OVAL Reference oval:org.opensuse.security:def:85053

Oval Definition:

oval:org.opensuse.security:def:85053

Revision Date:	2018-12-20	Version:	1
Title:	Security update for ovmf (Moderate)
Description:	This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE (bsc#1115916). - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c (bsc#1115917). - CVE-2017-5732: Fixed privilege escalation via processing of malformed files in BaseUefiDecompressLib.c (bsc#1115917). - CVE-2017-5733: Fixed privilege escalation via heap-based buffer overflow in MakeTable() function (bsc#1115917). - CVE-2017-5734: Fixed privilege escalation via stack-based buffer overflow in MakeTable() function (bsc#1115917). - CVE-2017-5735: Fixed privilege escalation via heap-based buffer overflow in Decode() function (bsc#1115917).
Family:	unix	Class:	patch
Status:		Reference(s):	1115916 1115917 CVE-2017-5731 CVE-2017-5732 CVE-2017-5733 CVE-2017-5734 CVE-2017-5735 CVE-2018-3613 SUSE-SU-2018:4207-1
Platform(s):	SUSE Linux Enterprise Server 12 SP3	Product(s):
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information ovmf-2017+git1492060560.b6d11d7c46-4.17.1 is installed OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.17.1 is installed OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.17.1 is installed OR qemu-uefi-aarch64-2017+git1492060560.b6d11d7c46-4.17.1 is installed