OVAL Reference oval:org.opensuse.security:def:2833

Oval Definition:

oval:org.opensuse.security:def:2833

Revision Date:	2020-12-02	Version:	1
Title:	Security update for libexif (Moderate)
Description:	This update for libexif to 0.6.22 fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file (bsc#1055857). - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c (bsc#1059893). - CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943). - CVE-2019-9278: Fixed an integer overflow (bsc#1160770). - CVE-2020-0093: Fixed an out-of-bounds read in exif_data_save_data_entry (bsc#1171847). - CVE-2020-12767: Fixed a divide-by-zero error in exif_entry_get_value (bsc#1171475). - CVE-2020-13112: Fixed a time consumption DoS when parsing canon array markers (bsc#1172121). - CVE-2020-13113: Fixed a potential use of uninitialized memory (bsc#1172105). - CVE-2020-13114: Fixed various buffer overread fixes due to integer overflows in maker notes (bsc#1172116). Non-security issues fixed: - libexif was updated to version 0.6.22: * New translations: ms * Updated translations for most languages * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER
Family:	unix	Class:	patch
Status:		Reference(s):	1051510 1055857 1059893 1071995 1082318 1088047 1098633 1103990 1103991 1103992 1106383 1109837 1111666 1112374 1114685 1115015 1115022 1115025 1119113 1119532 1120423 1120943 1125703 1128828 1128902 1130836 1131645 1132390 1133401 1133738 1134303 1134395 1135556 1135642 1135897 1136161 1136264 1136343 1136935 1137625 1137728 1137825 1137835 1138872 1138879 1139712 1139751 1139771 1139865 1140133 1140228 1140328 1140405 1140424 1140428 1140454 1140463 1140575 1140577 1140637 1140658 1140715 1140719 1140726 1140727 1140728 1140814 1140887 1140888 1140889 1140891 1140893 1140948 1140954 1140955 1140956 1140957 1140958 1140959 1140960 1140961 1140962 1140964 1140971 1140972 1140992 1141853 1142614 1145092 1145575 1145579 1145580 1145582 1145738 1145739 1145740 1145741 1145742 1148931 1153674 1155419 1160770 1171475 1171847 1172105 1172116 1172121 CVE-2016-6328 CVE-2017-7544 CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2018-20030 CVE-2018-20836 CVE-2018-20852 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-10126 CVE-2019-10208 CVE-2019-10638 CVE-2019-10639 CVE-2019-11599 CVE-2019-11708 CVE-2019-12387 CVE-2019-12779 CVE-2019-13233 CVE-2019-14287 CVE-2019-15681 CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-9278 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2019-9517 CVE-2019-9893 CVE-2020-0093 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 SUSE-SU-2019:1682-1 SUSE-SU-2019:1731-1 SUSE-SU-2019:1812-1 SUSE-SU-2019:1854-1 SUSE-SU-2019:2114-1 SUSE-SU-2019:2237-1 SUSE-SU-2019:2309-1 SUSE-SU-2019:2428-1 SUSE-SU-2019:2517-1 SUSE-SU-2019:2656-1 SUSE-SU-2019:2707-1 SUSE-SU-2020:1553-1 SUSE-SU-2020:2009-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for High Performance Computing 12 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Realtime packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SP1	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information colord-1.1.7-2 is installed OR colord-gtk-lang-0.1.25-3 is installed OR colord-lang-1.1.7-2 is installed OR libcolord-gtk1-0.1.25-3 is installed OR libcolord2-1.1.7-2 is installed OR libcolord2-32bit-1.1.7-2 is installed OR libcolorhug2-1.1.7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information MozillaFirefox-45.7.0esr-99 is installed OR MozillaFirefox-translations-45.7.0esr-99 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND ctags-5.8-7 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.73-5 is installed OR dlm-kmp-default-4.4.73-5 is installed OR gfs2-kmp-default-4.4.73-5 is installed OR ocfs2-kmp-default-4.4.73-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND haproxy-1.6.11-10 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information graphviz-addons-2.40.1-6.3 is installed OR graphviz-gnome-2.40.1-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information python-SQLAlchemy-1.2.14-6.3 is installed OR python2-SQLAlchemy-1.2.14-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libexif-0.6.22-5.6 is installed OR libexif-devel-0.6.22-5.6 is installed OR libexif12-0.6.22-5.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 12 is installed AND Package Information libslurm29-16.05.8.1-5 is installed OR perl-slurm-16.05.8.1-5 is installed OR slurm-16.05.8.1-5 is installed OR slurm-auth-none-16.05.8.1-5 is installed OR slurm-devel-16.05.8.1-5 is installed OR slurm-doc-16.05.8.1-5 is installed OR slurm-lua-16.05.8.1-5 is installed OR slurm-munge-16.05.8.1-5 is installed OR slurm-pam_slurm-16.05.8.1-5 is installed OR slurm-plugins-16.05.8.1-5 is installed OR slurm-sched-wiki-16.05.8.1-5 is installed OR slurm-slurmdbd-16.05.8.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.35-3.20 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.35-3.20 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.35-3.20 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.35-3.20 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-openjdk-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.212-3.19 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-25.3 is installed OR kernel-default-livepatch-4.12.14-25.3 is installed OR kernel-livepatch-4_12_14-25_3-default-1-1.3 is installed OR kernel-livepatch-SLE15_Update_1-1-1.