OVAL Reference oval:org.opensuse.security:def:1083

Oval Definition:

oval:org.opensuse.security:def:1083

Revision Date:	2022-02-17	Version:	1
Title:	Security update for tiff (Important)
Description:	This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb (bsc#1071031). - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image (bsc#1154365). - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS via the invertImage() function (bsc#1190312). - CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808). - CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809). - CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811). - CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812). - CVE-2022-22844: Fixed out-of-bounds read in _TIFFmemcpy in tif_unix.c (bsc#1194539).
Family:	unix	Class:	patch
Status:		Reference(s):	1071031 1154365 1182808 1182809 1182811 1182812 1190312 1194539 CVE-2006-7243 CVE-2006-7243 CVE-2010-2225 CVE-2010-2225 CVE-2010-2950 CVE-2010-2950 CVE-2010-3436 CVE-2010-3436 CVE-2010-3709 CVE-2010-3709 CVE-2010-3710 CVE-2010-3710 CVE-2010-4150 CVE-2010-4150 CVE-2010-4645 CVE-2010-4645 CVE-2011-0420 CVE-2011-0420 CVE-2011-0421 CVE-2011-0421 CVE-2011-0708 CVE-2011-0708 CVE-2011-1092 CVE-2011-1092 CVE-2011-1153 CVE-2011-1153 CVE-2011-1466 CVE-2011-1466 CVE-2011-2202 CVE-2011-2202 CVE-2011-3379 CVE-2011-3379 CVE-2011-4153 CVE-2011-4153 CVE-2011-4566 CVE-2011-4566 CVE-2011-4718 CVE-2011-4718 CVE-2011-4885 CVE-2011-4885 CVE-2012-0830 CVE-2012-0830 CVE-2012-1823 CVE-2012-1823 CVE-2012-2311 CVE-2012-2311 CVE-2012-2335 CVE-2012-2335 CVE-2012-2336 CVE-2012-2336 CVE-2012-2688 CVE-2012-2688 CVE-2012-3365 CVE-2012-3365 CVE-2013-1635 CVE-2013-1635 CVE-2013-1643 CVE-2013-1643 CVE-2013-1824 CVE-2013-1824 CVE-2013-4113 CVE-2013-4113 CVE-2013-4248 CVE-2013-4248 CVE-2013-6420 CVE-2013-6420 CVE-2013-6712 CVE-2013-6712 CVE-2013-7327 CVE-2013-7327 CVE-2013-7345 CVE-2013-7345 CVE-2014-0185 CVE-2014-0185 CVE-2014-0237 CVE-2014-0237 CVE-2014-0238 CVE-2014-0238 CVE-2014-1943 CVE-2014-1943 CVE-2014-2270 CVE-2014-2270 CVE-2014-2497 CVE-2014-2497 CVE-2014-3538 CVE-2014-3538 CVE-2014-3587 CVE-2014-3587 CVE-2014-3597 CVE-2014-3597 CVE-2014-3622 CVE-2014-3622 CVE-2014-3668 CVE-2014-3668 CVE-2014-3669 CVE-2014-3669 CVE-2014-3670 CVE-2014-3670 CVE-2014-4049 CVE-2014-4049 CVE-2014-4607 CVE-2014-4670 CVE-2014-4670 CVE-2014-4698 CVE-2014-4698 CVE-2014-5120 CVE-2014-5120 CVE-2014-5459 CVE-2014-5459 CVE-2014-9426 CVE-2014-9426 CVE-2014-9427 CVE-2014-9427 CVE-2015-0231 CVE-2015-0231 CVE-2015-0232 CVE-2015-0232 CVE-2015-0235 CVE-2015-0235 CVE-2015-0273 CVE-2015-0273 CVE-2015-1351 CVE-2015-1351 CVE-2015-1352 CVE-2015-1352 CVE-2015-2305 CVE-2015-2305 CVE-2015-2325 CVE-2015-2325 CVE-2015-2326 CVE-2015-2326 CVE-2015-2331 CVE-2015-2331 CVE-2015-3152 CVE-2015-3152 CVE-2015-3414 CVE-2015-3414 CVE-2015-3415 CVE-2015-3415 CVE-2015-3416 CVE-2015-3416 CVE-2017-17095 CVE-2019-17546 CVE-2019-3827 CVE-2020-19131 CVE-2020-35521 CVE-2020-35522 CVE-2020-35523 CVE-2020-35524 CVE-2022-22844 SUSE-SU-2022:0480-1
Platform(s):	openSUSE 13.2 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Storage 7.1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 15 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 SUSE Package Hub for SUSE Linux Enterprise 12 SP1 SUSE Package Hub for SUSE Linux Enterprise 15	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND haproxy-1.5.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND puppet-3.8.5-14 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND Package Information liblzo2-2-2.10-2.22 is installed OR lzo-devel-2.10-2.22 is installed OR lzo-devel-static-2.10-2.22 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Desktop Applications 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND libtiff5-32bit-4.0.9-45.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information ruby2.5-rubygem-sprockets-3.7.2-3.3 is installed OR rubygem-sprockets-3.7.