OVAL Reference oval:org.opensuse.security:def:5238

Oval Definition:

oval:org.opensuse.security:def:5238

Revision Date:	2022-05-16	Version:	1
Title:	Security update for tiff (Important)
Description:	This update for tiff fixes the following issues: - CVE-2022-0561: Fixed null source pointer passed as an argument to memcpy() within TIFFFetchStripThing() in tif_dirread.c (bsc#1195964). - CVE-2022-0562: Fixed null source pointer passed as an argument to memcpy() within TIFFReadDirectory() in tif_dirread.c (bsc#1195965). - CVE-2022-0865: Fixed assertion failure in TIFFReadAndRealloc (bsc#1197066). - CVE-2022-0909: Fixed divide by zero error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197072). - CVE-2022-0924: Fixed out-of-bounds read error in tiffcp that could have led to a denial-of-service via a crafted tiff file (bsc#1197073). - CVE-2022-0908: Fixed null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() (bsc#1197074). - CVE-2022-1056: Fixed out-of-bounds read error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197631). - CVE-2022-0891: Fixed heap buffer overflow in extractImageSection (bsc#1197068).
Family:	unix	Class:	patch
Status:		Reference(s):	1130103 1177409 1177412 1177413 1177414 1178083 1195964 1195965 1197066 1197068 1197072 1197073 1197074 1197631 CVE-2009-3627 CVE-2011-1145 CVE-2011-2054 CVE-2012-2673 CVE-2012-4559 CVE-2012-4560 CVE-2012-4561 CVE-2013-0176 CVE-2013-1991 CVE-2013-2000 CVE-2013-3571 CVE-2014-0017 CVE-2014-0019 CVE-2014-2653 CVE-2014-7202 CVE-2014-7203 CVE-2014-8169 CVE-2014-8767 CVE-2014-8768 CVE-2014-8769 CVE-2014-8962 CVE-2014-9028 CVE-2014-9140 CVE-2015-0261 CVE-2015-1191 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 CVE-2019-17498 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 CVE-2020-27670 CVE-2020-27671 CVE-2020-27672 CVE-2020-27673 CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-1056 SUSE-SU-2020:3052-1 SUSE-SU-2020:3551-1 SUSE-SU-2022:1667-1
Platform(s):	openSUSE 13.1 openSUSE 13.1 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 12 SP2 SUSE Linux Enterprise Real Time Extension 12 SP3 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE OpenStack Cloud 5	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information dnsmasq-2.71-4.1 is installed OR dnsmasq-utils-2.71-4.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information xorg-x11-libXp-7.4-1.18.1 is installed OR xorg-x11-libXp-32bit-7.4-1.18.1 is installed OR xorg-x11-libXp-devel-7.4-1.18.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libmysql55client18-5.5.39-0.7.1 is installed OR libmysql55client18-32bit-5.5.39-0.7.1 is installed OR libmysql55client_r18-5.5.39-0.7.1 is installed OR libmysql55client_r18-32bit-5.5.39-0.7.1 is installed OR libmysqlclient15-5.0.96-0.6.13 is installed OR libmysqlclient15-32bit-5.0.96-0.6.13 is installed OR libmysqlclient_r15-5.0.96-0.6.13 is installed OR libmysqlclient_r15-32bit-5.0.96-0.6.13 is installed OR mysql-5.5.39-0.7.1 is installed OR mysql-client-5.5.39-0.7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libvirt-1.2.5-12.3 is installed OR libvirt-client-1.2.5-12.3 is installed OR libvirt-client-32bit-1.2.5-12.3 is installed OR libvirt-doc-1.2.5-12.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND libssh4-0.6.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND autofs-5.0.9-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cpio-2.11-29 is installed OR cpio-lang-2.11-29 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information compat-libldap-2_3-0-2.3.37-16.1 is installed OR openldap2-2.4.39-16.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information libpacemaker3-1.1.16-4 is installed OR pacemaker-1.1.16-4 is installed OR pacemaker-cli-1.1.16-4 is installed OR pacemaker-cts-1.1.16-4 is installed OR pacemaker-remote-1.1.16-4 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP5 is installed AND haproxy-1.6.11-10 is installed
Definition Synopsis
