OVAL Reference oval:org.opensuse.security:def:60802 - CERT Civis.Net

Oval Definition:

oval:org.opensuse.security:def:60802

Revision Date:	2020-12-01	Version:	1
Title:	Security update for ucode-intel (Moderate)
Description:	This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201118 official release. (bsc#1178971) - Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) INTEL-SA-00389 (bsc#1170446) - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594) - CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592) - Release notes: - Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html). - Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html). - Update for functional issues. Refer to [Second Generation Intel? Xeon? Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details. - Update for functional issues. Refer to [Intel? Xeon? Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details. - Update for functional issues. Refer to [Intel? Xeon? Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details. - Update for functional issues. Refer to [10th Gen Intel? Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details. - Update for functional issues. Refer to [8th and 9th Gen Intel? Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details. - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel? Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details. - Update for functional issues. Refer to [6th Gen Intel? Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details. - Update for functional issues. Refer to [Intel? Xeon? E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details. - Update for functional issues. Refer to [Intel? Xeon? E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details. ### New Platforms \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| CPX-SP \| A1 \| 06-55-0b/bf \| \| 0700001e \| Xeon Scalable Gen3 \| LKF \| B2/B3 \| 06-8a-01/10 \| \| 00000028 \| Core w/Hybrid Technology \| TGL \| B1 \| 06-8c-01/80 \| \| 00000068 \| Core Gen11 Mobile \| CML-H \| R1 \| 06-a5-02/20 \| \| 000000e0 \| Core Gen10 Mobile \| CML-S62 \| G1 \| 06-a5-03/22 \| \| 000000e0 \| Core Gen10 \| CML-S102 \| Q0 \| 06-a5-05/22 \| \| 000000e0 \| Core Gen10 \| CML-U62 V2 \| K0 \| 06-a6-01/80 \| \| 000000e0 \| Core Gen10 Mobile ### Updated Platforms \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| HSX-E/EP \| Cx/M1 \| 06-3f-02/6f \| 00000043 \| 00000044 \| Core Gen4 X series; Xeon E5 v3 \| SKL-U/Y \| D0 \| 06-4e-03/c0 \| 000000d6 \| 000000e2 \| Core Gen6 Mobile \| SKL-U23e \| K1 \| 06-4e-03/c0 \| 000000d6 \| 000000e2 \| Core Gen6 Mobile \| SKX-SP \| B1 \| 06-55-03/97 \| 01000157 \| 01000159 \| Xeon Scalable \| SKX-SP \| H0/M0/U0 \| 06-55-04/b7 \| 02006906 \| 02006a08 \| Xeon Scalable \| SKX-D \| M1 \| 06-55-04/b7 \| 02006906 \| 02006a08 \| Xeon D-21xx \| CLX-SP \| B0 \| 06-55-06/bf \| 04002f01 \| 04003003 \| Xeon Scalable Gen2 \| CLX-SP \| B1 \| 06-55-07/bf \| 05002f01 \| 05003003 \| Xeon Scalable Gen2 \| APL \| D0 \| 06-5c-09/03 \| 00000038 \| 00000040 \| Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx \| APL \| E0 \| 06-5c-0a/03 \| 00000016 \| 0000001e \| Atom x5-E39xx \| SKL-H/S \| R0/N0 \| 06-5e-03/36 \| 000000d6 \| 000000e2 \| Core Gen6; Xeon E3 v5 \| GKL-R \| R0 \| 06-7a-08/01 \| 00000016 \| 00000018 \| Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 \| ICL-U/Y \| D1 \| 06-7e-05/80 \| 00000078 \| 000000a0 \| Core Gen10 Mobile \| AML-Y22 \| H0 \| 06-8e-09/10 \| 000000d6 \| 000000de \| Core Gen8 Mobile \| KBL-U/Y \| H0 \| 06-8e-09/c0 \| 000000d6 \| 000000de \| Core Gen7 Mobile \| CFL-U43e \| D0 \| 06-8e-0a/c0 \| 000000d6 \| 000000e0 \| Core Gen8 Mobile \| WHL-U \| W0 \| 06-8e-0b/d0 \| 000000d6 \| 000000de \| Core Gen8 Mobile \| AML-Y42 \| V0 \| 06-8e-0c/94 \| 000000d6 \| 000000de \| Core Gen10 Mobile \| CML-Y42 \| V0 \| 06-8e-0c/94 \| 000000d6 \| 000000de \| Core Gen10 Mobile \| WHL-U \| V0 \| 06-8e-0c/94 \| 000000d6 \| 000000de \| Core Gen8 Mobile \| KBL-G/H/S/E3 \| B0 \| 06-9e-09/2a \| 000000d6 \| 000000de \| Core Gen7; Xeon E3 v6 \| CFL-H/S/E3 \| U0 \| 06-9e-0a/22 \| 000000d6 \| 000000de \| Core Gen8 Desktop, Mobile, Xeon E \| CFL-S \| B0 \| 06-9e-0b/02 \| 000000d6 \| 000000de \| Core Gen8 \| CFL-H/S \| P0 \| 06-9e-0c/22 \| 000000d6 \| 000000de \| Core Gen9 \| CFL-H \| R0 \| 06-9e-0d/22 \| 000000d6 \| 000000de \| Core Gen9 Mobile \| CML-U62 \| A0 \| 06-a6-00/80 \| 000000ca \| 000000e0 \| Core Gen10 Mobile
Family:	unix	Class:	patch
Status:		Reference(s):	1011144 1027282 1031692 1041090 1042670 1046636 1047674 1048296 1048902 1049381 1050082 1050268 1061066 1073269 1073748 1078326 1078485 1081750 1084650 1086001 1087018 1096405 1096406 1096407 1096408 1123156 1123886 1131361 1133375 1133719 1134598 1135824 1138301 1138303 1138734 1146358 1146359 1146873 1149792 1149811 1153830 1155094 1159035 1160024 1160594 1160764 1161066 1161779 1162224 1162367 1162610 1162825 1163018 1163922 1163985 1165894 1166240 1170411 1170446 1170940 1171561 1172186 1173592 1173594 1177158 1178971 945401 CVE-2012-5784 CVE-2014-3596 CVE-2017-10664 CVE-2017-10806 CVE-2017-11334 CVE-2017-11434 CVE-2017-18248 CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 CVE-2019-0161 CVE-2019-10161 CVE-2019-10167 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11694 CVE-2019-11698 CVE-2019-12068 CVE-2019-15890 CVE-2019-18348 CVE-2019-6778 CVE-2019-7317 CVE-2019-8675 CVE-2019-8696 CVE-2019-9674 CVE-2019-9800 CVE-2019-9815 CVE-2019-9816 CVE-2019-9817 CVE-2019-9818 CVE-2019-9819 CVE-2019-9820 CVE-2019-9928 CVE-2020-14355 CVE-2020-1711 CVE-2020-1720 CVE-2020-1983 CVE-2020-7039 CVE-2020-8013 CVE-2020-8165 CVE-2020-8492 CVE-2020-8597 CVE-2020-8608 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 SUSE-SU-2017:2416-1 SUSE-SU-2018:2162-1 SUSE-SU-2019:1600-1 SUSE-SU-2019:2227-1 SUSE-SU-2019:3057-1 SUSE-SU-2020:0490-1 SUSE-SU-2020:0715-1 SUSE-SU-2020:1524-1 SUSE-SU-2020:1538-1 SUSE-SU-2020:2929-1 SUSE-SU-2020:3085-1 SUSE-SU-2020:3514-1
Platform(s):	openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information gnome-shell-3.26.2+20180130.0d9c74212-lp151.7.3 is installed OR gnome-shell-browser-plugin-3.26.2+20180130.0d9c74212-lp151.7.3 is installed OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-lp151.7.3 is installed OR gnome-shell-devel-3.26.2+20180130.0d9c74212-lp151.7.3 is installed OR gnome-shell-lang-3.26.2+20180130.0d9c74212-lp151.7.3 is installed
Definition Synopsis
openSUSE Leap 15.2 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.4-lp152.2.4 is installed OR libjavascriptcoregtk-4_0-18-32bit-2.28.4-lp152.2.4 is installed OR libwebkit2gtk-4_0-37-2.28.4-lp152.2.4 is installed OR libwebkit2gtk-4_0-37-32bit-2.28.4-lp152.2.4 is installed OR libwebkit2gtk3-lang-2.28.4-lp152.2.4 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.4-lp152.2.4 is installed OR typelib-1_0-WebKit2-4_0-2.28.4-lp152.2.4 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.28.4-lp152.2.4 is installed OR webkit-jsc-4-2.28.4-lp152.2.4 is installed OR webkit2gtk-4_0-injected-bundles-2.28.4-lp152.2.4 is installed OR webkit2gtk3-2.28.4-lp152.2.4 is installed OR webkit2gtk3-devel-2.28.4-lp152.2.4 is installed OR webkit2gtk3-minibrowser-2.28.4-lp152.2.