Oval Definition:	oval:org.opensuse.security:def:51959
Revision Date: 2021-09-16 Version: 1 Title: Security update for transfig (Moderate) Description: This update for transfig fixes the following issues: Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef() (bsc#1186329). - CVE-2020-21683: Fixed buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c (bsc#1189325). - CVE-2020-21682: Fixed buffer overflow in the set_fill component in genge.c (bsc#1189346). - CVE-2020-21681: Fixed buffer overflow in the set_color component in genge.c (bsc#1189345). - CVE-2020-21680: Fixed stack-based buffer overflow in the put_arrow() component in genpict2e.c (bsc#1189343). - CVE-2019-19797: out-of-bounds write in read_colordef in read.c (bsc#1159293). - CVE-2019-19555: stack-based buffer overflow because of an incorrect sscanf (bsc#1161698). - CVE-2019-19746: segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130). Family: unix Class: patch Status: Reference(s): 1133384 1136882 1139924 1141132 1141334 1144902 1148539 1152143 1154289 1154598 1159130 1159293 1159723 1159729 1161025 1161698 1166916 1172442 1172443 1172515 1176315 1177158 1177950 1178591 1186329 1189325 1189343 1189345 1189346 CVE-2007-6600 CVE-2009-4034 CVE-2009-4136 CVE-2010-0405 CVE-2010-1169 CVE-2010-1170 CVE-2010-3433 CVE-2011-0461 CVE-2011-2895 CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0547 CVE-2012-0866 CVE-2012-0867 CVE-2012-0868 CVE-2012-1682 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 CVE-2012-2143 CVE-2012-2655 CVE-2012-3136 CVE-2012-3174 CVE-2012-3216 CVE-2012-3488 CVE-2012-3489 CVE-2012-4416 CVE-2012-4681 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 CVE-2013-0169 CVE-2013-0255 CVE-2013-0401 CVE-2013-0422 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0431 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0450 CVE-2013-0809 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1488 CVE-2013-1493 CVE-2013-1500 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1569 CVE-2013-1571 CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-1983 CVE-2013-2142 CVE-2013-2383 CVE-2013-2384 CVE-2013-2407 CVE-2013-2412 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5805 CVE-2013-5806 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2013-6462 CVE-2013-6629 CVE-2013-6954 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-0067 CVE-2014-0209 CVE-2014-0210 CVE-2014-0211 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0408 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4266 CVE-2014-4268 CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-5288 CVE-2015-5289 CVE-2015-7236 CVE-2016-5104 CVE-2016-7944 CVE-2019-10072 CVE-2019-1010319 CVE-2019-10218 CVE-2019-11498 CVE-2019-12418 CVE-2019-13508 CVE-2019-14833 CVE-2019-14847 CVE-2019-17563 CVE-2019-19555 CVE-2019-19746 CVE-2019-19797 CVE-2020-11080 CVE-2020-14355 CVE-2020-17507 CVE-2020-21680 CVE-2020-21681 CVE-2020-21682 CVE-2020-21683 CVE-2020-28368 CVE-2020-7598 CVE-2020-8174 CVE-2021-3561 SUSE-SU-2019:2191-1 SUSE-SU-2019:2866-1 SUSE-SU-2020:0226-1 SUSE-SU-2020:1417-1 SUSE-SU-2020:1576-1 SUSE-SU-2020:2748-1 SUSE-SU-2020:3070-1 SUSE-SU-2021:3124-1 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information dbus-1-glib-0.108-lp150.1 is installed OR dbus-1-glib-tool-0.108-lp150.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND sudo-1.7.6p2-0.2.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND sudo-1.7.6p2-0.21 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information java-1_7_0-openjdk-1.7.0.65-3 is installed OR java-1_7_0-openjdk-headless-1.7.0.65-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bzip2-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information imobiledevice-tools-1.2.0-7 is installed OR libimobiledevice6-1.2.0-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.40.20-5.6 is installed OR librsvg-2-2-2.40.20-5.6 is installed OR librsvg-2-2-32bit-2.40.20-5.6 is installed OR rsvg-view-2.40.20-5.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information libwavpack1-32bit-5.1.0-4.6 is installed OR wavpack-5.1.0-4.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information freetds-1.1.36-3.3 is installed OR libct4-1.1.36-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information libspice-server-devel-0.14.2-3.3 is installed OR libspice-server1-0.14.2-3.3 is installed OR spice-0.14.2-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information tomcat-9.0.30-3.34 is installed OR tomcat-admin-webapps-9.0.30-3.34 is installed OR tomcat-el-3_0-api-9.0.30-3.34 is installed OR tomcat-jsp-2_3-api-9.0.30-3.34 is installed OR tomcat-lib-9.0.30-3.34 is installed OR tomcat-servlet-4_0-api-9.0.30-3.34 is installed OR tomcat-webapps-9.0.30-3.