Oval Definition:oval:org.opensuse.security:def:50554
Revision Date:2020-12-01Version:1
Title:Security update for netpbm (Moderate)
Description:

This update for netpbm fixes the following issues:

- CVE-2018-8975: The pm_mallocarray2 function allowed remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file (bsc#1086777).
Family:unixClass:patch
Status:Reference(s):1012382
1043912
1044189
1046302
1046306
1046307
1046543
1050244
1051510
1054914
1055014
1055117
1058659
1060463
1064232
1065600
1065729
1068032
1069138
1071995
1076530
1077761
1077989
1078720
1080157
1082555
1083647
1083663
1084332
1085042
1085262
1086282
1086777
1089663
1090528
1092903
1093389
1094244
1095344
1096368
1096748
1097105
1098459
1098822
1099922
1099999
1100000
1100001
1100132
1101557
1101669
1102346
1102870
1102875
1102877
1102879
1102882
1102896
1103363
1103387
1103421
1103948
1103949
1103961
1104129
1104172
1104353
1104824
1105247
1105524
1105536
1105597
1105603
1105606
1105672
1105907
1106007
1106016
1106105
1106121
1106170
1106178
1106191
1106229
1106230
1106231
1106233
1106235
1106236
1106237
1106238
1106240
1106291
1106297
1106333
1106369
1106426
1106427
1106464
1106509
1106511
1106594
1106636
1106688
1106697
1106699
1106743
1106779
1106800
1106890
1106891
1106892
1106893
1106894
1106896
1106897
1106898
1106899
1106900
1106901
1106902
1106903
1106905
1106906
1106948
1106995
1107008
1107060
1107061
1107065
1107073
1107074
1107078
1107265
1107319
1107320
1107522
1107535
1107689
1107735
1107756
1107870
1107924
1107945
1107966
1108010
1108093
1108243
1108520
1108870
1109269
1109511
1114837
1117507
1117508
1126068
1126069
1133185
1134598
1140750
1145575
1145738
1145739
1145740
1145741
1145742
1157651
1159478
1159479
1159482
1159486
1168994
1171746
1172140
1172356
1172437
1173786
1173812
1174463
1174543
1174570
1176590
1177351
1177352
920344
CVE-2012-5784
CVE-2014-3596
CVE-2017-15134
CVE-2017-15135
CVE-2018-1000199
CVE-2018-10850
CVE-2018-10935
CVE-2018-10938
CVE-2018-10940
CVE-2018-1128
CVE-2018-1129
CVE-2018-12896
CVE-2018-13093
CVE-2018-13094
CVE-2018-13095
CVE-2018-14613
CVE-2018-14617
CVE-2018-14624
CVE-2018-16658
CVE-2018-16850
CVE-2018-19540
CVE-2018-19541
CVE-2018-5740
CVE-2018-5743
CVE-2018-5745
CVE-2018-6554
CVE-2018-6555
CVE-2018-8975
CVE-2019-10081
CVE-2019-10082
CVE-2019-10092
CVE-2019-10097
CVE-2019-10098
CVE-2019-13314
CVE-2019-15666
CVE-2019-18388
CVE-2019-18389
CVE-2019-18390
CVE-2019-18391
CVE-2019-18898
CVE-2019-6465
CVE-2019-9517
CVE-2020-10713
CVE-2020-10757
CVE-2020-14308
CVE-2020-14309
CVE-2020-14310
CVE-2020-14311
CVE-2020-14374
CVE-2020-14375
CVE-2020-14376
CVE-2020-14377
CVE-2020-14378
CVE-2020-15706
CVE-2020-15707
CVE-2020-7069
CVE-2020-7070
SUSE-SU-2018:2981-1
SUSE-SU-2018:3942-1
SUSE-SU-2019:0855-1
SUSE-SU-2019:1207-1
SUSE-SU-2019:1373-2
SUSE-SU-2019:1407-1
SUSE-SU-2019:2237-1
SUSE-SU-2019:2512-1
SUSE-SU-2019:3349-1
SUSE-SU-2020:0017-1
SUSE-SU-2020:2074-1
SUSE-SU-2020:2160-1
SUSE-SU-2020:3045-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • librsvg-2.26.0-2.5 is installed
  • OR librsvg-32bit-2.26.0-2.5 is installed
  • OR rsvg-view-2.26.0-2.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • MozillaFirefox-38.6.1esr-34 is installed
  • OR MozillaFirefox-translations-38.6.1esr-34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • ecryptfs-utils-103-5 is installed
  • OR ecryptfs-utils-32bit-103-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • avahi-0.6.31-20 is installed
  • OR avahi-lang-0.6.31-20 is installed
  • OR libavahi-client3-0.6.31-20 is installed
  • OR libavahi-client3-32bit-0.6.31-20 is installed
  • OR libavahi-common3-0.6.31-20 is installed
  • OR libavahi-common3-32bit-0.6.31-20 is installed
  • OR libavahi-core7-0.6.31-20 is installed
  • OR libdns_sd-0.6.31-20 is installed
  • OR libdns_sd-32bit-0.6.31-20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND binutils-2.26.1-9.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • ibus-chewing-1.4.14-4 is installed
  • OR ibus-pinyin-1.5.0-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-38.8 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • postgresql10-10.6-4.8 is installed
  • OR postgresql10-test-10.6-4.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 is installed
  • AND Package Information
  • libnetpbm11-10.80.1-3.3 is installed
  • OR netpbm-10.80.1-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • bind-9.11.2-12.11 is installed
  • OR bind-devel-9.11.2-12.11 is installed
  • OR bind-utils-9.11.2-12.11 is installed
  • OR libbind9-160-9.11.2-12.11 is installed
  • OR libdns169-9.11.2-12.11 is installed
