OVAL Reference oval:org.opensuse.security:def:60652

Oval Definition:

oval:org.opensuse.security:def:60652

Revision Date:	2020-12-01	Version:	1
Title:	Security update for libseccomp (Moderate)
Description:	This update for libseccomp fixes the following issues: Update to new upstream release 2.4.1: Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 (bsc#1128828 CVE-2019-9893): Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS action * Added support for the SCMP_ACT_LOG action and SCMP_FLTATR_CTL_LOG attribute * Added explicit 32-bit (SCMP_AX_32(...)) and 64-bit (SCMP_AX_64(...)) argument comparison macros to help protect against unexpected sign extension * Added support for the parisc and parisc64 architectures * Added the ability to query and set the libseccomp API level via seccomp_api_get(3) and seccomp_api_set(3) * Return -EDOM on an endian mismatch when adding an architecture to a filter * Renumber the pseudo syscall number for subpage_prot() so it no longer conflicts with spu_run() * Fix PFC generation when a syscall is prioritized, but no rule exists * Numerous fixes to the seccomp-bpf filter generation code * Switch our internal hashing function to jhash/Lookup3 to MurmurHash3 * Numerous tests added to the included test suite, coverage now at ~92% * Update our Travis CI configuration to use Ubuntu 16.04 * Numerous documentation fixes and updates Update to release 2.3.3: Updated the syscall table for Linux v4.15-rc7 Update to release 2.3.2: Achieved full compliance with the CII Best Practices program * Added Travis CI builds to the GitHub repository * Added code coverage reporting with the '--enable-code-coverage' configure flag and added Coveralls to the GitHub repository * Updated the syscall tables to match Linux v4.10-rc6+ * Support for building with Python v3.x * Allow rules with the -1 syscall if the SCMP\_FLTATR\_API\_TSKIP attribute is set to true * Several small documentation fixes - ignore make check error for ppc64/ppc64le, bypass bsc#1142614
Family:	unix	Class:	patch
Status:		Reference(s):	1043886 1048715 1071767 1071777 1082318 1083507 1100167 1111331 1112758 1113160 1128828 1131886 1133719 1134195 1138301 1138303 1138734 1138743 1138822 1141661 1142038 1142614 1143913 1148177 1150011 1153090 1153108 1153277 1154849 1154940 1154968 1155372 1156317 1156321 1156331 1157471 1157770 1159913 1163871 1165631 1165921 1167231 1168310 1170231 1170557 1171687 1172462 1172515 1173576 1173613 1176315 963041 CVE-2017-17456 CVE-2017-17457 CVE-2017-18207 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-13139 CVE-2018-16839 CVE-2018-20856 CVE-2019-10161 CVE-2019-10167 CVE-2019-10215 CVE-2019-10220 CVE-2019-11091 CVE-2019-13272 CVE-2019-14822 CVE-2019-14834 CVE-2019-15043 CVE-2019-15239 CVE-2019-19191 CVE-2019-5108 CVE-2019-9893 CVE-2020-12245 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-13379 CVE-2020-1749 CVE-2020-17507 SUSE-SU-2017:2035-1 SUSE-SU-2018:0510-1 SUSE-SU-2019:0996-1 SUSE-SU-2019:1954-1 SUSE-SU-2019:2227-2 SUSE-SU-2019:2389-1 SUSE-SU-2019:2941-1 SUSE-SU-2020:0115-1 SUSE-SU-2020:0419-1 SUSE-SU-2020:1899-1 SUSE-SU-2020:1970-1 SUSE-SU-2020:2751-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information ImageMagick-7.0.7.34-lp150.2.9 is installed OR ImageMagick-devel-7.0.7.34-lp150.2.9 is installed OR ImageMagick-devel-32bit-7.0.7.34-lp150.2.9 is installed OR ImageMagick-doc-7.0.7.34-lp150.2.9 is installed OR ImageMagick-extra-7.0.7.34-lp150.2.9 is installed OR libMagick++-7_Q16HDRI4-7.0.7.34-lp150.2.9 is installed OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp150.2.9 is installed OR libMagick++-devel-7.0.7.34-lp150.2.9 is installed OR libMagick++-devel-32bit-7.0.7.34-lp150.2.9 is installed OR libMagickCore-7_Q16HDRI6-7.0.7.34-lp150.2.9 is installed OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.9 is installed OR libMagickWand-7_Q16HDRI6-7.0.7.34-lp150.2.9 is installed OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp150.2.9 is installed OR perl-PerlMagick-7.0.7.34-lp150.2.9 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information gvim-8.0.1568-lp151.5.3 is installed OR vim-8.0.1568-lp151.5.3 is installed OR vim-data-8.0.1568-lp151.5.3 is installed OR vim-data-common-8.0.1568-lp151.5.3 is installed
Definition Synopsis
