Oval Definition:oval:org.opensuse.security:def:51104
Revision Date:2020-12-01Version:1
Title:Security update for tiff (Moderate)
Description:

This update for tiff fixes the following issues:

Security issues fixed:

- CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257). - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672). - CVE-2018-18557: Fixed JBIG decode can lead to out-of-bounds write (bsc#1113094).

Non-security issues fixed:

- asan_build: build ASAN included - debug_build: build more suitable for debugging
Family:unixClass:patch
Status:Reference(s):1012382
1037697
1046299
1046300
1046302
1046303
1046305
1046306
1046307
1046533
1046543
1048942
1050242
1050536
1050538
1050540
1051510
1054245
1056651
1056787
1058169
1058659
1060463
1065600
1068032
1071995
1075087
1075360
1077338
1077761
1077989
1078248
1082635
1083647
1085042
1085536
1085539
1086301
1086313
1086314
1086324
1086457
1087092
1087202
1087217
1087233
1089644
1090098
1090888
1091041
1091171
1093148
1093666
1094119
1096330
1097583
1097584
1097585
1097586
1097587
1097588
1098633
1099193
1099257
1100132
1100884
1101143
1101337
1101352
1101564
1101669
1101674
1101789
1101813
1101816
1102088
1102097
1102147
1102340
1102512
1102851
1103216
1103220
1103230
1103421
1104427
1104841
1108043
1113094
1113672
1113722
1114279
1115026
1117169
1120853
1120999
1127371
1129528
1131107
1131233
1131237
1131239
1131241
1131245
1132091
1136446
1137597
1137990
1138039
1140747
1140948
1142095
1143706
1143959
1144333
1146519
1146544
1149429
1149448
1150466
1151186
1151548
1151900
1152631
1152782
1153423
1153628
1153681
1153811
1153869
1154043
1154058
1154124
1154355
1154526
1154738
1154956
1155021
1155331
1155334
1155689
1155692
1155836
1155897
1155921
1156187
1156258
1156259
1156429
1156462
1156466
1156471
1156494
1156609
1156700
1156729
1156882
1157038
1157042
1157070
1157143
1157145
1157158
1157162
1157169
1157171
1157173
1157178
1157180
1157182
1157183
1157184
1157191
1157193
1157197
1157298
1157303
1157307
1157324
1157333
1157424
1157463
1157499
1157678
1157698
1157778
1157853
1157908
1158049
1158063
1158064
1158065
1158066
1158067
1158068
1158082
1158094
1158132
1158381
1158394
1158398
1158407
1158410
1158413
1158417
1158427
1158445
1158533
1158637
1158638
1158639
1158640
1158641
1158643
1158644
1158645
1158646
1158647
1158649
1158651
1158652
1158823
1158824
1158827
1158834
1158893
1158900
1158903
1158904
1158954
1159024
1159297
1159913
1162936
1162937
1163178
1165631
1174154
1174633
1174635
1174638
1176179
1178882
CVE-2008-4989
CVE-2010-2547
CVE-2011-3635
CVE-2011-4128
CVE-2012-0390
CVE-2012-1569
CVE-2012-1573
CVE-2013-4351
CVE-2013-4402
CVE-2014-0092
CVE-2014-1959
CVE-2014-3466
CVE-2014-4617
CVE-2017-18344
CVE-2018-12900
CVE-2018-18557
CVE-2018-18661
CVE-2018-5390
CVE-2019-0196
CVE-2019-0197
CVE-2019-0211
CVE-2019-0217
CVE-2019-0220
CVE-2019-11023
CVE-2019-11477
CVE-2019-11478
CVE-2019-11757
CVE-2019-11758
CVE-2019-11759
CVE-2019-11760
CVE-2019-11761
CVE-2019-11762
CVE-2019-11763
CVE-2019-11764
CVE-2019-14895
CVE-2019-14901
CVE-2019-15213
CVE-2019-15903
CVE-2019-15916
CVE-2019-16231
CVE-2019-17055
CVE-2019-18660
CVE-2019-18683
CVE-2019-18805
CVE-2019-18808
CVE-2019-18809
CVE-2019-19049
CVE-2019-19051
CVE-2019-19052
CVE-2019-19056
CVE-2019-19057
CVE-2019-19058
CVE-2019-19060
CVE-2019-19062
CVE-2019-19063
CVE-2019-19065
CVE-2019-19066
CVE-2019-19067
CVE-2019-19068
CVE-2019-19073
CVE-2019-19074
CVE-2019-19075
CVE-2019-19077
CVE-2019-19227
CVE-2019-19332
CVE-2019-19338
CVE-2019-19523
CVE-2019-19524
