OVAL Reference oval:org.opensuse.security:def:60467

Oval Definition:

oval:org.opensuse.security:def:60467

Revision Date:	2021-03-02	Version:	1
Title:	Security update for grub2 (Important)
Description:	This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. (bsc#1182057) Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command (bsc#1176711) - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize() (bsc#1177883) - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline (bsc#1179264) - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode (bsc#1179265 bsc#1175970) - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser (bsc#1182262) - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting (bsc#1182263)
Family:	unix	Class:	patch
Status:		Reference(s):	1013721 1013877 1026652 1043983 1048072 1055265 1056286 1056782 1057342 1058754 1058755 1058757 1062452 1069607 1069632 1073002 1077003 1077006 1078782 1082007 1082008 1082009 1082010 1082011 1082014 1082058 1087433 1087434 1087436 1087437 1087440 1087441 1092540 1112530 1112532 1112758 1124593 1130611 1130617 1130620 1130622 1130623 1130627 1131886 1135170 1137832 1144903 1152990 1152992 1152994 1152995 1153108 1153158 1153161 1154328 1154824 1156317 1156321 1156331 1156353 1157770 1171517 1172275 1172466 1175970 1176711 1177883 1179264 1179265 1182057 1182262 1182263 CVE-2009-0790 CVE-2010-2242 CVE-2011-1146 CVE-2011-2489 CVE-2011-2490 CVE-2011-2511 CVE-2011-4600 CVE-2012-2388 CVE-2012-3445 CVE-2013-0170 CVE-2013-1962 CVE-2013-2218 CVE-2013-2230 CVE-2013-2944 CVE-2013-4153 CVE-2013-4154 CVE-2013-4239 CVE-2013-4296 CVE-2013-4297 CVE-2013-4311 CVE-2013-4399 CVE-2013-4400 CVE-2013-4401 CVE-2013-5018 CVE-2013-6075 CVE-2013-6076 CVE-2013-6436 CVE-2013-6456 CVE-2013-6457 CVE-2013-6458 CVE-2014-0028 CVE-2014-0179 CVE-2014-1447 CVE-2014-2338 CVE-2014-3633 CVE-2014-3657 CVE-2014-7823 CVE-2014-8131 CVE-2014-9221 CVE-2015-0236 CVE-2015-4171 CVE-2015-5247 CVE-2015-5313 CVE-2015-8023 CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2016-7837 CVE-2016-9800 CVE-2016-9804 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-1000250 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2017-2635 CVE-2017-9022 CVE-2017-9023 CVE-2017-9228 CVE-2017-9229 CVE-2018-1000024 CVE-2018-1000027 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-1046 CVE-2018-16395 CVE-2018-16396 CVE-2018-16839 CVE-2018-20856 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2019-10220 CVE-2019-12749 CVE-2019-13272 CVE-2019-15239 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-17133 CVE-2019-3693 CVE-2019-5436 CVE-2019-7164 CVE-2019-7548 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-10663 CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 SUSE-SU-2018:0636-1 SUSE-SU-2018:1660-1 SUSE-SU-2018:1778-1 SUSE-SU-2019:0996-1 SUSE-SU-2019:1363-1 SUSE-SU-2019:2261-1 SUSE-SU-2019:2820-2 SUSE-SU-2019:3076-1 SUSE-SU-2020:1570-1 SUSE-SU-2020:1595-1 SUSE-SU-2021:0681-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information apache2-mod_php7-7.2.5-lp150.2.29 is installed OR php7-7.2.5-lp150.2.29 is installed OR php7-bcmath-7.2.5-lp150.2.29 is installed OR php7-bz2-7.2.5-lp150.2.29 is installed OR php7-calendar-7.2.5-lp150.2.29 is installed OR php7-ctype-7.2.5-lp150.2.29 is installed OR php7-curl-7.2.5-lp150.2.29 is installed OR php7-dba-7.2.5-lp150.2.29 is installed OR php7-devel-7.2.5-lp150.2.29 is installed OR php7-dom-7.2.5-lp150.2.29 is installed OR php7-embed-7.2.5-lp150.2.29 is installed OR php7-enchant-7.2.5-lp150.2.29 is installed OR php7-exif-7.2.5-lp150.2.29 is installed OR php7-fastcgi-7.2.5-lp150.2.29 is installed OR php7-fileinfo-7.2.5-lp150.2.29 is installed OR php7-firebird-7.2.5-lp150.2.29 is installed OR php7-fpm-7.2.5-lp150.2.29 is installed OR php7-ftp-7.2.5-lp150.2.29 is installed OR php7-gd-7.2.5-lp150.2.29 is installed OR php7-gettext-7.2.5-lp150.2.29 is installed OR php7-gmp-7.2.5-lp150.2.29 is installed OR php7-iconv-7.2.5-lp150.2.29 is installed OR php7-intl-7.2.5-lp150.2.29 is installed OR php7-json-7.2.5-lp150.2.29 is installed OR php7-ldap-7.2.5-lp150.2.29 is installed OR php7-mbstring-7.2.5-lp150.2.29 is installed OR php7-mysql-7.2.5-lp150.2.29 is installed OR php7-odbc-7.2.5-lp150.2.29 is installed OR php7-opcache-7.2.5-lp150.2.29 is installed OR php7-openssl-7.2.5-lp150.2.29 is installed OR php7-pcntl-7.2.5-lp150.2.29 is installed OR php7-pdo-7.2.5-lp150.2.29 is installed OR php7-pear-7.2.5-lp150.2.29 is installed OR php7-pear-Archive_Tar-7.2.5-lp150.2.29 is installed OR php7-pgsql-7.2.5-lp150.2.29 is