Oval Definition:oval:org.opensuse.security:def:64049
Revision Date:2020-12-01Version:1
Title:Security update for grub2 (Important)
Description:

This update for grub2 fixes the following issues:

- Fix for CVE-2020-10713 (bsc#1168994) - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) - Fix for CVE-2020-15706 (bsc#1174463) - Fix for CVE-2020-15707 (bsc#1174570) - Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data - Use grub_calloc for overflow check and return NULL when it would occur - Use gcc-9 compiler for overflow check builtins - Backport gcc-9 build fixes
Family:unixClass:patch
Status:Reference(s):1123919
1137496
1137497
1144065
1168994
1172731
1173812
1174463
1174570
1174662
1176631
1177914
985657
CVE-2016-3189
CVE-2019-10214
CVE-2019-11768
CVE-2019-12616
CVE-2020-10713
CVE-2020-14308
CVE-2020-14309
CVE-2020-14310
CVE-2020-14311
CVE-2020-15706
CVE-2020-15707
CVE-2020-15999
CVE-2020-8024
CVE-2020-9862
CVE-2020-9893
CVE-2020-9894
CVE-2020-9895
CVE-2020-9915
CVE-2020-9925
openSUSE-SU-2019:1435-1
openSUSE-SU-2019:1689-1
openSUSE-SU-2019:2137-1
openSUSE-SU-2019:2612-1
openSUSE-SU-2020:0958-1
openSUSE-SU-2020:1591-1
SUSE-SU-2020:2232-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • bzip2-1.0.6-lp151.5.3 is installed
  • OR bzip2-doc-1.0.6-lp151.5.3 is installed
  • OR libbz2-1-1.0.6-lp151.5.3 is installed
  • OR libbz2-1-32bit-1.0.6-lp151.5.3 is installed
  • OR libbz2-devel-1.0.6-lp151.5.3 is installed
  • OR libbz2-devel-32bit-1.0.6-lp151.5.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • grub2-2.02-12.31 is installed
  • OR grub2-arm64-efi-2.02-12.31 is installed
  • OR grub2-i386-pc-2.02-12.31 is installed
  • OR grub2-snapper-plugin-2.02-12.31 is installed
  • OR grub2-systemd-sleep-plugin-2.02-12.31 is installed
  • OR grub2-x86_64-efi-2.02-12.31 is installed
  • OR grub2-x86_64-xen-2.02-12.31 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.4-2.59 is installed
  • OR libwebkit2gtk-4_0-37-2.28.4-2.59 is installed
  • OR libwebkit2gtk3-lang-2.28.4-2.59 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.4-2.59 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.28.4-2.59 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.4-2.59 is installed
  • OR webkit2gtk3-2.28.4-2.59 is installed
  • BACK