Oval Definition:	oval:org.opensuse.security:def:60620
Revision Date: 2020-12-01 Version: 1 Title: Security update for libvirt (Important) Description: This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). - CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303). Non-security issues fixed: - Fixed an issue with short bitmaps when setting vcpu affinity using the vcpupin (bsc#1138734). - Added support for overriding max threads per process limit (bsc#1133719) Family: unix Class: patch Status: Reference(s): 1010399 1010405 1010406 1010408 1010409 1010421 1010423 1010424 1010425 1010426 1025108 1030472 1030476 1033084 1033085 1033087 1033088 1033089 1033090 1043008 1047281 1050257 1051188 1060995 1060996 1061000 1072928 1074235 1092611 1092952 1093095 1095070 1106390 1107067 1109412 1109413 1109414 1111973 1111996 1112534 1112535 1112723 1112726 1113247 1113252 1113255 1116827 1118830 1118831 1120374 1120640 1121034 1121035 1121056 1122293 1122299 1123156 1123685 1125007 1133131 1133232 1133719 1136085 1137990 1138301 1138303 1138734 1139959 1140122 1141913 1142772 1146873 1149429 1149811 1154162 1154738 1159646 1159723 1159729 1160024 1160305 1160498 1161066 1163018 1163985 1164825 1166240 1170940 1171928 1173902 1173948 1173994 1174538 1176410 1177143 1177613 959933 983922 CVE-2016-10254 CVE-2016-10255 CVE-2016-2830 CVE-2016-5289 CVE-2016-5292 CVE-2016-9063 CVE-2016-9067 CVE-2016-9068 CVE-2016-9069 CVE-2016-9071 CVE-2016-9073 CVE-2016-9075 CVE-2016-9076 CVE-2016-9077 CVE-2017-11591 CVE-2017-11683 CVE-2017-14859 CVE-2017-14862 CVE-2017-14864 CVE-2017-17669 CVE-2017-7607 CVE-2017-7608 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2017-7789 CVE-2018-1000876 CVE-2018-10958 CVE-2018-10998 CVE-2018-11212 CVE-2018-11531 CVE-2018-16062 CVE-2018-16403 CVE-2018-17358 CVE-2018-17359 CVE-2018-17360 CVE-2018-17985 CVE-2018-18309 CVE-2018-18310 CVE-2018-18483 CVE-2018-18484 CVE-2018-18520 CVE-2018-18521 CVE-2018-18605 CVE-2018-18606 CVE-2018-18607 CVE-2018-19931 CVE-2018-19932 CVE-2018-20623 CVE-2018-20651 CVE-2018-20671 CVE-2018-5150 CVE-2018-5151 CVE-2018-5152 CVE-2018-5153 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5160 CVE-2018-5163 CVE-2018-5164 CVE-2018-5165 CVE-2018-5166 CVE-2018-5167 CVE-2018-5168 CVE-2018-5169 CVE-2018-5172 CVE-2018-5173 CVE-2018-5174 CVE-2018-5175 CVE-2018-5176 CVE-2018-5177 CVE-2018-5178 CVE-2018-5179 CVE-2018-5180 CVE-2018-5181 CVE-2018-5182 CVE-2018-5183 CVE-2019-0221 CVE-2019-1010180 CVE-2019-10161 CVE-2019-10167 CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-12068 CVE-2019-12418 CVE-2019-13012 CVE-2019-15890 CVE-2019-15903 CVE-2019-17015 CVE-2019-17016 CVE-2019-17017 CVE-2019-17021 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 CVE-2019-17563 CVE-2019-17569 CVE-2019-17571 CVE-2019-2422 CVE-2019-2974 CVE-2019-6778 CVE-2019-7150 CVE-2019-7665 CVE-2020-14318 CVE-2020-14323 CVE-2020-14383 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-1711 CVE-2020-1720 CVE-2020-1983 CVE-2020-25219 CVE-2020-26154 CVE-2020-6463 CVE-2020-6514 CVE-2020-7039 CVE-2020-8608 CVE-2020-9484 SUSE-SU-2018:3882-1 SUSE-SU-2019:0604-1 SUSE-SU-2019:1733-1 SUSE-SU-2019:1830-2 