.2.16 is installed
  • OR libwiretap7-2.4.11-lp150.2.16 is installed
  • OR libwscodecs1-2.4.11-lp150.2.16 is installed
  • OR libwsutil8-2.4.11-lp150.2.16 is installed
  • OR wireshark-2.4.11-lp150.2.16 is installed
  • OR wireshark-devel-2.4.11-lp150.2.16 is installed
  • OR wireshark-ui-qt-2.4.11-lp150.2.16 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • httpie-1.0.3-lp151.2.3 is installed
  • OR python3-httpie-1.0.3-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • grub2-2.02~beta2-115.49 is installed
  • OR grub2-i386-pc-2.02~beta2-115.49 is installed
  • OR grub2-snapper-plugin-2.02~beta2-115.49 is installed
  • OR grub2-systemd-sleep-plugin-2.02~beta2-115.49 is installed
  • OR grub2-x86_64-efi-2.02~beta2-115.49 is installed
  • OR grub2-x86_64-xen-2.02~beta2-115.49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND ucode-intel-20200602-13.68 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_100-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libpolkit0-0.113-5.12 is installed
  • OR polkit-0.113-5.12 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_nss-1.0.14-19.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.70-38.56 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.70-38.56 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.70-38.56 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.70-38.56 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.70-38.56 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND squid-3.5.21-26.17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • kernel-default-4.12.14-95.57 is installed
  • OR kernel-default-base-4.12.14-95.57 is installed
  • OR kernel-default-devel-4.12.14-95.57 is installed
  • OR kernel-devel-4.12.14-95.57 is installed
  • OR kernel-macros-4.12.14-95.57 is installed
  • OR kernel-source-4.12.14-95.57 is installed
  • OR kernel-syms-4.12.14-95.57 is installed
    • BACK