OVAL Reference oval:org.opensuse.security:def:6068

Oval Definition:

oval:org.opensuse.security:def:6068

Revision Date:	2022-06-10	Version:	1
Title:	Security update for grub2 (Important)
Description:	This update for grub2 fixes the following issues: Security fixes and hardenings for boothole 3 / boothole 2022 (bsc#1198581) - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap (bsc#1191184) - CVE-2021-3696: Fixed that a crafted PNG image could lead to out-of-bound write during huffman table handling (bsc#1191185) - CVE-2021-3697: Fixed that a crafted JPEG image could lead to buffer underflow write in the heap (bsc#1191186) - CVE-2022-28733: Fixed fragmentation math in net/ip (bsc#1198460) - CVE-2022-28734: Fixed an out-of-bound write for split http headers (bsc#1198493) - CVE-2022-28736: Fixed a use-after-free in chainloader command (bsc#1198496) - Update SBAT security contact (bsc#1193282) - Bump grub's SBAT generation to 2 - Use boot disks in OpenFirmware, fixing regression caused when the root LV is completely in the boot LUN (bsc#1197948)
Family:	unix	Class:	patch
Status:		Reference(s):	1186151 1191184 1191185 1191186 1193282 1197948 1198460 1198493 1198496 1198581 CVE-2004-2771 CVE-2004-2779 CVE-2006-2607 CVE-2008-2109 CVE-2009-2624 CVE-2009-2905 CVE-2010-0001 CVE-2010-0424 CVE-2010-1205 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3328 CVE-2012-0037 CVE-2012-0786 CVE-2012-4425 CVE-2013-2003 CVE-2013-6954 CVE-2014-0011 CVE-2014-0333 CVE-2014-6272 CVE-2014-7844 CVE-2014-8119 CVE-2014-8240 CVE-2014-9495 CVE-2015-0247 CVE-2015-0255 CVE-2015-0973 CVE-2015-1191 CVE-2015-1572 CVE-2015-7555 CVE-2015-8126 CVE-2016-10087 CVE-2016-3977 CVE-2017-11550 CVE-2017-11551 CVE-2017-7555 CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2022-28733 CVE-2022-28734 CVE-2022-28736 SUSE-SU-2022:2038-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Build System Kit 12 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Real Time Extension 12 SP2 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4	Product(s):
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND python-Jinja2-2.7.3-4 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND Package Information krb5-mini-1.12.1-36 is installed OR krb5-mini-devel-1.12.1-36 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND kernel-zfcpdump-4.4.21-84 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND python-pycrypto-2.6.1-10.3 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP4 is installed AND Package Information ghostscript-mini-9.26a-23.19 is installed OR ghostscript-mini-devel-9.26a-23.19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information bytefx-data-mysql-2.6.7-0.9.1 is installed OR ibm-data-db2-2.6.7-0.9.1 is installed OR mono-core-2.6.7-0.9.1 is installed OR mono-data-2.6.7-0.9.1 is installed OR mono-data-firebird-2.6.7-0.9.1 is installed OR mono-data-oracle-2.6.7-0.9.1 is installed OR mono-data-postgresql-2.6.7-0.9.1 is installed OR mono-data-sqlite-2.6.7-0.9.1 is installed OR mono-data-sybase-2.6.7-0.9.1 is installed OR mono-devel-2.6.7-0.9.1 is installed OR mono-extras-2.6.7-0.9.1 is installed OR mono-jscript-2.6.7-0.9.1 is installed OR mono-locale-extras-2.6.7-0.9.1 is installed OR mono-nunit-2.6.7-0.9.1 is installed OR mono-wcf-2.6.7-0.9.1 is installed OR mono-web-2.6.7-0.9.1 is installed OR mono-winforms-2.6.7-0.9.1 is installed OR monodoc-core-2.6.7-0.9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libssh-0.6.3-4 is installed OR libssh4-0.6.3-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libXcursor1-1.1.14-3 is installed OR libXcursor1-32bit-1.1.14-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND libnewt0_52-0.52.16-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information augeas-1.2.0-17.3 is installed OR augeas-lenses-1.2.0-17.3 is installed OR libaugeas0-1.2.0-17.3 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_55-52_42-default-2-2 is installed OR kgraft-patch-3_12_55-52_42-xen-2-2 is installed OR kgraft-patch-SLE12_Update_12-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-94.1 is installed OR libopenssl0_9_8-0.9.8j-94.