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND xen-4.10.4_18-3.44 is installed OR xen-devel-4.10.4_18-3.44 is installed OR xen-libs-4.10.4_18-3.44 is installed OR xen-tools-4.10.4_18-3.44 is installed OR xen-tools-domU-4.10.4_18-3.44 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND xen-4.10.4_18-3.44 is installed OR xen-devel-4.10.4_18-3.44 is installed OR xen-libs-4.10.4_18-3.44 is installed OR xen-tools-4.10.4_18-3.44 is installed OR xen-tools-domU-4.10.4_18-3.44 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_38-44-default-4-2 is installed OR kgraft-patch-3_12_38-44-xen-4-2 is installed OR kgraft-patch-SLE12_Update_3-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_3-default-1-2.1 is installed OR kgraft-patch-SLE12-SP3_Update_1-1-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND sles12sp1-docker-image-1.0.7-20171002 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-openssl098-0.9.8j-66.3 is installed OR libopenssl0_9_8-0.9.8j-66.3 is installed OR libopenssl0_9_8-32bit-0.9.8j-66.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.38-44.1 is installed OR kernel-ec2-devel-3.12.38-44.1 is installed OR kernel-ec2-extra-3.12.38-44.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9.1 is installed OR gcc5-5.3.1+r233831-9.1 is installed OR gcc5-32bit-5.3.1+r233831-9.1 is installed OR gcc5-ada-5.3.1+r233831-9.1 is installed OR gcc5-ada-32bit-5.3.1+r233831-9.1 is installed OR gcc5-c++-5.3.1+r233831-9.1 is installed OR gcc5-c++-32bit-5.3.1+r233831-9.1 is installed OR gcc5-fortran-5.3.1+r233831-9.1 is installed OR gcc5-fortran-32bit-5.3.1+r233831-9.1 is installed OR gcc5-info-5.3.1+r233831-9.1 is installed OR gcc5-locale-5.3.1+r233831-9.1 is installed OR libada5-5.3.1+r233831-9.1 is installed OR libada5-32bit-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-5.3.1+r233831-9.1 is installed OR libffi-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed OR libffi-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9.1 is installed OR libstdc++6-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php7-7.0.7-15 is installed OR php7-7.0.7-15 is installed OR php7-bcmath-7.0.7-15 is installed OR php7-bz2-7.0.7-15 is installed OR php7-calendar-7.0.7-15 is installed OR php7-ctype-7.0.7-15 is installed OR php7-curl-7.0.7-15 is installed OR php7-dba-7.0.7-15 is installed OR php7-dom-7.0.7-15 is installed OR php7-enchant-7.0.7-15 is installed OR php7-exif-7.0.7-15 is installed OR php7-fastcgi-7.0.7-15 is installed OR php7-fileinfo-7.0.7-15 is installed OR php7-fpm-7.0.7-15 is installed OR php7-ftp-7.0.7-15 is installed OR php7-gd-7.0.7-15 is installed OR php7-gettext-7.0.7-15 is installed OR php7-gmp-7.0.7-15 is installed OR php7-iconv-7.0.7-15 is installed OR php7-imap-7.0.7-15 is installed OR php7-intl-7.0.7-15 is installed OR php7-json-7.0.7-15 is installed OR php7-ldap-7.0.7-15 is installed OR php7-mbstring-7.0.7-15 is installed OR php7-mcrypt-7.0.7-15 is installed OR php7-mysql-7.0.7-15 is installed OR php7-odbc-7.0.7-15 is installed OR php7-opcache-7.0.7-15 is installed OR php7-openssl-7.0.7-15 is installed OR php7-pcntl-7.0.7-15 is installed OR php7-pdo-7.0.7-15 is installed OR php7-pear-7.0.7-15 is installed OR php7-pear-Archive_Tar-7.0.7-15 is installed OR php7-pgsql-7.0.7-15 is installed OR php7-phar-7.0.7-15 is installed OR php7-posix-7.0.7-15 is installed OR php7-pspell-7.0.7-15 is installed OR php7-shmop-7.0.7-15 is installed OR php7-snmp-7.0.7-15 is installed OR php7-soap-7.0.7-15 is installed OR php7-sockets-7.0.7-15 is installed OR php7-sqlite-7.0.7-15 is installed OR php7-sysvmsg-7.0.7-15 is installed OR php7-sysvsem-7.0.7-15 is installed OR php7-sysvshm-7.0.7-15 is installed OR php7-tokenizer-7.0.7-15 is installed OR php7-wddx-7.0.7-15 is installed OR php7-xmlreader-7.0.7-15 is installed OR php7-xmlrpc-7.0.7-15 is installed OR php7-xmlwriter-7.0.7-15 is installed OR php7-xsl-7.0.7-15 is installed OR php7-zip-7.0.7-15 is installed OR php7-zlib-7.0.7-15 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP2 