CVE-2019-19525
CVE-2019-19526
CVE-2019-19527
CVE-2019-19528
CVE-2019-19529
CVE-2019-19530
CVE-2019-19531
CVE-2019-19532
CVE-2019-19533
CVE-2019-19534
CVE-2019-19535
CVE-2019-19536
CVE-2019-19537
CVE-2019-19543
CVE-2019-19767
CVE-2019-3846
CVE-2019-5108
CVE-2020-14345
CVE-2020-14346
CVE-2020-14347
CVE-2020-15719
CVE-2020-1749
CVE-2020-24977
CVE-2020-8277
CVE-2020-8631
CVE-2020-8632
SUSE-SU-2018:2223-1
SUSE-SU-2018:3925-1
SUSE-SU-2019:0873-1
SUSE-SU-2019:1267-3
SUSE-SU-2019:2871-1
SUSE-SU-2019:3381-1
SUSE-SU-2020:0585-1
SUSE-SU-2020:2326-1
SUSE-SU-2020:2581-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Workstation Extension 15
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND libaugeas0-0.9.0-3.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • gnutls-2.4.1-24.39.57 is installed
  • OR libgnutls26-2.4.1-24.39.57 is installed
  • OR libgnutls26-32bit-2.4.1-24.39.57 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • empathy-3.10.3-1 is installed
  • OR empathy-lang-3.10.3-1 is installed
  • OR telepathy-mission-control-plugin-goa-3.10.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • evince-3.10.3-1 is installed
  • OR evince-lang-3.10.3-1 is installed
  • OR libevdocument3-4-3.10.3-1 is installed
  • OR libevview3-3-3.10.3-1 is installed
  • OR typelib-1_0-EvinceDocument-3_0-3.10.3-1 is installed
  • OR typelib-1_0-EvinceView-3_0-3.10.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • at-3.1.14-7 is installed
  • OR libQtWebKit4-4.8.6+2.3.3-3 is installed
  • OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed
  • OR libbonobo-2.32.1-16 is installed
  • OR libbonobo-32bit-2.32.1-16 is installed
  • OR libbonobo-lang-2.32.1-16 is installed
  • OR libkde4-4.12.0-7 is installed
  • OR libkde4-32bit-4.12.0-7 is installed
  • OR libkdecore4-4.12.0-7 is installed
  • OR libkdecore4-32bit-4.12.0-7 is installed
  • OR libksuseinstall1-4.12.0-7 is installed
  • OR libksuseinstall1-32bit-4.12.0-7 is installed
  • OR libnetpbm11-10.66.3-4 is installed
  • OR libnetpbm11-32bit-10.66.3-4 is installed
  • OR netpbm-10.66.3-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • accountsservice-0.6.42-14 is installed
  • OR accountsservice-lang-0.6.42-14 is installed
  • OR libaccountsservice0-0.6.42-14 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • avahi-0.6.32-30 is installed
  • OR avahi-lang-0.6.32-30 is installed
  • OR libavahi-client3-0.6.32-30 is installed
  • OR libavahi-client3-32bit-0.6.32-30 is installed
  • OR libavahi-common3-0.6.32-30 is installed
  • OR libavahi-common3-32bit-0.6.32-30 is installed
  • OR libavahi-core7-0.6.32-30 is installed
  • OR libdns_sd-0.6.32-30 is installed
  • OR libdns_sd-32bit-0.6.32-30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • libtiff5-32bit-4.0.9-5.17 is installed
  • OR tiff-4.0.9-5.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.6 is installed
  • OR reiserfs-kmp-default-4.12.14-25.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • openldap2-2.4.46-9.34 is installed
  • OR openldap2-back-meta-2.4.46-9.34 is installed
  • OR openldap2-back-perl-2.4.46-9.34 is installed
  • OR openldap2-ppolicy-check-password-1.2-9.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_17-default-3-2 is installed
  • OR kernel-livepatch-SLE15_Update_10-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • libxml2-2.9.7-3.25 is installed
  • OR libxml2-devel-32bit-2.9.7-3.25 is installed
  • OR libxml2-doc-2.9.7-3.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND Package Information
