OVAL Reference oval:org.opensuse.security:def:52115

Oval Definition:

oval:org.opensuse.security:def:52115

Revision Date:	2020-12-01	Version:	1
Title:	Security update for libexif (Moderate)
Description:	This update for libexif to 0.6.22 fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file (bsc#1055857). - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c (bsc#1059893). - CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943). - CVE-2019-9278: Fixed an integer overflow (bsc#1160770). - CVE-2020-0093: Fixed an out-of-bounds read in exif_data_save_data_entry (bsc#1171847). - CVE-2020-12767: Fixed a divide-by-zero error in exif_entry_get_value (bsc#1171475). - CVE-2020-13112: Fixed a time consumption DoS when parsing canon array markers (bsc#1172121). - CVE-2020-13113: Fixed a potential use of uninitialized memory (bsc#1172105). - CVE-2020-13114: Fixed various buffer overread fixes due to integer overflows in maker notes (bsc#1172116). Non-security issues fixed: - libexif was updated to version 0.6.22: * New translations: ms * Updated translations for most languages * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER
Family:	unix	Class:	patch
Status:		Reference(s):	1055857 1059893 1120943 1160770 1167631 1168404 1168407 1168669 1168994 1169066 1170446 1170452 1171475 1171847 1172105 1172116 1172121 1173032 1173592 1173594 1174543 1175626 1175656 CVE-2008-1227 CVE-2010-0750 CVE-2011-1485 CVE-2013-4143 CVE-2013-4288 CVE-2014-0467 CVE-2014-2977 CVE-2014-2978 CVE-2014-3158 CVE-2014-3618 CVE-2014-9116 CVE-2015-0295 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2015-3218 CVE-2015-3255 CVE-2015-3256 CVE-2015-3310 CVE-2015-4625 CVE-2016-6328 CVE-2017-7544 CVE-2018-20030 CVE-2019-9278 CVE-2020-0093 CVE-2020-10713 CVE-2020-12105 CVE-2020-12402 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 CVE-2020-1752 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 SUSE-SU-2020:0820-1 SUSE-SU-2020:1126-1 SUSE-SU-2020:1337-1 SUSE-SU-2020:1850-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libnewt0_52-0.52.20-lp150.5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libpng12-0-1.2.31-5.33 is installed OR libpng12-0-32bit-1.2.31-5.33 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND xfsprogs-3.1.8-0.7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND xlockmore-5.43-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libsilc-1_1-2-1.1.10-24 is installed OR libsilcclient-1_1-3-1.1.10-24 is installed OR silc-toolkit-1.1.10-24 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libQt5Concurrent5-5.6.2-5 is installed OR libQt5Core5-5.6.2-5 is installed OR libQt5DBus5-5.6.2-5 is installed OR libQt5Gui5-5.6.2-5 is installed OR libQt5Network5-5.6.2-5 is installed OR libQt5OpenGL5-5.6.2-5 is installed OR libQt5PrintSupport5-5.6.2-5 is installed OR libQt5Sql5-5.6.2-5 is installed OR libQt5Sql5-mysql-5.6.2-5 is installed OR libQt5Sql5-postgresql-5.6.2-5 is installed OR libQt5Sql5-sqlite-5.6.2-5 is installed OR libQt5Sql5-unixODBC-5.6.2-5 is installed OR libQt5Test5-5.6.2-5 is installed OR libQt5Widgets5-5.6.2-5 is installed OR libQt5Xml5-5.6.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gvim-7.4.326-16 is installed OR vim-7.4.326-16 is installed OR vim-data-7.4.326-16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information libexif-0.6.22-5.6 is installed OR libexif-devel-32bit-0.6.22-5.6 is installed OR libexif12-32bit-0.6.22-5.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ghostscript-9.15-14 is installed OR ghostscript-x11-9.15-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_88-default-4-2 is installed OR kgraft-patch-3_12_74-60_64_88-xen-4-2 is installed OR kgraft-patch-SLE12-SP1_Update_27-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_nss-1.0.14-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND ctags-5.8-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_57-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_18-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND mutt-1.10.1-55.