Oval Definition:	oval:org.opensuse.security:def:63653
Revision Date: 2020-12-01 Version: 1 Title: Security update for ovmf (Moderate) Description: This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE (bsc#1115916). - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c (bsc#1115917). - CVE-2017-5732: Fixed privilege escalation via processing of malformed files in BaseUefiDecompressLib.c (bsc#1115917). - CVE-2017-5733: Fixed privilege escalation via heap-based buffer overflow in MakeTable() function (bsc#1115917). - CVE-2017-5734: Fixed privilege escalation via stack-based buffer overflow in MakeTable() function (bsc#1115917). - CVE-2017-5735: Fixed privilege escalation via heap-based buffer overflow in Decode() function (bsc#1115917). Non security issues fixed: - Fixed an issue with the default owner of PK/KEK/db/dbx and make the auto-enrollment only happen at the very first time. (bsc#1117998) Family: unix Class: patch Status: Reference(s): 1010675 1110146 1111331 1115916 1115917 1117998 1126613 1131291 1150003 1150250 1154183 1155787 1156767 1160726 1167068 1168874 1170558 1171363 1173107 1173187 1173188 1173251 1173254 1173292 1178067 1178588 682920 CVE-2016-9318 CVE-2017-2518 CVE-2017-5731 CVE-2017-5732 CVE-2017-5733 CVE-2017-5734 CVE-2017-5735 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-3613 CVE-2019-11091 CVE-2019-1547 CVE-2019-1563 CVE-2020-12108 CVE-2020-12137 CVE-2020-26950 CVE-2020-27560 CVE-2020-6509 CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 CVE-2020-6827 CVE-2020-6828 CVE-2020-7040 CVE-2020-8015 openSUSE-SU-2020:0119-1 openSUSE-SU-2020:0491-1 openSUSE-SU-2020:0887-1 openSUSE-SU-2020:1884-1 SUSE-SU-2018:4194-1 SUSE-SU-2019:1296-1 SUSE-SU-2019:1896-1 SUSE-SU-2019:2504-1 SUSE-SU-2019:3050-1 SUSE-SU-2020:0978-1 SUSE-SU-2020:1301-1 SUSE-SU-2020:3331-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND storeBackup-3.5-lp151.5.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information ImageMagick-7.0.7.34-lp152.12.6 is installed OR ImageMagick-config-7-SUSE-7.0.7.34-lp152.12.6 is installed OR ImageMagick-config-7-upstream-7.0.7.34-lp152.12.6 is installed OR ImageMagick-devel-7.0.7.34-lp152.12.6 is installed OR ImageMagick-devel-32bit-7.0.7.34-lp152.12.6 is installed OR ImageMagick-doc-7.0.7.34-lp152.12.6 is installed OR ImageMagick-extra-7.0.7.34-lp152.12.6 is installed OR libMagick++-7_Q16HDRI4-7.0.7.34-lp152.12.6 is installed OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp152.12.6 is installed OR libMagick++-devel-7.0.7.34-lp152.12.6 is installed OR libMagick++-devel-32bit-7.0.7.34-lp152.12.6 is installed OR libMagickCore-7_Q16HDRI6-7.0.7.34-lp152.12.6 is installed OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp152.12.6 is installed OR libMagickWand-7_Q16HDRI6-7.0.7.34-lp152.12.6 is installed OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp152.12.6 is installed OR perl-PerlMagick-7.0.7.34-lp152.12.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-3.5 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-3.5 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.5 is installed OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information MozillaFirefox-78.4.1-112.32 is installed OR MozillaFirefox-devel-78.4.1-112.32 is installed OR MozillaFirefox-translations-common-78.4.1-112.32 is installed
BACK