Oval Definition:	oval:org.opensuse.security:def:51105
Revision Date: 2020-12-01 Version: 1 Title: Security update for tiff (Moderate) Description: This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function (bsc#1115717). - CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function (bsc#1054594). - CVE-2016-10094: Fixed heap-based buffer overflow in the _tiffWriteProc function (bsc#1017693). - CVE-2016-10093: Fixed heap-based buffer overflow in the _TIFFmemcpy function (bsc#1017693). - CVE-2016-10092: Fixed heap-based buffer overflow in the TIFFReverseBits function (bsc#1017693). - CVE-2016-6223: Fixed out-of-bounds read on memory-mapped files in TIFFReadRawStrip1() and TIFFReadRawTile1() (bsc#990460). Family: unix Class: patch Status: Reference(s): 1010979 1010980 1017693 1020451 1020456 1020458 1020460 1026236 1027519 1045450 1051510 1051979 1054594 1055014 1055186 1057152 1061843 1065600 1065729 1066110 1066382 1077428 1077761 1086274 1086314 1087081 1088278 1089343 1099811 1099813 1099844 1099845 1099846 1099849 1099858 1099863 1099864 1100132 1101116 1101331 1101669 1101828 1101832 1101833 1101837 1101839 1101841 1101843 1101844 1101845 1101847 1101852 1101853 1101867 1101872 1101874 1101875 1101882 1101883 1101885 1101887 1101890 1101891 1101893 1101895 1101896 1101900 1101902 1101903 1102633 1102658 1103097 1103356 1103421 1103517 1103723 1103724 1103725 1103726 1103727 1103728 1103729 1103730 1103917 1103920 1103948 1103949 1104066 1104111 1104174 1104211 1104319 1114498 1114988 1115637 1115717 1117328 1120805 1120807 1126140 1126141 1126192 1126195 1126196 1126197 1126198 1126201 1126325 1127400 1127620 1128858 1129271 1129392 1129923 1132160 1132690 1134190 1134428 1134760 1135222 1136020 1136081 1138316 1140492 1140747 1146065 1146068 1146211 1146212 1146213 1149032 1151781 1151782 1151783 1151784 1151785 1151786 1152489 1155798 1158194 1159913 1163592 1164648 1165631 1165692 1168468 1171675 1171688 1172205 1173376 1173377 1173378 1173380 1174003 1174098 1174748 1174969 1175052 1175070 1175071 1175074 1175568 1175599 1175621 1175718 1175721 1175749 1175807 1175898 1176019 1176354 1176381 1176400 1176485 1176588 1176713 1176907 1176979 1177027 1177086 1177090 1177109 1177121 1177193 1177194 1177206 1177258 1177271 1177281 1177283 1177284 1177285 1177286 1177297 1177353 1177384 1177410 1177411 1177470 1177511 1177617 1177681 1177683 1177687 1177694 1177697 1177719 1177724 1177725 1177726 1177739 1177749 1177750 1177754 1177755 1177765 1177766 1177799 1177801 1177814 1177817 1177854 1177855 1177856 1177861 1178002 1178079 1178166 1178173 1178175 1178176 1178177 1178183 1178184 1178185 1178186 1178190 1178191 1178246 1178255 1178307 1178330 1178395 990460 CVE-2010-2547 CVE-2010-2640 CVE-2010-2641 CVE-2010-2642 CVE-2010-2643 CVE-2013-4351 CVE-2013-4402 CVE-2014-3564 CVE-2014-4617 CVE-2016-10092 CVE-2016-10093 CVE-2016-10094 CVE-2016-6223 CVE-2016-9398 CVE-2016-9399 CVE-2017-12944 CVE-2017-14132 CVE-2017-5499 CVE-2017-5503 CVE-2017-5504 CVE-2017-5505 CVE-2017-9782 CVE-2018-10876 CVE-2018-10877 CVE-2018-10878 CVE-2018-10879 CVE-2018-10880 CVE-2018-10881 CVE-2018-10882 CVE-2018-10883 CVE-2018-18873 CVE-2018-19139 CVE-2018-19210 CVE-2018-19543 CVE-2018-19967 CVE-2018-20570 CVE-2018-20622 CVE-2018-3620 CVE-2018-3646 CVE-2018-5391 CVE-2018-9252 CVE-2019-11068 CVE-2019-11478 CVE-2019-14980 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140 CVE-2019-15141 CVE-2019-16708 CVE-2019-16709 CVE-2019-16710 CVE-2019-16711 CVE-2019-16712 CVE-2019-16713 CVE-2019-19451 CVE-2019-5108 CVE-2019-5419 CVE-2020-0543 CVE-2020-11984 CVE-2020-11993 CVE-2020-12351 CVE-2020-12352 CVE-2020-14351 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 CVE-2020-16120 CVE-2020-1749 CVE-2020-24490 CVE-2020-25212 CVE-2020-25285 CVE-2020-25641 CVE-2020-25643 CVE-2020-25645 CVE-2020-25656 CVE-2020-25705 CVE-2020-27673 CVE-2020-27675 CVE-2020-8027 CVE-2020-9490 SUSE-SU-2018:2380-1 SUSE-SU-2018:4008-1 SUSE-SU-2019:0875-1 SUSE-SU-2019:1888-1 SUSE-SU-2019:1973-1 SUSE-SU-2019:2896-1 SUSE-SU-2019:3391-1 SUSE-SU-2020:1902-1 SUSE-SU-2020:2344-1 SUSE-SU-2020:2712-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information augeas-0.9.0-3.17 is installed OR libaugeas0-0.9.0-3.