Oval Definition:oval:org.opensuse.security:def:1530
Revision Date:2022-02-17Version:1
Title:Security update for tiff (Important)
Description:

This update for tiff fixes the following issues:

- CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb (bsc#1071031). - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image (bsc#1154365). - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS via the invertImage() function (bsc#1190312). - CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808). - CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809). - CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811). - CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812). - CVE-2022-22844: Fixed out-of-bounds read in _TIFFmemcpy in tif_unix.c (bsc#1194539).
Family:unixClass:patch
Status:Reference(s):1071031
1096180
1154365
1182808
1182809
1182811
1182812
1190312
1194539
CVE-2011-3616
CVE-2017-14798
CVE-2017-17095
CVE-2018-11439
CVE-2018-11439
CVE-2019-17546
CVE-2020-19131
CVE-2020-35521
CVE-2020-35522
CVE-2020-35523
CVE-2020-35524
CVE-2022-22844
SUSE-SU-2019:1374-2
SUSE-SU-2022:0480-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for CAP 15 SP1
SUSE Linux Enterprise Module for Containers 15
SUSE Linux Enterprise Module for Containers 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Package Hub 15 SP3
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND wdiff-1.2.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • MozillaFirefox-38.4.0esr-51 is installed
  • OR MozillaFirefox-translations-38.4.0esr-51 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-45.4.0esr-81 is installed
  • OR MozillaFirefox-translations-45.4.0esr-81 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • MozillaFirefox-52.2.0esr-108 is installed
  • OR MozillaFirefox-translations-52.2.0esr-108 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND Package Information
  • conky-1.11.5-1.20 is installed
  • OR conky-doc-1.11.5-1.20 is installed
  • OR vim-plugin-conky-1.11.5-1.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libtag1-1.11.1-4.3 is installed
  • OR taglib-1.11.1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for CAP 15 SP1 is installed
  • AND cf-cli-6.43.0-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 is installed
  • AND Package Information
  • docker-18.09.6_ce-6.20 is installed
  • OR docker-bash-completion-18.09.6_ce-6.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 SP1 is installed
  • AND Package Information
  • docker-18.09.6_ce-6.20 is installed
  • OR docker-bash-completion-18.09.6_ce-6.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • cairo-1.15.10-4.5 is installed
  • OR libcairo2-32bit-1.15.10-4.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • gvim-8.0.1568-5.3 is installed
  • OR vim-8.0.1568-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND Package Information
  • git-2.16.4-3.3 is installed
  • OR git-arch-2.16.4-3.3 is installed
  • OR git-cvs-2.16.4-3.3 is installed
  • OR git-daemon-2.16.4-3.3 is installed
  • OR git-doc-2.16.4-3.3 is installed
  • OR git-email-2.16.4-3.3 is installed
  • OR git-gui-2.16.4-3.3 is installed
  • OR git-svn-2.16.4-3.3 is installed
  • OR git-web-2.16.4-3.3 is installed
  • OR gitk-2.16.4-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.12 is installed
  • OR ffmpeg-private-devel-3.4.2-4.12 is installed
  • OR libavdevice-devel-3.4.2-4.12 is installed
  • OR libavdevice57-3.4.2-4.12 is installed
  • OR libavfilter-devel-3.4.2-4.12 is installed
  • OR libavfilter6-3.4.2-4.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Package Hub 15 SP3 is installed
  • AND Package Information
  • libtiff5-32bit-4.0.9-45.5.1 is installed
  • OR tiff-4.0.9-45.5.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • postgresql-contrib-10-6 is installed
  • OR postgresql-devel-10-6 is installed
  • OR postgresql-docs-10-6 is installed
  • OR postgresql-plperl-10-6 is installed
  • OR postgresql-plpython-10-6 is installed
  • OR postgresql-pltcl-10-6 is installed
  • OR postgresql-server-10-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • graphviz-addons-2.40.1-6.3 is installed
  • OR graphviz-tcl-2.40.1-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND libevent-2_0-5-2.0.21-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libupsclient1-2.7.1-4.84 is installed
  • OR nut-2.7.1-4.84 is installed
  • OR nut-drivers-net-2.7.1-4.84 is installed
    • BACK