OVAL Reference oval:org.opensuse.security:def:50328

Oval Definition:

oval:org.opensuse.security:def:50328

Revision Date:	2020-12-01	Version:	1
Title:	Security update for tiff (Moderate)
Description:	This update for tiff fixes the following issues: Security issue fixed: - CVE-2018-10779: TIFFWriteScanline in tif_write.c had a heap-based buffer over-read, as demonstrated by bmp2tiff.(bsc#1092480) - CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108637) - CVE-2018-17101: There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. (bsc#1108627) - CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358) - CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. (bsc#1106853)
Family:	unix	Class:	patch
Status:		Reference(s):	1012382 1050242 1051510 1053043 1054914 1055117 1055186 1056787 1058115 1061840 1063638 1064802 1065600 1065729 1066129 1068546 1071995 1075020 1082387 1082555 1083647 1085535 1092480 1099658 1103992 1104139 1104353 1104427 1104967 1106011 1106284 1106853 1108193 1108627 1108637 1108838 1108937 1109158 1110358 1110946 1111696 1112063 1113722 1114279 1114427 1115688 1117158 1117561 1118139 1119086 1119843 1120091 1120423 1120489 1120566 1120843 1120902 1122776 1123034 1123454 1123663 1123919 1124503 1124839 1126356 1127616 1127988 1128052 1128904 1128979 1129138 1129273 1129497 1129693 1129770 1130579 1130699 1130972 1131304 1131326 1131451 1131488 1131565 1131673 1132044 1132728 1132729 1132732 1133135 1133176 1133188 1133190 1133320 1133512 1133612 1133616 1134160 1134162 1134199 1134200 1134201 1134202 1134203 1134204 1134205 1134354 1134393 1134459 1134460 1134461 1134537 1134597 1134651 1134671 1134760 1134806 1134810 1134813 1134848 1134936 1135006 1135007 1135008 1135056 1135100 1135120 1135278 1135281 1135309 1135312 1135314 1135315 1135316 1135320 1135323 1135330 1135492 1135542 1135556 1135603 1135642 1135661 1135758 1136206 1136424 1136428 1136430 1136432 1136434 1136435 1136438 1136439 1136446 1136477 1136478 1136573 1136586 1136881 1136935 1136990 1137069 1137151 1137152 1137153 1137162 1137372 1137444 1137586 1137597 1137739 1137752 1137865 1137959 1139924 1140155 1140683 1140709 1140747 1141013 1142076 1142635 1144902 1145095 1146042 1146360 1146519 1146540 1146664 1148133 1148539 1148712 1148868 1149313 1149446 1149555 1149651 1150381 1150423 1151350 1151610 1151667 1151680 1151793 1151891 1151955 1152024 1152025 1152026 1152143 1152161 1152325 1152457 1152460 1152466 1152972 1152974 1152975 1153163 1153164 1154289 1154598 1158440 1172538 1174543 1174748 1175520 1176400 1176946 1177027 1177340 1177511 1177685 1177724 1177725 CVE-2017-18595 CVE-2018-10779 CVE-2018-15173 CVE-2018-16335 CVE-2018-17100 CVE-2018-17101 CVE-2018-17795 CVE-2018-20217 CVE-2018-3639 CVE-2018-7191 CVE-2019-0199 CVE-2019-10124 CVE-2019-10218 CVE-2019-11041 CVE-2019-11042 CVE-2019-11085 CVE-2019-11477 CVE-2019-11477 CVE-2019-11478 CVE-2019-11478 CVE-2019-11479 CVE-2019-11486 CVE-2019-11487 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-12838 CVE-2019-14821 CVE-2019-14833 CVE-2019-14847 CVE-2019-15291 CVE-2019-17177 CVE-2019-17178 CVE-2019-19316 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2019-3846 CVE-2019-3846 CVE-2019-5489 CVE-2019-9506 CVE-2020-12351 CVE-2020-12352 CVE-2020-25645 SUSE-SU-2018:3327-1 SUSE-SU-2019:1211-1 SUSE-SU-2019:1290-1 SUSE-SU-2019:1535-1 SUSE-SU-2019:1825-1 SUSE-SU-2019:2229-1 SUSE-SU-2019:2503-1 SUSE-SU-2019:2706-1 SUSE-SU-2019:2866-1 SUSE-SU-2019:3078-1 SUSE-SU-2019:3087-1 SUSE-SU-2020:0320-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information cups-1.3.9-8.46.48 is installed OR cups-client-1.3.9-8.46.48 is installed OR cups-libs-1.3.9-8.46.48 is installed OR cups-libs-32bit-1.3.9-8.46.48 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information curl-7.19.7-1.38 is installed OR libcurl4-7.19.7-1.38 is installed OR libcurl4-32bit-7.19.7-1.38 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information bzip2-1.0.6-27 is installed OR libbz2-1-1.0.6-27 is installed OR