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information qemu-2.9.0-6.3 is installed OR qemu-arm-2.9.0-6.3 is installed OR qemu-block-curl-2.9.0-6.3 is installed OR qemu-block-rbd-2.9.0-6.3 is installed OR qemu-block-ssh-2.9.0-6.3 is installed OR qemu-guest-agent-2.9.0-6.3 is installed OR qemu-ipxe-1.0.0-6.3 is installed OR qemu-kvm-2.9.0-6.3 is installed OR qemu-lang-2.9.0-6.3 is installed OR qemu-ppc-2.9.0-6.3 is installed OR qemu-s390-2.9.0-6.3 is installed OR qemu-seabios-1.10.2-6.3 is installed OR qemu-sgabios-8-6.3 is installed OR qemu-tools-2.9.0-6.3 is installed OR qemu-vgabios-1.10.2-6.3 is installed OR qemu-x86-2.9.0-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libspice-client-glib-2_0-8-0.33-3.9 is installed OR libspice-client-glib-helper-0.33-3.9 is installed OR libspice-client-gtk-3_0-5-0.33-3.9 is installed OR libspice-controller0-0.33-3.9 is installed OR spice-gtk-0.33-3.9 is installed OR typelib-1_0-SpiceClientGlib-2_0-0.33-3.9 is installed OR typelib-1_0-SpiceClientGtk-3_0-0.33-3.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND permissions-2015.09.28.1626-17.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information qemu-2.9.1-6.44 is installed OR qemu-arm-2.9.1-6.44 is installed OR qemu-block-curl-2.9.1-6.44 is installed OR qemu-block-iscsi-2.9.1-6.44 is installed OR qemu-block-rbd-2.9.1-6.44 is installed OR qemu-block-ssh-2.9.1-6.44 is installed OR qemu-guest-agent-2.9.1-6.44 is installed OR qemu-ipxe-1.0.0+-6.44 is installed OR qemu-kvm-2.9.1-6.44 is installed OR qemu-lang-2.9.1-6.44 is installed OR qemu-ppc-2.9.1-6.44 is installed OR qemu-s390-2.9.1-6.44 is installed OR qemu-seabios-1.10.2-6.44 is installed OR qemu-sgabios-8-6.44 is installed OR qemu-tools-2.9.1-6.44 is installed OR qemu-vgabios-1.10.2-6.44 is installed OR qemu-x86-2.9.1-6.44 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ovmf-2017+git1492060560.b6d11d7c46-4.26 is installed OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.26 is installed OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information krb5-1.12.5-40.28 is installed OR krb5-32bit-1.12.5-40.28 is installed OR krb5-client-1.12.5-40.28 is installed OR krb5-doc-1.12.5-40.28 is installed OR krb5-plugin-kdb-ldap-1.12.5-40.28 is installed OR krb5-plugin-preauth-otp-1.12.5-40.28 is installed OR krb5-plugin-preauth-pkinit-1.12.5-40.28 is installed OR krb5-server-1.12.5-40.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information kernel-default-4.12.14-95.57 is installed OR kernel-default-base-4.12.14-95.57 is installed OR kernel-default-devel-4.12.14-95.57 is installed OR kernel-devel-4.12.14-95.57 is installed OR kernel-macros-4.12.14-95.57 is installed OR kernel-source-4.12.14-95.57 is installed OR kernel-syms-4.12.14-95.57 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND ucode-intel-20201118-13.81 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information libX11-1.6.2-12.8 is installed OR libX11-6-1.6.2-12.8 is installed OR libX11-6-32bit-1.6.2-12.8 is installed OR libX11-data-1.6.2-12.8 is installed OR libX11-xcb1-1.6.2-12.8 is installed OR libX11-xcb1-32bit-1.6.2-12.8 is installed OR libxcb-1.10-4.5 is installed OR libxcb-dri2-0-1.10-4.5 is installed OR libxcb-dri2-0-32bit-1.10-4.5 is installed OR libxcb-dri3-0-1.10-4.5 is installed OR libxcb-dri3-0-32bit-1.10-4.5 is installed OR libxcb-glx0-1.10-4.5 is installed OR libxcb-glx0-32bit-1.10-4.5 is installed OR libxcb-present0-1.10-4.5 is installed OR libxcb-present0-32bit-1.10-4.5 is installed OR libxcb-randr0-1.10-4.5 is installed OR libxcb-render0-1.10-4.5 is installed OR libxcb-render0-32bit-1.10-4.5 is installed OR libxcb-shape0-1.10-4.5 is installed OR libxcb-shm0-1.10-4.5 is installed OR libxcb-shm0-32bit-1.10-4.5 is installed OR libxcb-sync1-1.10-4.5 is installed OR libxcb-sync1-32bit-1.10-4.5 is installed OR libxcb-xf86dri0-1.10-4.5 is installed OR libxcb-xfixes0-1.10-4.5 is installed OR libxcb-xfixes0-32bit-1.10-4.5 is installed OR libxcb-xinerama0-1.10-4.5 is installed OR libxcb-xkb1-1.10-4.5 is installed OR libxcb-xkb1-32bit-1.10-4.5 is installed OR libxcb-xv0-1.10-4.5 is installed OR libxcb1-1.10-4.5 is installed OR libxcb1-32bit-1.10-4.5 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed