Oval Definition:oval:org.opensuse.security:def:63808
Revision Date:2020-12-01Version:1
Title:Security update for xen (Important)
Description:

This update for xen to version 4.11.2 fixes the following issues:

Security issues fixed:

- CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service (bsc#1149813). - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service (bsc#1146874). - CVE-2019-14378: Fixed a heap buffer overflow in SLiRp networking implementation of QEMU emulator which could have led to execution of arbitrary code with privileges of the QEMU process (bsc#1143797).

Other issues fixed:

- Fixed an HPS bug which did not allow to install Windows Server 2016 with 2 CPUs setting or above (bsc#1137717). - Fixed a segmentation fault in Libvrtd during live migration to a VM (bsc#1145774). - Fixed an issue where libxenlight could not create new domain (bsc#1131811). - Fixed an issue where attached pci devices were lost after reboot (bsc#1129642). - Fixed an issue where Xen could not pre-allocate 1 shadow page (bsc#1145240).
Family:unixClass:patch
Status:Reference(s):1027519
1061210
1105173
1111331
1121448
1123823
1123828
1123832
1125330
1126140
1126141
1126192
1126195
1126196
1126197
1126198
1126201
1127400
1127987
1129642
1129821
1130262
1131811
1136183
1137717
1138294
1138793
1143797
1144522
1145240
1145774
1146874
1148987
1149813
1152684
1155338
1155339
1158910
1159740
1169628
1172686
1173937
1176589
1176756
1177872
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-18335
CVE-2018-18356
CVE-2018-18506
CVE-2018-20174
CVE-2018-20175
CVE-2018-20176
CVE-2018-20177
CVE-2018-20178
CVE-2018-20179
CVE-2018-20180
CVE-2018-20181
CVE-2018-20182
CVE-2018-20748
CVE-2018-20749
CVE-2018-20750
CVE-2018-8791
CVE-2018-8792
CVE-2018-8793
CVE-2018-8794
CVE-2018-8795
CVE-2018-8796
CVE-2018-8797
CVE-2018-8798
CVE-2018-8799
CVE-2018-8800
CVE-2019-11091
CVE-2019-12068
CVE-2019-13627
CVE-2019-14378
CVE-2019-15890
CVE-2019-17340
CVE-2019-17341
CVE-2019-17342
CVE-2019-17343
CVE-2019-17344
CVE-2019-17345
CVE-2019-17346
CVE-2019-17347
CVE-2019-17348
CVE-2019-5785
CVE-2019-9788
CVE-2019-9790
CVE-2019-9791
CVE-2019-9792
CVE-2019-9793
CVE-2019-9794
CVE-2019-9795
CVE-2019-9796
CVE-2019-9801
CVE-2019-9810
CVE-2019-9813
CVE-2019-9853
CVE-2020-15095
CVE-2020-15683
CVE-2020-15969
CVE-2020-2741
CVE-2020-2742
CVE-2020-2743
CVE-2020-2748
CVE-2020-2758
CVE-2020-2894
CVE-2020-2902
CVE-2020-2905
CVE-2020-2907
CVE-2020-2908
CVE-2020-2909
CVE-2020-2910
CVE-2020-2911
CVE-2020-2913
CVE-2020-2914
CVE-2020-2929
CVE-2020-2951
CVE-2020-2958
CVE-2020-2959
CVE-2020-8016
CVE-2020-8017
CVE-2020-8252
openSUSE-SU-2019:1491-1
openSUSE-SU-2019:2135-1
openSUSE-SU-2020:0022-1
openSUSE-SU-2020:0925-1
openSUSE-SU-2020:1660-1
SUSE-SU-2019:0313-1
SUSE-SU-2019:0852-1
SUSE-SU-2019:2753-1
SUSE-SU-2020:0372-1
SUSE-SU-2020:1581-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • GraphicsMagick-1.3.29-lp151.4.3 is installed
  • OR GraphicsMagick-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick++-devel-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagick3-config-1.3.29-lp151.4.3 is installed
  • OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.3 is installed
  • OR perl-GraphicsMagick-1.3.29-lp151.4.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • nodejs10-10.22.1-lp152.2.6 is installed
  • OR nodejs10-devel-10.22.1-lp152.2.6 is installed
  • OR nodejs10-docs-10.22.1-lp152.2.6 is installed
  • OR npm10-10.22.1-lp152.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • xen-4.11.2_02-2.14 is installed
  • OR xen-doc-html-4.11.2_02-2.14 is installed
  • OR xen-libs-4.11.2_02-2.14 is installed
  • OR xen-libs-32bit-4.11.2_02-2.14 is installed
  • OR xen-tools-4.11.2_02-2.14 is installed
  • OR xen-tools-domU-4.11.2_02-2.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-78.4.0-112.28 is installed
  • OR MozillaFirefox-devel-78.4.0-112.28 is installed
  • OR MozillaFirefox-translations-common-78.4.0-112.28 is installed
    • BACK