  • cloud-init-19.4-5.24 is installed
  • OR cloud-init-config-suse-19.4-5.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • apache2-2.4.33-3.15 is installed
  • OR apache2-devel-2.4.33-3.15 is installed
  • OR apache2-doc-2.4.33-3.15 is installed
  • OR apache2-prefork-2.4.33-3.15 is installed
  • OR apache2-utils-2.4.33-3.15 is installed
  • OR apache2-worker-2.4.33-3.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • graphviz-addons-2.40.1-6.3 is installed
  • OR graphviz-tcl-2.40.1-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND wpa_supplicant-2.2-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_60-default-9-2 is installed
  • OR kgraft-patch-3_12_74-60_64_60-xen-9-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_21-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • alsa-1.0.27.2-11 is installed
  • OR alsa-docs-1.0.27.2-11 is installed
  • OR libasound2-1.0.27.2-11 is installed
  • OR libasound2-32bit-1.0.27.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND yast2-smt-3.0.14-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-devel-52.9.0esr-109.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_38-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_13-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND clamav-0.99.2-32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • kernel-default-4.4.180-94.103 is installed
  • OR kernel-default-base-4.4.180-94.103 is installed
  • OR kernel-default-devel-4.4.180-94.103 is installed
  • OR kernel-devel-4.4.180-94.103 is installed
  • OR kernel-macros-4.4.180-94.103 is installed
  • OR kernel-source-4.4.180-94.103 is installed
  • OR kernel-syms-4.4.180-94.103 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_178-94_91-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_25-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • gdm-3.10.0.1-54.6 is installed
  • OR gdm-lang-3.10.0.1-54.6 is installed
  • OR gdmflexiserver-3.10.0.1-54.6 is installed
  • OR libgdm1-3.10.0.1-54.6 is installed
  • OR typelib-1_0-Gdm-1_0-3.10.0.1-54.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • fuse-2.9.3-6.3 is installed
  • OR libfuse2-2.9.3-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • xorg-x11-server-1.19.6-8.16 is installed
  • OR xorg-x11-server-extra-1.19.6-8.16 is installed
  • OR xorg-x11-server-sdk-1.19.6-8.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-150.47 is installed
  • OR kernel-default-extra-4.12.14-150.47 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-sprockets-2_11-2.11.3-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND Package Information
  • containerd-1.2.6-16.23 is installed
  • OR docker-19.03.1_ce-98.46 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25 is installed
  • OR docker-runc-1.0.0rc8+gitr3826_425e105d5a03-1.29 is installed
  • OR golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-25 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libvirt-2.0.0-27.42 is installed
  • OR libvirt-client-2.0.0-27.42 is installed
  • OR libvirt-daemon-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.42 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-xen-2.0.0-27.42 is installed
  • OR libvirt-doc-2.0.0-27.42 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.42 is installed
  • OR libvirt-nss-2.0.0-27.42 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • dnsmasq-2.78-18.6 is installed
  • OR dnsmasq-utils-2.78-18.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • BACK