Oval Definition:	oval:org.opensuse.security:def:51656
Revision Date: 2021-09-16 Version: 1 Title: Security update for transfig (Moderate) Description: This update for transfig fixes the following issues: Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef() (bsc#1186329). - CVE-2020-21683: Fixed buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c (bsc#1189325). - CVE-2020-21682: Fixed buffer overflow in the set_fill component in genge.c (bsc#1189346). - CVE-2020-21681: Fixed buffer overflow in the set_color component in genge.c (bsc#1189345). - CVE-2020-21680: Fixed stack-based buffer overflow in the put_arrow() component in genpict2e.c (bsc#1189343). - CVE-2019-19797: out-of-bounds write in read_colordef in read.c (bsc#1159293). - CVE-2019-19555: stack-based buffer overflow because of an incorrect sscanf (bsc#1161698). - CVE-2019-19746: segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130). Family: unix Class: patch Status: Reference(s): 1046299 1046303 1046305 1050244 1050536 1050545 1051510 1055186 1061840 1064802 1065600 1066129 1073513 1082635 1083647 1086323 1087092 1089644 1090631 1093205 1096254 1097583 1097584 1097585 1097586 1097587 1097588 1098291 1101674 1101688 1101689 1109158 1111966 1114279 1117665 1119454 1119461 1119465 1123034 1123080 1128858 1129271 1129392 1131055 1132160 1132690 1133140 1134190 1134303 1134428 1135222 1135642 1135854 1135873 1135967 1136020 1136081 1136085 1136666 1136882 1137040 1137799 1138190 1138316 1140090 1140492 1140729 1140845 1140883 1141600 1142635 1142667 1143706 1144338 1144348 1144352 1144375 1144449 1144903 1145099 1145383 1146612 1148410 1148931 1149119 1149742 1150452 1150457 1150465 1150875 1151508 1152148 1152624 1152685 1152782 1152788 1152791 1153112 1153158 1153236 1153263 1153476 1153509 1153646 1153681 1153713 1153717 1153718 1153719 1153811 1153969 1154091 1154108 1154189 1154354 1154372 1154578 1154607 1154608 1154610 1154611 1154651 1154737 1154747 1154848 1154858 1154905 1154956 1155178 1155179 1155184 1155186 1155671 1155692 1155798 1155836 1155982 1156187 1156395 1159130 1159293 1161698 1170232 1171000 1171073 1171558 1172419 1172873 1173060 1173267 1174029 1174110 1174111 1174157 1174484 1174486 1175263 1175476 1175667 1175787 1175952 1175996 1175997 1175998 1175999 1176000 1176001 1176022 1176063 1176069 1186329 1189325 1189343 1189345 1189346 CVE-2007-6746 CVE-2010-2640 CVE-2010-2641 CVE-2010-2642 CVE-2010-2643 CVE-2011-1526 CVE-2011-4862 CVE-2013-1990 CVE-2013-1999 CVE-2013-4314 CVE-2014-0011 CVE-2014-8240 CVE-2015-0255 CVE-2018-12207 CVE-2018-1333 CVE-2018-8011 CVE-2019-0199 CVE-2019-0221 CVE-2019-10220 CVE-2019-11068 CVE-2019-11135 CVE-2019-14491 CVE-2019-14492 CVE-2019-14562 CVE-2019-14806 CVE-2019-15939 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16995 CVE-2019-17055 CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2019-18805 CVE-2019-19555 CVE-2019-19746 CVE-2019-19797 CVE-2019-5419 CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2020-14386 CVE-2020-14556 CVE-2020-14562 CVE-2020-14573 CVE-2020-14577 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-21680 CVE-2020-21681 CVE-2020-21682 CVE-2020-21683 CVE-2021-3561 SUSE-SU-2018:2424-1 SUSE-SU-2019:1693-1 SUSE-SU-2019:1973-1 SUSE-SU-2019:2365-2 SUSE-SU-2019:2428-1 SUSE-SU-2019:2951-1 SUSE-SU-2019:3192-1 SUSE-SU-2020:2143-1 SUSE-SU-2020:2580-1 SUSE-SU-2020:2691-1 SUSE-SU-2021:3124-1 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information MozillaThunderbird-52.7-lp150.2 is installed OR MozillaThunderbird-translations-common-52.7-lp150.2 is installed OR MozillaThunderbird-translations-other-52.7-lp150.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information bind-libs-9.9.4P2-0.6 is installed OR bind-libs-32bit-9.9.4P2-0.6 is installed OR bind-utils-9.9.4P2-0.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND wireshark-1.12.9-0.