  • OR libirs-devel-9.11.2-12.11 is installed
  • OR libirs160-9.11.2-12.11 is installed
  • OR libisc166-9.11.2-12.11 is installed
  • OR libisccc160-9.11.2-12.11 is installed
  • OR libisccfg160-9.11.2-12.11 is installed
  • OR liblwres160-9.11.2-12.11 is installed
  • OR python3-bind-9.11.2-12.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.19 is installed
  • OR kernel-default-livepatch-4.12.14-25.19 is installed
  • OR kernel-livepatch-4_12_14-25_19-default-1-1.3 is installed
  • OR kernel-livepatch-SLE15_Update_5-1-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • axis-1.4-5.8 is installed
  • OR axis-manual-1.4-5.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • php7-7.2.5-4.67 is installed
  • OR php7-pear-Archive_Tar-7.2.5-4.67 is installed
  • OR php7-wddx-7.2.5-4.67 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • 389-ds-1.4.0.3-4.7 is installed
  • OR 389-ds-devel-1.4.0.3-4.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • python3-virt-bootstrap-1.0.0-5.3 is installed
  • OR virt-bootstrap-1.0.0-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • grub2-2.04-9.7 is installed
  • OR grub2-x86_64-xen-2.04-9.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_67-60_64_24-default-6-3 is installed
  • OR kgraft-patch-3_12_67-60_64_24-xen-6-3 is installed
  • OR kgraft-patch-SLE12-SP1_Update_11-6-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND apache-commons-httpclient-3.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • openslp-2.0.0-18.17 is installed
  • OR openslp-32bit-2.0.0-18.17 is installed
  • OR openslp-server-2.0.0-18.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_45-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_14-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • curl-7.37.0-36 is installed
  • OR libcurl4-7.37.0-36 is installed
  • OR libcurl4-32bit-7.37.0-36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • kernel-default-4.4.180-94.107 is installed
  • OR kernel-default-base-4.4.180-94.107 is installed
  • OR kernel-default-devel-4.4.180-94.107 is installed
  • OR kernel-devel-4.4.180-94.107 is installed
  • OR kernel-macros-4.4.180-94.107 is installed
  • OR kernel-source-4.4.180-94.107 is installed
  • OR kernel-syms-4.4.180-94.107 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.0-30.60 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_176-94_88-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_24-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • MozillaFirefox-60.6.1esr-109.63 is installed
  • OR MozillaFirefox-translations-common-60.6.1esr-109.63 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • java-11-openjdk-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-demo-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-devel-11.0.8.0-3.45 is installed
  • OR java-11-openjdk-headless-11.0.8.0-3.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • dovecot23-2.3.10-4.27 is installed
  • OR dovecot23-backend-mysql-2.3.10-4.27 is installed
  • OR dovecot23-backend-pgsql-2.3.10-4.27 is installed
  • OR dovecot23-backend-sqlite-2.3.10-4.27 is installed
  • OR dovecot23-devel-2.3.10-4.27 is installed
  • OR dovecot23-fts-2.3.10-4.27 is installed
  • OR dovecot23-fts-lucene-2.3.10-4.27 is installed
  • OR dovecot23-fts-solr-2.3.10-4.27 is installed
  • OR dovecot23-fts-squat-2.3.10-4.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.45 is installed
  • OR kernel-default-extra-4.12.14-197.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • MozillaThunderbird-68.12.0-3.94 is installed
  • OR MozillaThunderbird-translations-common-68.12.0-3.94 is installed
  • OR MozillaThunderbird-translations-other-68.12.0-3.94 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-nova-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-api-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-cells-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-cert-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-compute-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-conductor-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-console-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-consoleauth-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-novncproxy-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-objectstore-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-scheduler-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-serialproxy-12.0.2~a0~dev18-1 is installed
  • OR openstack-nova-vncproxy-12.0.2~a0~dev18-1 is installed
  • OR python-nova-12.0.2~a0~dev18-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • BACK