OVAL Reference oval:org.opensuse.security:def:69123

Oval Definition:

oval:org.opensuse.security:def:69123

Revision Date:	2021-06-10	Version:	1
Title:	Security update for qemu (Important)
Description:	This update for qemu fixes the following issues: * - Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to what was accepted upstream (bsc#1181103) - Fix OOB access in sdhci interface (CVE-2020-17380, bsc#1175144, CVE-2020-25085, bsc#1176681, CVE-2021-3409, bsc#1182282) - Fix potential privilege escalation in virtiofsd tool (CVE-2021-20263, bsc#1183373) - Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416, bsc#1182968) - Fix heap overflow in MSIx emulation (CVE-2020-27821, bsc#1179686) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - QEMU BIOS fails to read stage2 loader on s390x (bsc#1186290) - For the record, these issues are fixed in this package already. Most are alternate references to previously mentioned issues: (CVE-2019-15890, bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534, CVE-2020-25707, bsc#1178683, CVE-2020-25723, bsc#1178935, CVE-2020-29130, bsc#1179477, CVE-2020-29129, bsc#1179484, CVE-2021-3419, bsc#1182975)
Family:	unix	Class:	patch
Status:		Reference(s):	1103203 1132665 1144903 1149813 1149841 1151021 1153108 1153158 1153161 1163019 1166238 1175144 1175534 1176681 1178683 1178935 1179477 1179484 1179686 1181103 1182282 1182425 1182968 1182975 1183373 1186290 904970 907150 920615 920633 930408 CVE-2019-10220 CVE-2019-14835 CVE-2019-15890 CVE-2019-17133 CVE-2019-20503 CVE-2020-14364 CVE-2020-17380 CVE-2020-25085 CVE-2020-25707 CVE-2020-25723 CVE-2020-27821 CVE-2020-29129 CVE-2020-29130 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2020-8608 CVE-2021-20263 CVE-2021-3409 CVE-2021-3416 CVE-2021-3419 SUSE-SU-2019:2864-1 SUSE-SU-2020:0686-1 SUSE-SU-2021:1942-1
Platform(s):	SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2	Product(s):
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_15-default-3-2 is installed OR kernel-livepatch-SLE15-SP1_Update_4-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information MozillaFirefox-68.6.0-3.75 is installed OR MozillaFirefox-branding-upstream-68.6.0-3.75 is installed OR MozillaFirefox-buildsymbols-68.6.0-3.75 is installed OR MozillaFirefox-devel-68.6.0-3.75 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP3 is installed AND Package Information qemu-5.2.0-17.1 is installed OR qemu-arm-5.2.0-17.1 is installed OR qemu-audio-alsa-5.2.0-17.1 is installed OR qemu-audio-pa-5.2.0-17.1 is installed OR qemu-audio-spice-5.2.0-17.1 is installed OR qemu-block-curl-5.2.0-17.1 is installed OR qemu-block-iscsi-5.2.0-17.1 is installed OR qemu-block-rbd-5.2.0-17.1 is installed OR qemu-block-ssh-5.2.0-17.1 is installed OR qemu-chardev-baum-5.2.0-17.1 is installed OR qemu-chardev-spice-5.2.0-17.1 is installed OR qemu-guest-agent-5.2.0-17.1 is installed OR qemu-hw-display-qxl-5.2.0-17.1 is installed OR qemu-hw-display-virtio-gpu-5.2.0-17.1 is installed OR qemu-hw-display-virtio-gpu-pci-5.2.0-17.1 is installed OR qemu-hw-display-virtio-vga-5.2.0-17.1 is installed OR qemu-hw-s390x-virtio-gpu-ccw-5.2.0-17.1 is installed OR qemu-hw-usb-redirect-5.2.0-17.1 is installed OR qemu-ipxe-1.0.0+-17.1 is installed OR qemu-ksm-5.2.0-17.1 is installed OR qemu-kvm-5.2.0-17.1 is installed OR qemu-lang-5.2.0-17.1 is installed OR qemu-ppc-5.2.0-17.1 is installed OR qemu-s390x-5.2.0-17.1 is installed OR qemu-seabios-1.14.0_0_g155821a-17.1 is installed OR qemu-sgabios-8-17.1 is installed OR qemu-skiboot-5.2.0-17.1 is installed OR qemu-ui-curses-5.2.0-17.1 is installed OR qemu-ui-gtk-5.2.0-17.1 is installed OR qemu-ui-opengl-5.2.0-17.1 is installed OR qemu-ui-spice-app-5.2.0-17.1 is installed OR qemu-ui-spice-core-5.2.0-17.1 is installed OR qemu-vgabios-1.14.0_0_g155821a-17.1 is installed OR qemu-x86-5.2.0-17.1 is installed

BACK