Oval Definition:	oval:org.opensuse.security:def:2853
Revision Date: 2020-12-02 Version: 1 Title: Security update for jasper (Moderate) Description: This update for jasper fixes the following issues: - CVE-2016-9398: Improved patch for already fixed issue (bsc#1010979). - CVE-2016-9399: Fix assert in calcstepsizes (bsc#1010980). - CVE-2017-5499: Validate component depth bit (bsc#1020451). - CVE-2017-5503: Check bounds in jas_seq2d_bindsub() (bsc#1020456). - CVE-2017-5504: Check bounds in jas_seq2d_bindsub() (bsc#1020458). - CVE-2017-5505: Check bounds in jas_seq2d_bindsub() (bsc#1020460). - CVE-2017-14132: Fix heap base overflow in by checking components (bsc#1057152). - CVE-2018-9252: Fix reachable assertion in jpc_abstorelstepsize (bsc#1088278). - CVE-2018-18873: Fix null pointer deref in ras_putdatastd (bsc#1114498). - CVE-2018-19139: Fix mem leaks by registering jpc_unk_destroyparms (bsc#1115637). - CVE-2018-19543, bsc#1045450 CVE-2017-9782: Fix numchans mixup (bsc#1117328). - CVE-2018-20570: Fix heap based buffer over-read in jp2_encode (bsc#1120807). - CVE-2018-20622: Fix memory leak in jas_malloc.c (bsc#1120805). Family: unix Class: patch Status: Reference(s): 1010979 1010980 1020451 1020456 1020458 1020460 1045450 1047962 1049826 1053177 1057152 1065022 1088278 1099019 1102261 1110542 1111319 1111966 1112911 1113296 1114498 1114908 1115341 1115637 1116840 1117328 1118758 1119373 1119820 1119873 1120263 1120463 1120629 1120630 1120631 1120805 1120807 1121611 1122062 1122471 1123137 1123681 1123843 1123865 1123967 1124897 1125415 1127026 1127155 1127220 1130161 1131055 1131823 1135749 1136085 1137977 1138459 1138939 1141689 1148931 1149121 1149203 1149495 1149496 1149792 1149955 1151490 1152082 1153165 1153238 1153332 1154217 1154402 1177895 663358 764147 965786 978193 993025 CVE-2016-9398 CVE-2016-9399 CVE-2017-14132 CVE-2017-5499 CVE-2017-5503 CVE-2017-5504 CVE-2017-5505 CVE-2017-9782 CVE-2018-16301 CVE-2018-18873 CVE-2018-19139 CVE-2018-19543 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2018-20570 CVE-2018-20622 CVE-2018-9252 CVE-2019-0199 CVE-2019-0221 CVE-2019-10160 CVE-2019-12904 CVE-2019-14853 CVE-2019-14859 CVE-2019-15165 CVE-2019-16056 CVE-2019-16276 CVE-2019-16935 CVE-2019-17596 CVE-2019-5481 CVE-2019-5482 CVE-2019-6446 CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2020-27153 SUSE-SU-2019:1895-1 SUSE-SU-2019:1971-1 SUSE-SU-2019:2030-1 SUSE-SU-2019:2064-1 SUSE-SU-2019:2373-1 SUSE-SU-2019:2428-1 SUSE-SU-2019:2462-2 SUSE-SU-2019:2673-1 SUSE-SU-2019:2802-1 SUSE-SU-2019:2891-1 SUSE-SU-2019:2940-1 SUSE-SU-2020:2689-1 SUSE-SU-2020:3165-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability Extension 11 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for High Performance Computing 15 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagickCore-6_Q16-1-6.8.8.1-5 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-5 is installed OR libMagickWand-6_Q16-1-6.8.8.1-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libvmtools0-10.1.0-8 is installed OR open-vm-tools-10.1.0-8 is installed OR open-vm-tools-desktop-10.1.0-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND python-requests-2.11.1-6.28 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 is installed AND Package Information cluster-md-kmp-default-4.12.14-25.3 is installed OR dlm-kmp-default-4.12.14-25.3 is installed OR gfs2-kmp-default-4.12.14-25.3 is installed OR kernel-default-4.12.14-25.3 is installed OR ocfs2-kmp-default-4.12.14-25.3 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information libxmlsec1-gcrypt1-1.2.26-3.3 is installed OR libxmlsec1-gnutls1-1.2.26-3.3 is installed OR libxmlsec1-openssl1-1.2.26-3.3 is installed OR xmlsec1-1.2.26-3.3 is installed OR xmlsec1-gnutls-devel-1.2.26-3.3 is installed OR xmlsec1-openssl-devel-1.2.26-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information python-Werkzeug-0.14.1-6.3 is installed OR python2-Werkzeug-0.14.1-6.