SUSE-SU-2020:2171-1

Опубликовано: 07 авг. 2020

Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

bsc#1174543 - secure boot related fixes
bsc#1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf() usages

Список пакетов

HPE Helion OpenStack 8

xen-4.9.4_10-3.71.1

xen-doc-html-4.9.4_10-3.71.1

xen-libs-4.9.4_10-3.71.1

xen-libs-32bit-4.9.4_10-3.71.1

xen-tools-4.9.4_10-3.71.1

xen-tools-domU-4.9.4_10-3.71.1

SUSE Enterprise Storage 5

xen-4.9.4_10-3.71.1

xen-doc-html-4.9.4_10-3.71.1

xen-libs-4.9.4_10-3.71.1

xen-libs-32bit-4.9.4_10-3.71.1

xen-tools-4.9.4_10-3.71.1

xen-tools-domU-4.9.4_10-3.71.1

SUSE Linux Enterprise Server 12 SP3-BCL

xen-4.9.4_10-3.71.1

xen-doc-html-4.9.4_10-3.71.1

xen-libs-4.9.4_10-3.71.1

xen-libs-32bit-4.9.4_10-3.71.1

xen-tools-4.9.4_10-3.71.1

xen-tools-domU-4.9.4_10-3.71.1

SUSE Linux Enterprise Server 12 SP3-LTSS

xen-4.9.4_10-3.71.1

xen-doc-html-4.9.4_10-3.71.1

xen-libs-4.9.4_10-3.71.1

xen-libs-32bit-4.9.4_10-3.71.1

xen-tools-4.9.4_10-3.71.1

xen-tools-domU-4.9.4_10-3.71.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

xen-4.9.4_10-3.71.1

xen-doc-html-4.9.4_10-3.71.1

xen-libs-4.9.4_10-3.71.1

xen-libs-32bit-4.9.4_10-3.71.1

xen-tools-4.9.4_10-3.71.1

xen-tools-domU-4.9.4_10-3.71.1

SUSE OpenStack Cloud 8

xen-4.9.4_10-3.71.1

xen-doc-html-4.9.4_10-3.71.1

xen-libs-4.9.4_10-3.71.1

xen-libs-32bit-4.9.4_10-3.71.1

xen-tools-4.9.4_10-3.71.1

xen-tools-domU-4.9.4_10-3.71.1

SUSE OpenStack Cloud Crowbar 8

xen-4.9.4_10-3.71.1

xen-doc-html-4.9.4_10-3.71.1

xen-libs-4.9.4_10-3.71.1

xen-libs-32bit-4.9.4_10-3.71.1

xen-tools-4.9.4_10-3.71.1

xen-tools-domU-4.9.4_10-3.71.1

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20202171-1/
Link for SUSE-SU-2020:2171-1
https://lists.suse.com/pipermail/sle-security-updates/2020-August/007243.html
E-Mail link for SUSE-SU-2020:2171-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1163019
SUSE Bug 1163019
https://bugzilla.suse.com/1174543
SUSE Bug 1174543
https://www.suse.com/security/cve/CVE-2020-8608/
SUSE CVE CVE-2020-8608 page

Описание

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

Затронутые продукты

HPE Helion OpenStack 8:xen-4.9.4_10-3.71.1

HPE Helion OpenStack 8:xen-doc-html-4.9.4_10-3.71.1

HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_10-3.71.1

HPE Helion OpenStack 8:xen-libs-4.9.4_10-3.71.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-8608.html
CVE-2020-8608
https://bugzilla.suse.com/1163018
SUSE Bug 1163018
https://bugzilla.suse.com/1163019
SUSE Bug 1163019

SUSE-SU-2020:2171-1

Описание

Список пакетов

HPE Helion OpenStack 8

SUSE Enterprise Storage 5

SUSE Linux Enterprise Server 12 SP3-BCL

SUSE Linux Enterprise Server 12 SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud Crowbar 8

Ссылки

Уязвимость: CVE-2020-8608

Описание

Затронутые продукты

Ссылки