SUSE-SU-2019:2227-1 SUSE-SU-2019:2872-1 SUSE-SU-2020:0050-1 SUSE-SU-2020:0054-1 SUSE-SU-2020:1498-1 SUSE-SU-2020:1538-1 SUSE-SU-2020:2100-1 SUSE-SU-2020:2900-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libipa_hbac-devel-1.16.1-lp150.2.3 is installed OR libipa_hbac0-1.16.1-lp150.2.3 is installed OR libnfsidmap-sss-1.16.1-lp150.2.3 is installed OR libsss_certmap-devel-1.16.1-lp150.2.3 is installed OR libsss_certmap0-1.16.1-lp150.2.3 is installed OR libsss_idmap-devel-1.16.1-lp150.2.3 is installed OR libsss_idmap0-1.16.1-lp150.2.3 is installed OR libsss_nss_idmap-devel-1.16.1-lp150.2.3 is installed OR libsss_nss_idmap0-1.16.1-lp150.2.3 is installed OR libsss_simpleifp-devel-1.16.1-lp150.2.3 is installed OR libsss_simpleifp0-1.16.1-lp150.2.3 is installed OR python3-ipa_hbac-1.16.1-lp150.2.3 is installed OR python3-sss-murmur-1.16.1-lp150.2.3 is installed OR python3-sss_nss_idmap-1.16.1-lp150.2.3 is installed OR python3-sssd-config-1.16.1-lp150.2.3 is installed OR sssd-1.16.1-lp150.2.3 is installed OR sssd-32bit-1.16.1-lp150.2.3 is installed OR sssd-ad-1.16.1-lp150.2.3 is installed OR sssd-dbus-1.16.1-lp150.2.3 is installed OR sssd-ipa-1.16.1-lp150.2.3 is installed OR sssd-krb5-1.16.1-lp150.2.3 is installed OR sssd-krb5-common-1.16.1-lp150.2.3 is installed OR sssd-ldap-1.16.1-lp150.2.3 is installed OR sssd-proxy-1.16.1-lp150.2.3 is installed OR sssd-tools-1.16.1-lp150.2.3 is installed OR sssd-wbclient-1.16.1-lp150.2.3 is installed OR sssd-wbclient-devel-1.16.1-lp150.2.3 is installed OR sssd-winbind-idmap-1.16.1-lp150.2.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND clementine-1.3.1-lp151.3.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information ruby2.5-rubygem-puma-4.3.5-lp152.4.3 is installed OR ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3 is installed OR rubygem-puma-4.3.5-lp152.4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information exiv2-0.23-12.5 is installed OR libexiv2-12-0.23-12.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND binutils-2.32-9.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND log4j-1.2.15-126.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsystemd0-228-150.58 is installed OR libsystemd0-32bit-228-150.58 is installed OR libudev1-228-150.58 is installed OR libudev1-32bit-228-150.58 is installed OR systemd-228-150.58 is installed OR systemd-32bit-228-150.58 is installed OR systemd-bash-completion-228-150.58 is installed OR systemd-sysvinit-228-150.58 is installed OR udev-228-150.58 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information at-3.1.14-8.6 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.7+2.3.4-4.7 is installed OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information apache2-2.4.23-29.63 is installed OR apache2-doc-2.4.23-29.63 is installed OR apache2-example-pages-2.4.23-29.63 is installed OR apache2-prefork-2.4.23-29.63 is installed OR apache2-utils-2.4.23-29.63 is installed OR apache2-worker-2.4.23-29.63 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.25-3.19 is installed OR mariadb-galera-10.2.25-3.19 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-requests-2.20.1-4.3 is installed
BACK