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information apache2-2.4.33-3.30 is installed OR apache2-devel-2.4.33-3.30 is installed OR apache2-doc-2.4.33-3.30 is installed OR apache2-prefork-2.4.33-3.30 is installed OR apache2-utils-2.4.33-3.30 is installed OR apache2-worker-2.4.33-3.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libfreebl3-3.53.1-3.45 is installed OR libfreebl3-32bit-3.53.1-3.45 is installed OR libfreebl3-hmac-3.53.1-3.45 is installed OR libfreebl3-hmac-32bit-3.53.1-3.45 is installed OR libsoftokn3-3.53.1-3.45 is installed OR libsoftokn3-32bit-3.53.1-3.45 is installed OR libsoftokn3-hmac-3.53.1-3.45 is installed OR libsoftokn3-hmac-32bit-3.53.1-3.45 is installed OR mozilla-nss-3.53.1-3.45 is installed OR mozilla-nss-32bit-3.53.1-3.45 is installed OR mozilla-nss-certs-3.53.1-3.45 is installed OR mozilla-nss-certs-32bit-3.53.1-3.45 is installed OR mozilla-nss-devel-3.53.1-3.45 is installed OR mozilla-nss-sysinit-3.53.1-3.45 is installed OR mozilla-nss-tools-3.53.1-3.45 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information openconnect-7.08-6.6 is installed OR openconnect-devel-7.08-6.6 is installed OR openconnect-lang-7.08-6.6 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-activerecord-4_2-4.2.2-5 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libdcerpc-binding0-4.4.2-38.28 is installed OR libdcerpc-binding0-32bit-4.4.2-38.28 is installed OR libdcerpc0-4.4.2-38.28 is installed OR libdcerpc0-32bit-4.4.2-38.28 is installed OR libndr-krb5pac0-4.4.2-38.28 is installed OR libndr-krb5pac0-32bit-4.4.2-38.28 is installed OR libndr-nbt0-4.4.2-38.28 is installed OR libndr-nbt0-32bit-4.4.2-38.28 is installed OR libndr-standard0-4.4.2-38.28 is installed OR libndr-standard0-32bit-4.4.2-38.28 is installed OR libndr0-4.4.2-38.28 is installed OR libndr0-32bit-4.4.2-38.28 is installed OR libnetapi0-4.4.2-38.28 is installed OR libnetapi0-32bit-4.4.2-38.28 is installed OR libsamba-credentials0-4.4.2-38.28 is installed OR libsamba-credentials0-32bit-4.4.2-38.28 is installed OR libsamba-errors0-4.4.2-38.28 is installed OR libsamba-errors0-32bit-4.4.2-38.28 is installed OR libsamba-hostconfig0-4.4.2-38.28 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.28 is installed OR libsamba-passdb0-4.4.2-38.28 is installed OR libsamba-passdb0-32bit-4.4.2-38.28 is installed OR libsamba-util0-4.4.2-38.28 is installed OR libsamba-util0-32bit-4.4.2-38.28 is installed OR libsamdb0-4.4.2-38.28 is installed OR libsamdb0-32bit-4.4.2-38.28 is installed OR libsmbclient0-4.4.2-38.28 is installed OR libsmbclient0-32bit-4.4.2-38.28 is installed OR libsmbconf0-4.4.2-38.28 is installed OR libsmbconf0-32bit-4.4.2-38.28 is installed OR libsmbldap0-4.4.2-38.28 is installed OR libsmbldap0-32bit-4.4.2-38.28 is installed OR libtevent-util0-4.4.2-38.28 is installed OR libtevent-util0-32bit-4.4.2-38.28 is installed OR libwbclient0-4.4.2-38.28 is installed OR libwbclient0-32bit-4.4.2-38.28 is installed OR samba-4.4.2-38.28 is installed OR samba-client-4.4.2-38.28 is installed OR samba-client-32bit-4.4.2-38.28 is installed OR samba-doc-4.4.2-38.28 is installed OR samba-libs-4.4.2-38.28 is installed OR samba-libs-32bit-4.4.2-38.28 is installed OR samba-winbind-4.4.2-38.28 is installed OR samba-winbind-32bit-4.4.2-38.28 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-Django-1.11.23-3.12 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.8 is installed

BACK