libbz2-1-32bit-1.0.6-27 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information cups-filters-1.0.58-8 is installed OR cups-filters-cups-browsed-1.0.58-8 is installed OR cups-filters-foomatic-rip-1.0.58-8 is installed OR cups-filters-ghostscript-1.0.58-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information fuse-2.9.3-5 is installed OR libfuse2-2.9.3-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information NetworkManager-1.0.12-12 is installed OR NetworkManager-lang-1.0.12-12 is installed OR libnm-glib-vpn1-1.0.12-12 is installed OR libnm-glib4-1.0.12-12 is installed OR libnm-util2-1.0.12-12 is installed OR libnm0-1.0.12-12 is installed OR typelib-1_0-NM-1_0-1.0.12-12 is installed OR typelib-1_0-NMClient-1_0-1.0.12-12 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information fontconfig-2.11.1-7 is installed OR fontconfig-32bit-2.11.1-7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information java-1_8_0-openjdk-1.8.0.212-3.19 is installed OR java-1_8_0-openjdk-javadoc-1.8.0.212-3.19 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libtiff-devel-4.0.9-5.14 is installed OR libtiff5-4.0.9-5.14 is installed OR tiff-4.0.9-5.14 is installed
Definition Synopsis
SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed AND Package Information libpmi0-18.08.8-3.4 is installed OR libslurm33-18.08.8-3.4 is installed OR perl-Switch-2.17-3.2 is installed OR perl-slurm-18.08.8-3.4 is installed OR slurm-18.08.8-3.4 is installed OR slurm-auth-none-18.08.8-3.4 is installed OR slurm-config-18.08.8-3.4 is installed OR slurm-config-man-18.08.8-3.4 is installed OR slurm-devel-18.08.8-3.4 is installed OR slurm-doc-18.08.8-3.4 is installed OR slurm-lua-18.08.8-3.4 is installed OR slurm-munge-18.08.8-3.4 is installed OR slurm-node-18.08.8-3.4 is installed OR slurm-pam_slurm-18.08.8-3.4 is installed OR slurm-plugins-18.08.8-3.4 is installed OR slurm-slurmdbd-18.08.8-3.4 is installed OR slurm-sql-18.08.8-3.4 is installed OR slurm-sview-18.08.8-3.4 is installed OR slurm-torque-18.08.8-3.4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_28-default-4-2 is installed OR kernel-livepatch-SLE15_Update_8-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information tomcat-9.0.21-3.27 is installed OR tomcat-docs-webapp-9.0.21-3.27 is installed OR tomcat-embed-9.0.21-3.27 is installed OR tomcat-javadoc-9.0.21-3.27 is installed OR tomcat-jsvc-9.0.21-3.27 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information cluster-md-kmp-azure-4.12.14-5.30 is installed OR dlm-kmp-azure-4.12.14-5.30 is installed OR gfs2-kmp-azure-4.12.14-5.30 is installed OR kernel-azure-4.12.14-5.30 is installed OR kernel-azure-base-4.12.14-5.30 is installed OR kernel-azure-devel-4.12.14-5.30 is installed OR kernel-azure-extra-4.12.14-5.30 is installed OR kernel-azure-livepatch-4.12.14-5.30 is installed OR kernel-devel-azure-4.12.14-5.30 is installed OR kernel-source-azure-4.12.14-5.30 is installed OR kernel-syms-azure-4.12.14-5.30 is installed OR kselftests-kmp-azure-4.12.14-5.30 is installed OR ocfs2-kmp-azure-4.12.14-5.30 is installed OR reiserfs-kmp-azure-4.12.14-5.30 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information dfu-tool-1.2.11-5.2 is installed OR fwupd-1.2.11-5.2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND terraform-0.12.19-3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information libsamba-policy0-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-ad-dc-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-dsdb-modules-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-libs-python-4.9.5+git.210.ab0549acb05-3.14 is installed OR samba-python-4.9.5+git.210.ab0549acb05-3.14 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information dovecot23-2.3.3-8 is installed OR dovecot23-backend-mysql-2.3.3-8 is installed OR dovecot23-backend-pgsql-2.3.3-8 is installed OR dovecot23-backend-sqlite-2.3.3-8 is installed OR dovecot23-devel-2.3.3-8 is installed OR dovecot23-fts-2.3.3-8 is installed OR dovecot23-fts-lucene-2.3.3-8 is installed OR dovecot23-fts-solr-2.3.3-8 is installed OR dovecot23-fts-squat-2.3.3-8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs8-8.17.0-3.28 is installed OR nodejs8-devel-8.17.0-3.28 is installed OR nodejs8-docs-8.17.0-3.28 is installed OR npm8-8.17.0-3.28 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs8-8.17.0-3.28 is installed OR nodejs8-devel-8.17.0-3.28 is installed OR nodejs8-docs-8.17.0-3.28 is installed OR npm8-8.17.0-3.