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information mozilla-nspr-4.10.8-0.8 is installed OR mozilla-nspr-32bit-4.10.8-0.8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information evince-3.10.3-1 is installed OR evince-lang-3.10.3-1 is installed OR libevdocument3-4-3.10.3-1 is installed OR libevview3-3-3.10.3-1 is installed OR typelib-1_0-EvinceDocument-3_0-3.10.3-1 is installed OR typelib-1_0-EvinceView-3_0-3.10.3-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND python-pyOpenSSL-0.14-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND krb5-appl-clients-1.0.3-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cpp48-4.8.5-30 is installed OR gcc48-4.8.5-30 is installed OR gcc48-32bit-4.8.5-30 is installed OR gcc48-c++-4.8.5-30 is installed OR gcc48-gij-4.8.5-30 is installed OR gcc48-gij-32bit-4.8.5-30 is installed OR gcc48-info-4.8.5-30 is installed OR libasan0-4.8.5-30 is installed OR libasan0-32bit-4.8.5-30 is installed OR libgcj48-4.8.5-30 is installed OR libgcj48-32bit-4.8.5-30 is installed OR libgcj48-jar-4.8.5-30 is installed OR libgcj_bc1-4.8.5-30 is installed OR libstdc++48-devel-4.8.5-30 is installed OR libstdc++48-devel-32bit-4.8.5-30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information python-Werkzeug-0.14.1-6.3 is installed OR python2-Werkzeug-0.14.1-6.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information tomcat-9.0.20-3.24 is installed OR tomcat-docs-webapp-9.0.20-3.24 is installed OR tomcat-embed-9.0.20-3.24 is installed OR tomcat-javadoc-9.0.20-3.24 is installed OR tomcat-jsvc-9.0.20-3.24 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.44 is installed OR kernel-azure-base-4.12.14-5.44 is installed OR kernel-azure-devel-4.12.14-5.44 is installed OR kernel-devel-azure-4.12.14-5.44 is installed OR kernel-source-azure-4.12.14-5.44 is installed OR kernel-syms-azure-4.12.14-5.44 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP2 is installed AND Package Information kernel-azure-5.3.18-18.18 is installed OR kernel-azure-devel-5.3.18-18.18 is installed OR kernel-devel-azure-5.3.18-18.18 is installed OR kernel-source-azure-5.3.18-18.18 is installed OR kernel-syms-azure-5.3.18-18.18 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information apache2-2.4.33-3.3 is installed OR apache2-devel-2.4.33-3.3 is installed OR apache2-doc-2.4.33-3.3 is installed OR apache2-prefork-2.4.33-3.3 is installed OR apache2-utils-2.4.33-3.3 is installed OR apache2-worker-2.4.33-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information rmt-server-2.3.1-3.3 is installed OR rmt-server-config-2.3.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information ovmf-201911-7.5 is installed OR ovmf-tools-201911-7.5 is installed OR qemu-ovmf-x86_64-201911-7.5 is installed OR qemu-uefi-aarch64-201911-7.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gvim-7.4.326-2 is installed OR vim-7.4.326-2 is installed OR vim-data-7.4.326-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libmysqlclient-devel-10.0.35-29.20 is installed OR libmysqlclient18-10.0.35-29.20 is installed OR libmysqlclient18-32bit-10.0.35-29.20 is installed OR libmysqlclient_r18-10.0.35-29.20 is installed OR libmysqld-devel-10.0.35-29.20 is installed OR libmysqld18-10.0.35-29.20 is installed OR mariadb-10.0.35-29.20 is installed OR mariadb-client-10.0.35-29.20 is installed OR mariadb-errormessages-10.0.35-29.20 is installed OR mariadb-tools-10.0.35-29.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gpg2-2.0.24-3 is installed OR gpg2-lang-2.0.24-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libnetpbm11-10.66.3-7 is installed OR libnetpbm11-32bit-10.66.3-7 is installed OR netpbm-10.66.3-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information jakarta-commons-fileupload-1.1.1-122.3 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-122.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND transfig-3.2.8a-2.17.1 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information java-11-openjdk-11.0.8.0-3.45 is installed OR java-11-openjdk-demo-11.0.8.0-3.45 is installed OR java-11-openjdk-devel-11.0.8.0-3.45 is installed OR java-11-openjdk-headless-11.0.8.0-3.45 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information libopencv3_3-3.3.1-6.6 is installed OR opencv-3.3.1-6.6 is installed OR opencv-devel-3.3.1-6.6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-cryptography-2.0.3-3.3 is installed
BACK