OVAL Reference oval:org.opensuse.security:def:912

Oval Definition:

oval:org.opensuse.security:def:912

Revision Date:	2022-06-13	Version:	1
Title:	Security update for grub2 (Important)
Description:	This update for grub2 fixes the following issues: Security fixes and hardenings for boothole 3 / boothole 2022 (bsc#1198581) - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap (bsc#1191184) - CVE-2021-3696: Fixed that a crafted PNG image could lead to out-of-bound write during huffman table handling (bsc#1191185) - CVE-2021-3697: Fixed that a crafted JPEG image could lead to buffer underflow write in the heap (bsc#1191186) - CVE-2022-28733: Fixed fragmentation math in net/ip (bsc#1198460) - CVE-2022-28734: Fixed an out-of-bound write for split http headers (bsc#1198493) - CVE-2022-28735: Fixed some verifier framework changes (bsc#1198495) - CVE-2022-28736: Fixed a use-after-free in chainloader command (bsc#1198496) - Update SBAT security contact (bsc#1193282) - Bump grub's SBAT generation to 2 - Use boot disks in OpenFirmware, fixing regression caused when the root LV is completely in the boot LUN (bsc#1197948)
Family:	unix	Class:	patch
Status:		Reference(s):	1191184 1191185 1191186 1193282 1197948 1198460 1198493 1198495 1198496 1198581 CVE-2012-1152 CVE-2012-1152 CVE-2013-6393 CVE-2013-6393 CVE-2014-2525 CVE-2014-2525 CVE-2014-4877 CVE-2014-9130 CVE-2014-9130 CVE-2015-7665 CVE-2016-4971 CVE-2017-13089 CVE-2017-13090 CVE-2017-6508 CVE-2018-0494 CVE-2018-20483 CVE-2019-5953 CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2022-28733 CVE-2022-28734 CVE-2022-28735 CVE-2022-28736 SUSE-SU-2022:2064-1
Platform(s):	openSUSE 13.2 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Storage 7.1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 15 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.1 SUSE Manager Server 4.2 SUSE Package Hub for SUSE Linux Enterprise 12 SUSE Package Hub for SUSE Linux Enterprise 15	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND haproxy-1.5.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-1 is installed OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND krb5-appl-clients-1.0.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND wget-1.20.3-3.9.2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND Package Information grub2-2.04-150300.22.20.2 is installed OR grub2-arm64-efi-2.04-150300.22.20.2 is installed OR grub2-i386-pc-2.04-150300.22.20.2 is installed OR grub2-powerpc-ieee1275-2.04-150300.22.20.2 is installed OR grub2-s390x-emu-2.04-150300.22.20.2 is installed OR grub2-snapper-plugin-2.04-150300.22.20.2 is installed OR grub2-systemd-sleep-plugin-2.04-150300.22.20.2 is installed OR grub2-x86_64-efi-2.04-150300.22.20.2 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information cluster-md-kmp-default-4.12.14-25.6 is installed OR dlm-kmp-default-4.12.14-25.6 is installed OR gfs2-kmp-default-4.12.14-25.6 is installed OR kernel-default-4.12.14-25.6 is installed OR ocfs2-kmp-default-4.12.14-25.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information glib2-2.54.3-4.7 is installed OR glib2-devel-32bit-2.54.3-4.7 is installed OR glib2-tools-32bit-2.54.3-4.7 is installed OR libgthread-2_0-0-32bit-2.54.3-4.7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND wget-1.20.3-3.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information kernel-docs-4.12.14-150.14 is installed OR kernel-obs-build-4.12.14-150.14 is installed OR kernel-source-4.12.14-150.14 is installed OR kernel-syms-4.12.14-150.14 is installed OR kernel-vanilla-4.12.14-150.14 is installed OR kernel-vanilla-base-4.12.14-150.14 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed AND perl-YAML-LibYAML-0.59-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information libopenssl-1_0_0-devel-1.0.2n-3.3 is installed OR libopenssl1_0_0-1.0.2n-3.3 is installed OR openssl-1_0_0-1.0.2n-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND kernel-livepatch-tools-1.1-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information lua53-5.3.4-3.3 is installed OR lua53-doc-5.3.4-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information openslp-2.0.0-6.3 is installed OR openslp-server-2.0.0-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs8-8.11.3-3.5 is installed OR nodejs8-devel-8.11.3-3.5 is installed OR nodejs8-docs-8.11.3-3.5 is installed OR npm8-8.11.3-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information libapr-util1-1.5.3-1.77 is installed OR libapr-util1-dbd-sqlite3-1.5.3-1.77 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXt6-1.1.4-3.59 is installed OR libXt6-32bit-1.1.4-3.59 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.6 is installed OR kernel-default-extra-4.12.14-25.6 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information irssi-0.8.20-9 is installed OR irssi-devel-0.8.20-9 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 15 is installed AND Package Information ffmpeg-4-4.0.2-bp150.3.3 is installed OR ffmpeg-4-libavcodec-devel-4.0.2-bp150.3.3 is installed OR ffmpeg-4-libavdevice-devel-4.0.2-bp150.3.3 is installed OR ffmpeg-4-libavfilter-devel-4.0.2-bp150.3.3 is installed OR ffmpeg-4-libavformat-devel-4.0.2-bp150.3.3 is installed OR ffmpeg-4-libavresample-devel-4.0.2-bp150.3.3 is installed OR ffmpeg-4-libavutil-devel-4.0.2-bp150.3.3 is installed OR ffmpeg-4-libpostproc-devel-4.0.2-bp150.3.3 is installed OR ffmpeg-4-libswresample-devel-4.0.2-bp150.3.3 is installed OR ffmpeg-4-libswscale-devel-4.0.2-bp150.3.3 is installed OR ffmpeg-4-private-devel-4.0.2-bp150.3.3 is installed OR libavcodec58-4.0.2-bp150.3.3 is installed OR libavcodec58-32bit-4.0.2-13 is installed OR libavcodec58-64bit-4.0.2-bp150.3.3 is installed OR libavdevice58-4.0.2-bp150.3.3 is installed OR libavdevice58-32bit-4.0.2-13 is installed OR libavdevice58-64bit-4.0.2-bp150.3.3 is installed OR libavfilter7-4.0.2-bp150.3.3 is installed OR libavfilter7-32bit-4.0.2-13 is installed OR libavfilter7-64bit-4.0.2-bp150.3.3 is installed OR libavformat58-4.0.2-bp150.3.3 is installed OR libavformat58-32bit-4.0.2-13 is installed OR libavformat58-64bit-4.0.2-bp150.3.3 is installed OR libavresample4-4.0.2-bp150.3.3 is installed OR libavresample4-32bit-4.0.2-13 is installed OR libavresample4-64bit-4.0.2-bp150.3.3 is installed OR libavutil56-4.0.2-bp150.3.3 is installed OR libavutil56-32bit-4.0.2-13 is installed OR libavutil56-64bit-4.0.2-bp150.3.3 is installed OR libpostproc55-4.0.2-bp150.3.3 is installed OR libpostproc55-32bit-4.0.2-13 is installed OR libpostproc55-64bit-4.0.2-bp150.3.3 is installed OR libswresample3-4.0.2-bp150.3.3 is installed OR libswresample3-32bit-4.0.2-13 is installed OR libswresample3-64bit-4.0.2-bp150.3.3 is installed OR libswscale5-4.0.2-bp150.3.3 is installed OR libswscale5-32bit-4.0.2-13 is installed OR libswscale5-64bit-4.0.2-bp150.3.3 is installed

BACK