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND ctdb-4.4.2-29 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.82-6.6 is installed OR dlm-kmp-default-4.4.82-6.6 is installed OR gfs2-kmp-default-4.4.82-6.6 is installed OR kernel-default-4.4.82-6.6 is installed OR ocfs2-kmp-default-4.4.82-6.6 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND libpcreposix0-8.39-8.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND python-requests-2.18.2-8.4 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.13 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.13 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_36-38-default-3-2 is installed OR kgraft-patch-3_12_36-38-xen-3-2 is installed OR kgraft-patch-SLE12_Update_2-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_73-5-default-2-2.3 is installed OR kgraft-patch-SLE12-SP3_Update_0-2-2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND apache2-mod_wsgi-4.4.13-2 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.61-60.18 is installed OR kernel-compute-base-3.12.61-60.18 is installed OR kernel-compute-devel-3.12.61-60.18 is installed OR kernel-compute_debug-3.12.61-60.18 is installed OR kernel-compute_debug-devel-3.12.61-60.18 is installed OR kernel-devel-rt-3.12.61-60.18 is installed OR kernel-rt-3.12.61-60.18 is installed OR kernel-rt-base-3.12.61-60.18 is installed OR kernel-rt-devel-3.12.61-60.18 is installed OR kernel-rt_debug-3.12.61-60.18 is installed OR kernel-rt_debug-devel-3.12.61-60.18 is installed OR kernel-source-rt-3.12.61-60.18 is installed OR kernel-syms-rt-3.12.61-60.18 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP2 is installed AND Package Information cluster-md-kmp-rt-4.4.88-18 is installed OR cluster-network-kmp-rt-4.4.88-18 is installed OR dlm-kmp-rt-4.4.88-18 is installed OR gfs2-kmp-rt-4.4.88-18 is installed OR kernel-devel-rt-4.4.88-18 is installed OR kernel-rt-4.4.88-18 is installed OR kernel-rt-base-4.4.88-18 is installed OR kernel-rt-devel-4.4.88-18 is installed OR kernel-rt_debug-4.4.88-18 is installed OR kernel-rt_debug-devel-4.4.88-18 is installed OR kernel-source-rt-4.4.88-18 is installed OR kernel-syms-rt-4.4.88-18 is installed OR ocfs2-kmp-rt-4.4.88-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1 is installed AND amavisd-new-2.6.2-1.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2-LTSS is installed AND Package Information ldapsmb-1.34b-48.2 is installed OR libldb1-3.6.3-48.2 is installed OR libsmbclient0-3.6.3-48.2 is installed OR libsmbclient0-32bit-3.6.3-48.2 is installed OR libtalloc2-3.6.3-48.2 is installed OR libtalloc2-32bit-3.6.3-48.2 is installed OR libtdb1-3.6.3-48.2 is installed OR libtdb1-32bit-3.6.3-48.2 is installed OR libtevent0-3.6.3-48.2 is installed OR libtevent0-32bit-3.6.3-48.2 is installed OR libwbclient0-3.6.3-48.2 is installed OR libwbclient0-32bit-3.6.3-48.2 is installed OR samba-3.6.3-48.2 is installed OR samba-32bit-3.6.3-48.2 is installed OR samba-client-3.6.3-48.2 is installed OR samba-client-32bit-3.6.3-48.2 is installed OR samba-doc-3.6.3-48.2 is installed OR samba-krb-printing-3.6.3-48.2 is installed OR samba-winbind-3.6.3-48.2 is installed OR samba-winbind-32bit-3.6.3-48.2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND libjasper-1.900.1-134.17.1 is installed OR libjasper-32bit-1.900.1-134.17.1 is installed OR libjasper-x86-1.900.1-134.17.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND libjasper-1.900.1-134.17.1 is installed OR libjasper-32bit-1.900.1-134.17.1 is installed OR libjasper-x86-1.900.1-134.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND apache2-mod_perl-2.0.4-40.