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information libxmlsec1-gcrypt1-1.2.26-3.3 is installed OR libxmlsec1-gnutls1-1.2.26-3.3 is installed OR libxmlsec1-openssl1-1.2.26-3.3 is installed OR xmlsec1-1.2.26-3.3 is installed OR xmlsec1-gnutls-devel-1.2.26-3.3 is installed OR xmlsec1-openssl-devel-1.2.26-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information gvfs-1.34.2.1-4.6 is installed OR gvfs-backend-afc-1.34.2.1-4.6 is installed OR gvfs-backend-samba-1.34.2.1-4.6 is installed OR gvfs-backends-1.34.2.1-4.6 is installed OR gvfs-devel-1.34.2.1-4.6 is installed OR gvfs-fuse-1.34.2.1-4.6 is installed OR gvfs-lang-1.34.2.1-4.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information kernel-default-4.12.14-150.17 is installed OR reiserfs-kmp-default-4.12.14-150.17 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-2-2 is installed OR kernel-livepatch-SLE15_Update_1-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information php7-7.2.5-4.35 is installed OR php7-embed-7.2.5-4.35 is installed OR php7-readline-7.2.5-4.35 is installed OR php7-sodium-7.2.5-4.35 is installed OR php7-tidy-7.2.5-4.35 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.5 is installed OR kernel-azure-base-4.12.14-5.5 is installed OR kernel-azure-devel-4.12.14-5.5 is installed OR kernel-devel-azure-4.12.14-5.5 is installed OR kernel-source-azure-4.12.14-5.5 is installed OR kernel-syms-azure-4.12.14-5.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information openslp-2.0.0-6.3 is installed OR openslp-server-2.0.0-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-2 is installed OR php7-7.2.5-2 is installed OR php7-bcmath-7.2.5-2 is installed OR php7-bz2-7.2.5-2 is installed OR php7-calendar-7.2.5-2 is installed OR php7-ctype-7.2.5-2 is installed OR php7-curl-7.2.5-2 is installed OR php7-dba-7.2.5-2 is installed OR php7-devel-7.2.5-2 is installed OR php7-dom-7.2.5-2 is installed OR php7-enchant-7.2.5-2 is installed OR php7-exif-7.2.5-2 is installed OR php7-fastcgi-7.2.5-2 is installed OR php7-fileinfo-7.2.5-2 is installed OR php7-fpm-7.2.5-2 is installed OR php7-ftp-7.2.5-2 is installed OR php7-gd-7.2.5-2 is installed OR php7-gettext-7.2.5-2 is installed OR php7-gmp-7.2.5-2 is installed OR php7-iconv-7.2.5-2 is installed OR php7-intl-7.2.5-2 is installed OR php7-json-7.2.5-2 is installed OR php7-ldap-7.2.5-2 is installed OR php7-mbstring-7.2.5-2 is installed OR php7-mysql-7.2.5-2 is installed OR php7-odbc-7.2.5-2 is installed OR php7-opcache-7.2.5-2 is installed OR php7-openssl-7.2.5-2 is installed OR php7-pcntl-7.2.5-2 is installed OR php7-pdo-7.2.5-2 is installed OR php7-pear-7.2.5-2 is installed OR php7-pear-Archive_Tar-7.2.5-2 is installed OR php7-pgsql-7.2.5-2 is installed OR php7-phar-7.2.5-2 is installed OR php7-posix-7.2.5-2 is installed OR php7-shmop-7.2.5-2 is installed OR php7-snmp-7.2.5-2 is installed OR php7-soap-7.2.5-2 is installed OR php7-sockets-7.2.5-2 is installed OR php7-sqlite-7.2.5-2 is installed OR php7-sysvmsg-7.2.5-2 is installed OR php7-sysvsem-7.2.5-2 is installed OR php7-sysvshm-7.2.5-2 is installed OR php7-tokenizer-7.2.5-2 is installed OR php7-wddx-7.2.5-2 is installed OR php7-xmlreader-7.2.5-2 is installed OR php7-xmlrpc-7.2.5-2 is installed OR php7-xmlwriter-7.2.5-2 is installed OR php7-xsl-7.2.5-2 is installed OR php7-zip-7.2.5-2 is installed OR php7-zlib-7.2.5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND davfs2-1.5.2-2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND unzip-6.00-32.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information PackageKit-gstreamer-plugin-1.1.10-2 is installed OR PackageKit-gtk3-module-1.1.10-2 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 12 SP1 is installed AND Package Information kinit-5.20.0-5 is installed OR kinit-devel-5.20.0-5 is installed OR kinit-lang-5.20.0-5 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 15 is installed AND gitolite-3.6.9-bp150.3.3 is installed

BACK