is installed AND Package Information cluster-md-kmp-rt-4.4.88-18 is installed OR cluster-network-kmp-rt-4.4.88-18 is installed OR dlm-kmp-rt-4.4.88-18 is installed OR gfs2-kmp-rt-4.4.88-18 is installed OR kernel-devel-rt-4.4.88-18 is installed OR kernel-rt-4.4.88-18 is installed OR kernel-rt-base-4.4.88-18 is installed OR kernel-rt-devel-4.4.88-18 is installed OR kernel-rt_debug-4.4.88-18 is installed OR kernel-rt_debug-devel-4.4.88-18 is installed OR kernel-source-rt-4.4.88-18 is installed OR kernel-syms-rt-4.4.88-18 is installed OR ocfs2-kmp-rt-4.4.88-18 is installed
Definition Synopsis
SUSE Linux Enterprise Real Time Extension 12 SP3 is installed AND Package Information cluster-md-kmp-rt-4.4.155-3.23 is installed OR dlm-kmp-rt-4.4.155-3.23 is installed OR gfs2-kmp-rt-4.4.155-3.23 is installed OR kernel-devel-rt-4.4.155-3.23 is installed OR kernel-rt-4.4.155-3.23 is installed OR kernel-rt-base-4.4.155-3.23 is installed OR kernel-rt-devel-4.4.155-3.23 is installed OR kernel-rt_debug-4.4.155-3.23 is installed OR kernel-rt_debug-devel-4.4.155-3.23 is installed OR kernel-source-rt-4.4.155-3.23 is installed OR kernel-syms-rt-4.4.155-3.23 is installed OR ocfs2-kmp-rt-4.4.155-3.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP2 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information gmime-2.2.23-1.50.1 is installed OR gmime-2_4-2.4.8-1.2.55 is installed OR gmime-doc-2.2.23-1.50.1 is installed OR libgmime-2_0-3-2.2.23-1.50.1 is installed OR libgmime-2_4-2-2.4.8-1.2.55 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-1 is installed OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information MozillaFirefox-38.4.0esr-51 is installed OR MozillaFirefox-translations-38.4.0esr-51 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND sudo-1.8.10p3-8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND ant-1.9.4-3.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND libtiff-devel-4.0.9-44.48.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information xen-4.4.4_05-22.25.1 is installed OR xen-doc-html-4.4.4_05-22.25.1 is installed OR xen-kmp-default-4.4.4_05_k3.12.60_52.57-22.25.1 is installed OR xen-libs-4.4.4_05-22.25.1 is installed OR xen-libs-32bit-4.4.4_05-22.25.1 is installed OR xen-tools-4.4.4_05-22.25.1 is installed OR xen-tools-domU-4.4.4_05-22.25.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information cups-1.7.5-20.3 is installed OR cups-client-1.7.5-20.3 is installed OR cups-libs-1.7.5-20.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 is installed AND Package Information kgraft-patch-3_12_55-52_42-default-2-2 is installed OR kgraft-patch-3_12_55-52_42-xen-2-2 is installed OR kgraft-patch-SLE12_Update_12-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information apache2-mod_perl-2.0.4-40.24.1 is installed OR apache2-mod_perl-devel-2.0.4-40.24.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information libpcp-devel-3.6.10-4 is installed OR libpcp3-3.6.10-4 is installed OR pcp-3.6.10-4 is installed OR pcp-import-iostat2pcp-3.6.10-4 is installed OR pcp-import-mrtg2pcp-3.6.10-4 is installed OR pcp-import-sar2pcp-3.6.10-4 is installed OR pcp-import-sheet2pcp-3.6.10-4 is installed OR perl-PCP-LogImport-3.6.10-4 is installed OR perl-PCP-LogSummary-3.6.10-4 is installed OR perl-PCP-MMV-3.6.10-4 is installed OR perl-PCP-PMDA-3.6.10-4 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information DirectFB-devel-1.7.1-6 is installed OR lib++dfb-devel-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND MozillaFirefox-devel-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information python-base-2.7.9-14.1 is installed OR python-devel-2.7.9-14.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information kernel-default-3.12.59-60.45.2 is installed OR kernel-default-extra-3.12.59-60.45.2 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information gd-2.1.0-20.1 is installed OR gd-32bit-2.1.0-20.1 is installed

BACK