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libpoppler-glib8-0.24.4-3 is installed OR libpoppler-qt4-4-0.24.4-3 is installed OR libpoppler44-0.24.4-3 is installed OR poppler-tools-0.24.4-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-52.5.0esr-109.9 is installed OR MozillaFirefox-devel-52.5.0esr-109.9 is installed OR MozillaFirefox-translations-52.5.0esr-109.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND ctags-5.8-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libmysqlclient18-10.0.35-29.20 is installed OR libmysqlclient18-32bit-10.0.35-29.20 is installed OR mariadb-10.0.35-29.20 is installed OR mariadb-client-10.0.35-29.20 is installed OR mariadb-errormessages-10.0.35-29.20 is installed OR mariadb-tools-10.0.35-29.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information git-2.12.3-27.22 is installed OR git-core-2.12.3-27.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR libwebkit2gtk3-lang-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libprocps3-3.3.9-11.14 is installed OR procps-3.3.9-11.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information nodejs8-8.17.0-3.32 is installed OR nodejs8-devel-8.17.0-3.32 is installed OR nodejs8-docs-8.17.0-3.32 is installed OR npm8-8.17.0-3.32 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND transfig-3.2.8a-2.17.1 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libQt5Concurrent-devel-5.9.4-8.24 is installed OR libQt5Concurrent5-5.9.4-8.24 is installed OR libQt5Core-devel-5.9.4-8.24 is installed OR libQt5Core-private-headers-devel-5.9.4-8.24 is installed OR libQt5Core5-5.9.4-8.24 is installed OR libQt5DBus-devel-5.9.4-8.24 is installed OR libQt5DBus-private-headers-devel-5.9.4-8.24 is installed OR libQt5DBus5-5.9.4-8.24 is installed OR libQt5Gui-devel-5.9.4-8.24 is installed OR libQt5Gui-private-headers-devel-5.9.4-8.24 is installed OR libQt5Gui5-5.9.4-8.24 is installed OR libQt5KmsSupport-devel-static-5.9.4-8.24 is installed OR libQt5KmsSupport-private-headers-devel-5.9.4-8.24 is installed OR libQt5Network-devel-5.9.4-8.24 is installed OR libQt5Network-private-headers-devel-5.9.4-8.24 is installed OR libQt5Network5-5.9.4-8.24 is installed OR libQt5OpenGL-devel-5.9.4-8.24 is installed OR libQt5OpenGL-private-headers-devel-5.9.4-8.24 is installed OR libQt5OpenGL5-5.9.4-8.24 is installed OR libQt5PlatformHeaders-devel-5.9.4-8.24 is installed OR libQt5PlatformSupport-devel-static-5.9.4-8.24 is installed OR libQt5PlatformSupport-private-headers-devel-5.9.4-8.24 is installed OR libQt5PrintSupport-devel-5.9.4-8.24 is installed OR libQt5PrintSupport-private-headers-devel-5.9.4-8.24 is installed OR libQt5PrintSupport5-5.9.4-8.24 is installed OR libQt5Sql-devel-5.9.4-8.24 is installed OR libQt5Sql-private-headers-devel-5.9.4-8.24 is installed OR libQt5Sql5-5.9.4-8.24 is installed OR libQt5Sql5-sqlite-5.9.4-8.24 is installed OR libQt5Test-devel-5.9.4-8.24 is installed OR libQt5Test-private-headers-devel-5.9.4-8.24 is installed OR libQt5Test5-5.9.4-8.24 is installed OR libQt5Widgets-devel-5.9.4-8.24 is installed OR libQt5Widgets-private-headers-devel-5.9.4-8.24 is installed OR libQt5Widgets5-5.9.4-8.24 is installed OR libQt5Xml-devel-5.9.4-8.24 is installed OR libQt5Xml5-5.9.4-8.24 is installed OR libqt5-qtbase-5.9.4-8.24 is installed OR libqt5-qtbase-common-devel-5.9.4-8.24 is installed OR libqt5-qtbase-devel-5.9.4-8.24 is installed OR libqt5-qtbase-private-headers-devel-5.9.4-8.24 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information qemu-2.3.1-33.3 is installed OR qemu-block-curl-2.3.1-33.3 is installed OR qemu-block-rbd-2.3.1-33.3 is installed OR qemu-guest-agent-2.3.1-33.3 is installed OR qemu-ipxe-1.0.0-33.3 is installed OR qemu-kvm-2.3.1-33.3 is installed OR qemu-lang-2.3.1-33.3 is installed OR qemu-seabios-1.8.1-33.3 is installed OR qemu-sgabios-8-33.3 is installed OR qemu-tools-2.3.1-33.3 is installed OR qemu-vgabios-1.8.1-33.3 is installed OR qemu-x86-2.3.1-33.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information java-1_8_0-openjdk-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.14.4-11.18 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.23-3.9 is installed
BACK