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information avahi-0.6.23-11.32.1 is installed OR avahi-lang-0.6.23-11.32.1 is installed OR avahi-utils-0.6.23-11.32.1 is installed OR libavahi-client3-0.6.23-11.32.1 is installed OR libavahi-client3-32bit-0.6.23-11.32.1 is installed OR libavahi-client3-x86-0.6.23-11.32.1 is installed OR libavahi-common3-0.6.23-11.32.1 is installed OR libavahi-common3-32bit-0.6.23-11.32.1 is installed OR libavahi-common3-x86-0.6.23-11.32.1 is installed OR libavahi-core5-0.6.23-11.32.1 is installed OR libdns_sd-0.6.23-11.32.1 is installed OR libdns_sd-32bit-0.6.23-11.32.1 is installed OR libdns_sd-x86-0.6.23-11.32.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information colord-gtk-lang-0.1.25-3 is installed OR libcolord-gtk1-0.1.25-3 is installed OR libcolord2-1.1.7-2 is installed OR libcolord2-32bit-1.1.7-2 is installed OR libcolorhug2-1.1.7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-28 is installed OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND grub2-2.02-143.2 is installed OR grub2-arm64-efi-2.02-143.2 is installed OR grub2-i386-pc-2.02-143.2 is installed OR grub2-powerpc-ieee1275-2.02-143.2 is installed OR grub2-s390x-emu-2.02-143.2 is installed OR grub2-snapper-plugin-2.02-143.2 is installed OR grub2-systemd-sleep-plugin-2.02-143.2 is installed OR grub2-x86_64-efi-2.02-143.2 is installed OR grub2-x86_64-xen-2.02-143.2 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND grub2-2.02-143.2 is installed OR grub2-arm64-efi-2.02-143.2 is installed OR grub2-i386-pc-2.02-143.2 is installed OR grub2-powerpc-ieee1275-2.02-143.2 is installed OR grub2-s390x-emu-2.02-143.2 is installed OR grub2-snapper-plugin-2.02-143.2 is installed OR grub2-systemd-sleep-plugin-2.02-143.2 is installed OR grub2-x86_64-efi-2.02-143.2 is installed OR grub2-x86_64-xen-2.02-143.2 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information kernel-default-4.4.21-69 is installed OR kernel-default-base-4.4.21-69 is installed OR kernel-default-devel-4.4.21-69 is installed OR kernel-devel-4.4.21-69 is installed OR kernel-macros-4.4.21-69 is installed OR kernel-source-4.4.21-69 is installed OR kernel-syms-4.4.21-69 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND Package Information kgraft-patch-4_4_121-92_80-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information GraphicsMagick-1.2.5-4.33.1 is installed OR libGraphicsMagick2-1.2.5-4.33.1 is installed OR perl-GraphicsMagick-1.2.5-4.33.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information GraphicsMagick-1.2.5-4.33.1 is installed OR libGraphicsMagick2-1.2.5-4.33.1 is installed OR perl-GraphicsMagick-1.2.5-4.33.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information bash-devel-4.2-75 is installed OR readline-devel-6.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND cyrus-sasl-devel-2.1.26-7 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information cups-ddk-1.7.5-12 is installed OR cups-devel-1.7.5-12 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information NetworkManager-1.0.12-12 is installed OR NetworkManager-devel-1.0.12-12 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information gstreamer-0_10-plugins-good-0.10.31-13.3.3 is installed OR gstreamer-0_10-plugins-good-lang-0.10.31-13.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information kernel-default-4.4.21-84.1 is installed OR kernel-default-extra-4.4.21-84.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information libjavascriptcoregtk-1_0-0-2.4.11-23 is installed OR libjavascriptcoregtk-1_0-0-32bit-2.4.11-23 is installed OR libwebkitgtk-1_0-0-2.4.11-23 is installed OR libwebkitgtk-1_0-0-32bit-2.4.11-23 is installed OR libwebkitgtk2-lang-2.4.11-23 is installed OR typelib-1_0-JavaScriptCore-3_0-2.4.11-23 is installed OR typelib-1_0-WebKit-3_0-2.4.11-23 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.85 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85 is installed

BACK