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-195-default-2-4 is installed OR kernel-livepatch-SLE15-SP1_Update_0-2-4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information MozillaFirefox-60.7.2-3.48 is installed OR MozillaFirefox-branding-upstream-60.7.2-3.48 is installed OR MozillaFirefox-buildsymbols-60.7.2-3.48 is installed OR MozillaFirefox-devel-60.7.2-3.48 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information curl-7.66.0-4.3 is installed OR curl-mini-7.66.0-4.3 is installed OR libcurl-devel-32bit-7.66.0-4.3 is installed OR libcurl-mini-devel-7.66.0-4.3 is installed OR libcurl4-mini-7.66.0-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.8 is installed OR kernel-azure-base-4.12.14-5.8 is installed OR kernel-azure-devel-4.12.14-5.8 is installed OR kernel-devel-azure-4.12.14-5.8 is installed OR kernel-source-azure-4.12.14-5.8 is installed OR kernel-syms-azure-4.12.14-5.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information kernel-azure-4.12.14-8.22 is installed OR kernel-azure-base-4.12.14-8.22 is installed OR kernel-azure-devel-4.12.14-8.22 is installed OR kernel-devel-azure-4.12.14-8.22 is installed OR kernel-source-azure-4.12.14-8.22 is installed OR kernel-syms-azure-4.12.14-8.22 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-libxml2-python-2.9.7-3.12 is installed OR python2-libxml2-python-2.9.7-3.12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Realtime packages 15 SP1 is installed AND Package Information cluster-md-kmp-rt-4.12.14-14.8 is installed OR dlm-kmp-rt-4.12.14-14.8 is installed OR gfs2-kmp-rt-4.12.14-14.8 is installed OR kernel-devel-rt-4.12.14-14.8 is installed OR kernel-rt-4.12.14-14.8 is installed OR kernel-rt-base-4.12.14-14.8 is installed OR kernel-rt-devel-4.12.14-14.8 is installed OR kernel-rt_debug-4.12.14-14.8 is installed OR kernel-rt_debug-devel-4.12.14-14.8 is installed OR kernel-source-rt-4.12.14-14.8 is installed OR kernel-syms-rt-4.12.14-14.8 is installed OR ocfs2-kmp-rt-4.12.14-14.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information openssh-7.6p1-9.3 is installed OR openssh-fips-7.6p1-9.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information subversion-1.10.6-3.6 is installed OR subversion-server-1.10.6-3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9 is installed OR gcc5-5.3.1+r233831-9 is installed OR gcc5-c++-5.3.1+r233831-9 is installed OR gcc5-fortran-5.3.1+r233831-9 is installed OR gcc5-info-5.3.1+r233831-9 is installed OR gcc5-locale-5.3.1+r233831-9 is installed OR libffi-devel-gcc5-5.3.1+r233831-9 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-4 is installed OR php5-5.5.14-4 is installed OR php5-bcmath-5.5.14-4 is installed OR php5-bz2-5.5.14-4 is installed OR php5-calendar-5.5.14-4 is installed OR php5-ctype-5.5.14-4 is installed OR php5-curl-5.5.14-4 is installed OR php5-dba-5.5.14-4 is installed OR php5-dom-5.5.14-4 is installed OR php5-enchant-5.5.14-4 is installed OR php5-exif-5.5.14-4 is installed OR php5-fastcgi-5.5.14-4 is installed OR php5-fileinfo-5.5.14-4 is installed OR php5-fpm-5.5.14-4 is installed OR php5-ftp-5.5.14-4 is installed OR php5-gd-5.5.14-4 is installed OR php5-gettext-5.5.14-4 is installed OR php5-gmp-5.5.14-4 is installed OR php5-iconv-5.5.14-4 is installed OR php5-intl-5.5.14-4 is installed OR php5-json-5.5.14-4 is installed OR php5-ldap-5.5.14-4 is installed OR php5-mbstring-5.5.14-4 is installed OR php5-mcrypt-5.5.14-4 is installed OR php5-mysql-5.5.14-4 is installed OR php5-odbc-5.5.14-4 is installed OR php5-openssl-5.5.14-4 is installed OR php5-pcntl-5.5.14-4 is installed OR php5-pdo-5.5.14-4 is installed OR php5-pear-5.5.14-4 is installed OR php5-pgsql-5.5.14-4 is installed OR php5-pspell-5.5.14-4 is installed OR php5-shmop-5.5.14-4 is installed OR php5-snmp-5.5.14-4 is installed OR php5-soap-5.5.14-4 is installed OR php5-sockets-5.5.14-4 is installed OR php5-sqlite-5.5.14-4 is installed OR php5-suhosin-5.5.14-4 is installed OR php5-sysvmsg-5.5.14-4 is installed OR php5-sysvsem-5.5.14-4 is installed OR php5-sysvshm-5.5.14-4 is installed OR php5-tokenizer-5.5.14-4 is installed OR php5-wddx-5.5.14-4 is installed OR php5-xmlreader-5.5.14-4 is installed OR php5-xmlrpc-5.5.14-4 is installed OR php5-xmlwriter-5.5.14-4 is installed OR php5-xsl-5.5.14-4 is installed OR php5-zip-5.5.14-4 is installed OR php5-zlib-5.5.14-4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs10-10.16.0-1.9 is installed OR nodejs10-devel-10.16.0-1.9 is installed OR nodejs10-docs-10.16.0-1.9 is installed OR npm10-10.16.0-1.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information accountsservice-0.6.35-1 is installed OR accountsservice-lang-0.6.35-1 is installed OR libaccountsservice0-0.6.35-1 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information glibc-2.19-22.16.2 is installed OR glibc-devel-static-2.19-22.16.2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information avahi-compat-howl-devel-0.6.31-20 is installed OR avahi-compat-mDNSResponder-devel-0.6.31-20 is installed OR libavahi-devel-0.6.31-20 is installed OR libhowl0-0.6.31-20 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information nut-cgi-2.7.1-4.84 is installed OR nut-devel-2.7.1-4.84 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.21 is installed OR kernel-default-extra-4.12.14-197.21 is installed

BACK