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gnutls-2.4.1-24.39.60 is installed OR libgnutls26-2.4.1-24.39.60 is installed OR libgnutls26-32bit-2.4.1-24.39.60 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information evince-3.10.3-1 is installed OR evince-lang-3.10.3-1 is installed OR libevdocument3-4-3.10.3-1 is installed OR libevview3-3-3.10.3-1 is installed OR typelib-1_0-EvinceDocument-3_0-3.10.3-1 is installed OR typelib-1_0-EvinceView-3_0-3.10.3-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information expat-2.1.0-13 is installed OR libexpat1-2.1.0-13 is installed OR libexpat1-32bit-2.1.0-13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information augeas-1.2.0-10 is installed OR augeas-lenses-1.2.0-10 is installed OR libaugeas0-1.2.0-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information bash-4.3-83.15 is installed OR bash-doc-4.3-83.15 is installed OR bash-lang-4.3-83.15 is installed OR libreadline6-6.3-83.15 is installed OR libreadline6-32bit-6.3-83.15 is installed OR readline-doc-6.3-83.15 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information libtiff5-32bit-4.0.9-5.20 is installed OR tiff-4.0.9-5.20 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information kernel-default-4.12.14-25.13 is installed OR reiserfs-kmp-default-4.12.14-25.13 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information openldap2-2.4.46-9.37 is installed OR openldap2-back-meta-2.4.46-9.37 is installed OR openldap2-back-perl-2.4.46-9.37 is installed OR openldap2-ppolicy-check-password-1.2-9.37 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_22-default-2-2 is installed OR kernel-livepatch-SLE15_Update_11-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information jasper-2.0.14-3.16 is installed OR libjasper4-32bit-2.0.14-3.16 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information rmt-server-2.3.1-3.3 is installed OR rmt-server-pubcloud-2.3.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information xen-4.10.3_02-3.14 is installed OR xen-devel-4.10.3_02-3.14 is installed OR xen-tools-4.10.3_02-3.14 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information xen-4.13.1_04-3.4 is installed OR xen-devel-4.13.1_04-3.4 is installed OR xen-tools-4.13.1_04-3.4 is installed OR xen-tools-xendomains-wait-disk-4.13.1_04-3.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information giflib-5.0.5-7 is installed OR giflib-progs-5.0.5-7 is installed OR libgif6-5.0.5-7 is installed OR libgif6-32bit-5.0.5-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_57-default-10-2 is installed OR kgraft-patch-3_12_74-60_64_57-xen-10-2 is installed OR kgraft-patch-SLE12-SP1_Update_20-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.39 is installed OR libopenssl1_0_0-1.0.2j-60.39 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed OR openssl-1.0.2j-60.39 is installed OR openssl-doc-1.0.2j-60.39 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libspice-client-glib-2_0-8-0.33-3.6 is installed OR libspice-client-glib-helper-0.33-3.6 is installed OR libspice-client-gtk-3_0-5-0.33-3.6 is installed OR libspice-controller0-0.33-3.6 is installed OR spice-gtk-0.33-3.6 is installed OR typelib-1_0-SpiceClientGlib-2_0-0.33-3.6 is installed OR typelib-1_0-SpiceClientGtk-3_0-0.33-3.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information g3utils-1.1.36-58.3 is installed OR mgetty-1.1.36-58.3 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information apache2-2.4.33-3.33 is installed OR apache2-devel-2.4.33-3.33 is installed OR apache2-doc-2.4.33-3.33 is installed OR apache2-prefork-2.4.33-3.33 is installed OR apache2-utils-2.4.33-3.33 is installed OR apache2-worker-2.4.33-3.33 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information dia-0.97.3-4.3 is installed OR dia-lang-0.97.3-4.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information git-2.12.3-27.14 is installed OR git-arch-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-credential-gnome-keyring-2.12.3-27.14 is installed OR git-cvs-2.12.3-27.14 is installed OR git-daemon-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed OR git-email-2.12.3-27.14 is installed OR git-gui-2.12.3-27.14 is installed OR git-svn-2.12.3-27.14 is installed OR git-web-2.12.3-27.14 is installed OR gitk-2.12.3-27.14 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-1.9 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND ucode-intel-20180425-13.20 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed
BACK