Oval Definition:oval:org.opensuse.security:def:95391
Revision Date:2022-06-10Version:1
Title:Security update for grub2 (Important)
Description:

This update for grub2 fixes the following issues:

This update provides security fixes and hardenings for Boothole 3 / Boothole 2022 (bsc#1198581)

- CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap (bsc#1191184) - CVE-2021-3696: Fixed that a crafted PNG image could lead to out-of-bound write during huffman table handling (bsc#1191185) - CVE-2021-3697: Fixed that a crafted JPEG image could lead to buffer underflow write in the heap (bsc#1191186) - CVE-2022-28733: Fixed fragmentation math in net/ip (bsc#1198460) - CVE-2022-28734: Fixed an out-of-bound write for split http headers (bsc#1198493) - CVE-2022-28735: Fixed some verifier framework changes (bsc#1198495) - CVE-2022-28736: Fixed a use-after-free in chainloader command (bsc#1198496) - Update SBAT security contact (bsc#1193282) - Bump grub's SBAT generation to 2

- Use boot disks in OpenFirmware, fixing regression caused when the root LV is completely in the boot LUN (bsc#1197948)
Family:unixClass:patch
Status:Reference(s):1040364
1127650
1135481
1152489
1160010
1167032
1168202
1174969
1175052
1175543
1177399
1180141
1180347
1181148
1181972
1184114
1184180
1185675
1185902
1186264
1186731
1187211
1187455
1187468
1187619
1188067
1188172
1188418
1188439
1188616
1188780
1188781
1188782
1188783
1188784
1188786
1188787
1188788
1188790
1188878
1188885
1188924
1188982
1188983
1188985
1189021
1189057
1189077
1189153
1189197
1189209
1189210
1189212
1189213
1189214
1189215
1189216
1189217
1189218
1189219
1189220
1189221
1189222
1189229
1189262
1189291
1189292
1189298
1189301
1189305
1189323
1189384
1189385
1189392
1189399
1189400
1189427
1189449
1189503
1189504
1189505
1189506
1189507
1189562
1189563
1189564
1189565
1189566
1189567
1189568
1189569
1189573
1189574
1189575
1189576
1189577
1189579
1189581
1189582
1189583
1189585
1189586
1189587
1189706
1189760
1189832
1189841
1189870
1189883
1190025
1190115
1190117
1190131
1190181
1191184
1191185
1191186
1193282
1197948
1198460
1198493
1198495
1198496
1198581
CVE-2021-34556
CVE-2021-35477
CVE-2021-3640
CVE-2021-3653
CVE-2021-3656
CVE-2021-3679
CVE-2021-3695
CVE-2021-3696
CVE-2021-3697
CVE-2021-3732
CVE-2021-3739
CVE-2021-3743
CVE-2021-3753
CVE-2021-3759
CVE-2021-38160
CVE-2021-38198
CVE-2021-38204
CVE-2021-38205
CVE-2021-38207
CVE-2022-28733
CVE-2022-28734
CVE-2022-28735
CVE-2022-28736
SUSE-SU-2022:2035-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP4
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND grub2-x86_64-xen-2.06-150400.11.5.2 is installed
    • BACK