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information guestfs-data-1.26.10-4 is installed OR guestfs-tools-1.26.10-4 is installed OR guestfsd-1.26.10-4 is installed OR libguestfs0-1.26.10-4 is installed OR perl-Sys-Guestfs-1.26.10-4 is installed OR python-libguestfs-1.26.10-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libspice-server1-0.12.5-10 is installed OR spice-0.12.5-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpp48-4.8.5-30 is installed OR gcc48-4.8.5-30 is installed OR gcc48-32bit-4.8.5-30 is installed OR gcc48-c++-4.8.5-30 is installed OR gcc48-info-4.8.5-30 is installed OR gcc48-locale-4.8.5-30 is installed OR libasan0-4.8.5-30 is installed OR libasan0-32bit-4.8.5-30 is installed OR libstdc++48-devel-4.8.5-30 is installed OR libstdc++48-devel-32bit-4.8.5-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information perl-5.18.2-12.14 is installed OR perl-32bit-5.18.2-12.14 is installed OR perl-base-5.18.2-12.14 is installed OR perl-doc-5.18.2-12.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND yast2-smt-3.0.14-17.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information augeas-1.2.0-15 is installed OR augeas-lenses-1.2.0-15 is installed OR libaugeas0-1.2.0-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND gdb-8.3.1-2.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND tcpdump-4.9.2-14.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information gmp-6.1.2-4.3 is installed OR gmp-devel-6.1.2-4.3 is installed OR gmp-devel-32bit-6.1.2-4.3 is installed OR gnutls-3.6.7-6.14 is installed OR libgmp10-6.1.2-4.3 is installed OR libgmp10-32bit-6.1.2-4.3 is installed OR libgmpxx4-6.1.2-4.3 is installed OR libgmpxx4-32bit-6.1.2-4.3 is installed OR libgnutls-devel-3.6.7-6.14 is installed OR libgnutls30-3.6.7-6.14 is installed OR libgnutls30-32bit-3.6.7-6.14 is installed OR libgnutls30-hmac-3.6.7-6.14 is installed OR libgnutls30-hmac-32bit-3.6.7-6.14 is installed OR libgnutlsxx-devel-3.6.7-6.14 is installed OR libgnutlsxx28-3.6.7-6.14 is installed OR libhogweed4-3.4.1-4.12 is installed OR libhogweed4-32bit-3.4.1-4.12 is installed OR libnettle-3.4.1-4.12 is installed OR libnettle-devel-3.4.1-4.12 is installed OR libnettle6-3.4.1-4.12 is installed OR libnettle6-32bit-3.4.1-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information tomcat-9.0.35-3.57 is installed OR tomcat-admin-webapps-9.0.35-3.57 is installed OR tomcat-el-3_0-api-9.0.35-3.57 is installed OR tomcat-jsp-2_3-api-9.0.35-3.57 is installed OR tomcat-lib-9.0.35-3.57 is installed OR tomcat-servlet-4_0-api-9.0.35-3.57 is installed OR tomcat-webapps-9.0.35-3.57 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information xorg-x11-server-1.20.3-14.5.5 is installed OR xorg-x11-server-wayland-1.20.3-14.5.5 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information apache2-2.4.16-20.13 is installed OR apache2-doc-2.4.16-20.13 is installed OR apache2-example-pages-2.4.16-20.13 is installed OR apache2-prefork-2.4.16-20.13 is installed OR apache2-utils-2.4.16-20.13 is installed OR apache2-worker-2.4.16-20.13 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND clamav-0.100.1-33.15 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmariadb3-3.0.3-3.3 is installed OR mariadb-10.2.15-4.3 is installed OR mariadb-client-10.2.15-4.3 is installed OR mariadb-connector-c-3.0.3-3.3 is installed OR mariadb-errormessages-10.2.15-4.3 is installed OR mariadb-galera-10.2.15-4.3 is installed OR mariadb-tools-10.2.15-4.3 is installed OR xtrabackup-2.4.10-4.3 is installed

BACK