installed OR php7-phar-7.2.5-lp150.2.29 is installed OR php7-posix-7.2.5-lp150.2.29 is installed OR php7-readline-7.2.5-lp150.2.29 is installed OR php7-shmop-7.2.5-lp150.2.29 is installed OR php7-snmp-7.2.5-lp150.2.29 is installed OR php7-soap-7.2.5-lp150.2.29 is installed OR php7-sockets-7.2.5-lp150.2.29 is installed OR php7-sodium-7.2.5-lp150.2.29 is installed OR php7-sqlite-7.2.5-lp150.2.29 is installed OR php7-sysvmsg-7.2.5-lp150.2.29 is installed OR php7-sysvsem-7.2.5-lp150.2.29 is installed OR php7-sysvshm-7.2.5-lp150.2.29 is installed OR php7-test-7.2.5-lp150.2.29 is installed OR php7-tidy-7.2.5-lp150.2.29 is installed OR php7-tokenizer-7.2.5-lp150.2.29 is installed OR php7-wddx-7.2.5-lp150.2.29 is installed OR php7-xmlreader-7.2.5-lp150.2.29 is installed OR php7-xmlrpc-7.2.5-lp150.2.29 is installed OR php7-xmlwriter-7.2.5-lp150.2.29 is installed OR php7-xsl-7.2.5-lp150.2.29 is installed OR php7-zip-7.2.5-lp150.2.29 is installed OR php7-zlib-7.2.5-lp150.2.29 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information chromedriver-74.0.3729.157-lp151.2.3 is installed OR chromium-74.0.3729.157-lp151.2.3 is installed
Definition Synopsis
openSUSE Leap 15.2 is installed AND Package Information ruby2.5-rubygem-puma-4.3.5-lp152.4.3 is installed OR ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3 is installed OR rubygem-puma-4.3.5-lp152.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libvirt-3.3.0-4 is installed OR libvirt-admin-3.3.0-4 is installed OR libvirt-client-3.3.0-4 is installed OR libvirt-daemon-3.3.0-4 is installed OR libvirt-daemon-config-network-3.3.0-4 is installed OR libvirt-daemon-config-nwfilter-3.3.0-4 is installed OR libvirt-daemon-driver-interface-3.3.0-4 is installed OR libvirt-daemon-driver-libxl-3.3.0-4 is installed OR libvirt-daemon-driver-lxc-3.3.0-4 is installed OR libvirt-daemon-driver-network-3.3.0-4 is installed OR libvirt-daemon-driver-nodedev-3.3.0-4 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-4 is installed OR libvirt-daemon-driver-qemu-3.3.0-4 is installed OR libvirt-daemon-driver-secret-3.3.0-4 is installed OR libvirt-daemon-driver-storage-3.3.0-4 is installed OR libvirt-daemon-driver-storage-core-3.3.0-4 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-4 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-4 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-4 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-4 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-4 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-4 is installed OR libvirt-daemon-lxc-3.3.0-4 is installed OR libvirt-daemon-qemu-3.3.0-4 is installed OR libvirt-daemon-xen-3.3.0-4 is installed OR libvirt-doc-3.3.0-4 is installed OR libvirt-libs-3.3.0-4 is installed OR libvirt-lock-sanlock-3.3.0-4 is installed OR libvirt-nss-3.3.0-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libruby2_1-2_1-2.1.9-19.3 is installed OR ruby2.1-2.1.9-19.3 is installed OR ruby2.1-stdlib-2.1.9-19.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND clamav-0.100.1-33.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information ghostscript-9.52-23.39 is installed OR ghostscript-x11-9.52-23.39 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND grub2-2.02-12.47.1 is installed OR grub2-arm64-efi-2.02-12.47.1 is installed OR grub2-i386-pc-2.02-12.47.1 is installed OR grub2-powerpc-ieee1275-2.02-12.47.1 is installed OR grub2-s390x-emu-2.02-12.47.1 is installed OR grub2-snapper-plugin-2.02-12.47.1 is installed OR grub2-systemd-sleep-plugin-2.02-12.47.1 is installed OR grub2-x86_64-efi-2.02-12.47.1 is installed OR grub2-x86_64-xen-2.02-12.47.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND grub2-2.02-12.47.1 is installed OR grub2-arm64-efi-2.02-12.47.1 is installed OR grub2-i386-pc-2.02-12.47.1 is installed OR grub2-powerpc-ieee1275-2.02-12.47.1 is installed OR grub2-s390x-emu-2.02-12.47.1 is installed OR grub2-snapper-plugin-2.02-12.47.1 is installed OR grub2-systemd-sleep-plugin-2.02-12.47.1 is installed OR grub2-x86_64-efi-2.02-12.47.1 is installed OR grub2-x86_64-xen-2.02-12.47.1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information pdns-4.1.2-3.3 is installed OR pdns-backend-mysql-4.1.2-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-SQLAlchemy-1.2.10-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND mailman-2.1.17-3.11 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed OR libwebkit2gtk3-lang-2.28.3-2.56 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed OR webkit2gtk3-2.28.3-2.56 is installed

BACK