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND python-PyYAML-3.10-15 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information jasper-2.0.14-3.16 is installed OR libjasper-devel-2.0.14-3.16 is installed Definition Synopsis SUSE Linux Enterprise Module for High Performance Computing 15 is installed AND Package Information python-numpy_1_14_0-gnu-hpc-1.14.0-4.5 is installed OR python2-numpy-gnu-hpc-1.14.0-4.5 is installed OR python2-numpy-gnu-hpc-devel-1.14.0-4.5 is installed OR python2-numpy_1_14_0-gnu-hpc-1.14.0-4.5 is installed OR python2-numpy_1_14_0-gnu-hpc-devel-1.14.0-4.5 is installed OR python3-numpy-gnu-hpc-1.14.0-4.5 is installed OR python3-numpy-gnu-hpc-devel-1.14.0-4.5 is installed OR python3-numpy_1_14_0-gnu-hpc-1.14.0-4.5 is installed OR python3-numpy_1_14_0-gnu-hpc-devel-1.14.0-4.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND syslog-ng-3.4.5-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information kernel-default-4.12.14-150.14 is installed OR reiserfs-kmp-default-4.12.14-150.14 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.21 is installed OR reiserfs-kmp-default-4.12.14-197.21 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-2-2 is installed OR kernel-livepatch-SLE15_Update_1-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.7 is installed OR kernel-default-livepatch-4.12.14-197.7 is installed OR kernel-default-livepatch-devel-4.12.14-197.7 is installed OR kernel-livepatch-4_12_14-197_7-default-1-3.3 is installed OR kernel-livepatch-SLE15-SP1_Update_2-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information tomcat-9.0.21-4.5 is installed OR tomcat-docs-webapp-9.0.21-4.5 is installed OR tomcat-embed-9.0.21-4.5 is installed OR tomcat-javadoc-9.0.21-4.5 is installed OR tomcat-jsvc-9.0.21-4.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.13 is installed OR kernel-azure-base-4.12.14-5.13 is installed OR kernel-azure-devel-4.12.14-5.13 is installed OR kernel-devel-azure-4.12.14-5.13 is installed OR kernel-source-azure-4.12.14-5.13 is installed OR kernel-syms-azure-4.12.14-5.13 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information kernel-azure-4.12.14-8.19 is installed OR kernel-azure-base-4.12.14-8.19 is installed OR kernel-azure-devel-4.12.14-8.19 is installed OR kernel-devel-azure-4.12.14-8.19 is installed OR kernel-source-azure-4.12.14-8.19 is installed OR kernel-syms-azure-4.12.14-8.19 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information python-urllib3-1.24-9.4 is installed OR python2-urllib3-1.24-9.4 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information rsyslog-8.33.1-3.3 is installed OR rsyslog-module-gssapi-8.33.1-3.3 is installed OR rsyslog-module-mysql-8.33.1-3.3 is installed OR rsyslog-module-pgsql-8.33.1-3.3 is installed OR rsyslog-module-relp-8.33.1-3.3 is installed OR rsyslog-module-snmp-8.33.1-3.3 is installed OR rsyslog-module-udpspoof-8.33.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information 389-ds-1.4.0.26~git0.8a2d3de6f-4.14 is installed OR 389-ds-devel-1.4.0.26~git0.8a2d3de6f-4.14 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND apache2-mod_wsgi-4.4.13-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs8-8.15.0-3.11 is installed OR nodejs8-devel-8.15.0-3.11 is installed OR nodejs8-docs-8.15.0-3.11 is installed OR npm8-8.15.0-3.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information MozillaFirefox-31.1.0esr-1 is installed OR MozillaFirefox-translations-31.1.0esr-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information postgresql93-devel-9.3.11-14.1 is installed OR postgresql93-libs-9.3.11-14.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND flac-devel-1.3.0-6 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND ruby2.1-devel-2.1.2-12.3 is installed
BACK