openSUSE Leap 15.2 is installed AND Package Information libX11-1.6.5-lp152.5.3 is installed OR libX11-6-1.6.5-lp152.5.3 is installed OR libX11-6-32bit-1.6.5-lp152.5.3 is installed OR libX11-data-1.6.5-lp152.5.3 is installed OR libX11-devel-1.6.5-lp152.5.3 is installed OR libX11-devel-32bit-1.6.5-lp152.5.3 is installed OR libX11-xcb1-1.6.5-lp152.5.3 is installed OR libX11-xcb1-32bit-1.6.5-lp152.5.3 is installed OR libxcb-1.13-lp152.5.3 is installed OR libxcb-composite0-1.13-lp152.5.3 is installed OR libxcb-composite0-32bit-1.13-lp152.5.3 is installed OR libxcb-damage0-1.13-lp152.5.3 is installed OR libxcb-damage0-32bit-1.13-lp152.5.3 is installed OR libxcb-devel-1.13-lp152.5.3 is installed OR libxcb-devel-32bit-1.13-lp152.5.3 is installed OR libxcb-devel-doc-1.13-lp152.5.3 is installed OR libxcb-dpms0-1.13-lp152.5.3 is installed OR libxcb-dpms0-32bit-1.13-lp152.5.3 is installed OR libxcb-dri2-0-1.13-lp152.5.3 is installed OR libxcb-dri2-0-32bit-1.13-lp152.5.3 is installed OR libxcb-dri3-0-1.13-lp152.5.3 is installed OR libxcb-dri3-0-32bit-1.13-lp152.5.3 is installed OR libxcb-glx0-1.13-lp152.5.3 is installed OR libxcb-glx0-32bit-1.13-lp152.5.3 is installed OR libxcb-present0-1.13-lp152.5.3 is installed OR libxcb-present0-32bit-1.13-lp152.5.3 is installed OR libxcb-randr0-1.13-lp152.5.3 is installed OR libxcb-randr0-32bit-1.13-lp152.5.3 is installed OR libxcb-record0-1.13-lp152.5.3 is installed OR libxcb-record0-32bit-1.13-lp152.5.3 is installed OR libxcb-render0-1.13-lp152.5.3 is installed OR libxcb-render0-32bit-1.13-lp152.5.3 is installed OR libxcb-res0-1.13-lp152.5.3 is installed OR libxcb-res0-32bit-1.13-lp152.5.3 is installed OR libxcb-screensaver0-1.13-lp152.5.3 is installed OR libxcb-screensaver0-32bit-1.13-lp152.5.3 is installed OR libxcb-shape0-1.13-lp152.5.3 is installed OR libxcb-shape0-32bit-1.13-lp152.5.3 is installed OR libxcb-shm0-1.13-lp152.5.3 is installed OR libxcb-shm0-32bit-1.13-lp152.5.3 is installed OR libxcb-sync1-1.13-lp152.5.3 is installed OR libxcb-sync1-32bit-1.13-lp152.5.3 is installed OR libxcb-xf86dri0-1.13-lp152.5.3 is installed OR libxcb-xf86dri0-32bit-1.13-lp152.5.3 is installed OR libxcb-xfixes0-1.13-lp152.5.3 is installed OR libxcb-xfixes0-32bit-1.13-lp152.5.3 is installed OR libxcb-xinerama0-1.13-lp152.5.3 is installed OR libxcb-xinerama0-32bit-1.13-lp152.5.3 is installed OR libxcb-xinput0-1.13-lp152.5.3 is installed OR libxcb-xinput0-32bit-1.13-lp152.5.3 is installed OR libxcb-xkb1-1.13-lp152.5.3 is installed OR libxcb-xkb1-32bit-1.13-lp152.5.3 is installed OR libxcb-xtest0-1.13-lp152.5.3 is installed OR libxcb-xtest0-32bit-1.13-lp152.5.3 is installed OR libxcb-xv0-1.13-lp152.5.3 is installed OR libxcb-xv0-32bit-1.13-lp152.5.3 is installed OR libxcb-xvmc0-1.13-lp152.5.3 is installed OR libxcb-xvmc0-32bit-1.13-lp152.5.3 is installed OR libxcb1-1.13-lp152.5.3 is installed OR libxcb1-32bit-1.13-lp152.5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libmysqlclient18-10.0.31-29.3 is installed OR libmysqlclient18-32bit-10.0.31-29.3 is installed OR mariadb-10.0.31-29.3 is installed OR mariadb-client-10.0.31-29.3 is installed OR mariadb-errormessages-10.0.31-29.3 is installed OR mariadb-tools-10.0.31-29.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpython2_7-1_0-2.7.13-28.8 is installed OR libpython2_7-1_0-32bit-2.7.13-28.8 is installed OR python-2.7.13-28.8 is installed OR python-32bit-2.7.13-28.8 is installed OR python-base-2.7.13-28.8 is installed OR python-base-32bit-2.7.13-28.8 is installed OR python-curses-2.7.13-28.8 is installed OR python-demo-2.7.13-28.8 is installed OR python-doc-2.7.13-28.8 is installed OR python-doc-pdf-2.7.13-28.8 is installed OR python-gdbm-2.7.13-28.8 is installed OR python-idle-2.7.13-28.8 is installed OR python-tk-2.7.13-28.8 is installed OR python-xml-2.7.13-28.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-requests-2.20.1-4.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ibus-1.5.13-15.11 is installed OR ibus-gtk-1.5.13-15.11 is installed OR ibus-gtk3-1.5.13-15.11 is installed OR ibus-lang-1.5.13-15.11 is installed OR libibus-1_0-5-1.5.13-15.11 is installed OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information libdcerpc-binding0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc-binding0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-doc-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed

BACK