Oval Definition:	oval:org.opensuse.security:def:53005
Revision Date: 2020-12-01 Version: 1 Title: Security update for libexif (Moderate) Description: This update for libexif to 0.6.22 fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file (bsc#1055857). - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c (bsc#1059893). - CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943). - CVE-2019-9278: Fixed an integer overflow (bsc#1160770). - CVE-2020-0093: Fixed an out-of-bounds read in exif_data_save_data_entry (bsc#1171847). - CVE-2020-12767: Fixed a divide-by-zero error in exif_entry_get_value (bsc#1171475). - CVE-2020-13112: Fixed a time consumption DoS when parsing canon array markers (bsc#1172121). - CVE-2020-13113: Fixed a potential use of uninitialized memory (bsc#1172105). - CVE-2020-13114: Fixed various buffer overread fixes due to integer overflows in maker notes (bsc#1172116). Non-security issues fixed: - libexif was updated to version 0.6.22: * New translations: ms * Updated translations for most languages * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER Family: unix Class: patch Status: Reference(s): 1005091 1005522 1005523 1005524 1005525 1005526 1005527 1005528 1009318 1011130 1011136 1012677 1013376 1014159 1047238 1050911 1051510 1054914 1055117 1055857 1056686 1059893 1060662 1061840 1061843 1064597 1064701 1065600 1065729 1066369 1071009 1071306 1071995 1078248 1082555 1085030 1085536 1085539 1087092 1090734 1091171 1093205 1102097 1104902 1104967 1106061 1106284 1106434 1108382 1109158 1112894 1112899 1112902 1112903 1112905 1112906 1112907 1113722 1114279 1114542 1118689 1119086 1120876 1120902 1120937 1120943 1123034 1123105 1124370 1127988 1129424 1129519 1129664 1131107 1131304 1131565 1134291 1134881 1134882 1135219 1135642 1135897 1136261 1137069 1137865 1137884 1137959 1138539 1139020 1139021 1139101 1139500 1140012 1140155 1140426 1140487 1141013 1141450 1141543 1141554 1142019 1142076 1142109 1142117 1142118 1142119 1142496 1142541 1142635 1142685 1142701 1143300 1143466 1143765 1143841 1143843 1144123 1144333 1144474 1144518 1144718 1144813 1144880 1144886 1144912 1144920 1144979 1145010 1145051 1145059 1145134 1145189 1145235 1145300 1145302 1145388 1145389 1145390 1145391 1145392 1145393 1145394 1145395 1145396 1145397 1145408 1145409 1145661 1145678 1145687 1145920 1145922 1145934 1145937 1145940 1145941 1145942 1146042 1146074 1146084 1146163 1146285 1146346 1146351 1146352 1146361 1146376 1146378 1146381 1146391 1146399 1146413 1146425 1146512 1146514 1146516 1146519 1146524 1146526 1146529 1146531 1146540 1146543 1146547 1146550 1146575 1146589 1146664 1146678 1146938 1148031 1148032 1148033 1148034 1148035 1148093 1148133 1148192 1148196 1148198 1148202 1148303 1148363 1148379 1148394 1148527 1148574 1148616 1148617 1148619 1148712 1148859 1148868 1149053 1149083 1149104 1149105 1149106 1149197 1149214 1149224 1149313 1149325 1149376 1149413 1149418 1149424 1149446 1149522 1149527 1149539 1149552 1149555 1149591 1149602 1149612 1149626 1149651 1149652 1149713 1149940 1149976 1150025 1150033 1150112 1150381 1150423 1150562 1150727 1150860 1150861 1150933 1151350 1151610 1151667 1151680 1151891 1151955 1152024 1152025 1152026 1152161 1152325 1152457 1152460 1152466 1152972 1152974 1152975 1160770 1171475 1171847 1172105 1172116 1172121 799216 800255 860346 875220 877456 884407 895805 896484 897736 898687 900270 902286 902346 902349 903640 904177 904883 904899 904901 905100 905304 905329 905482 905783 906196 907069 908069 908322 908825 908904 909829 910322 911326 912202 912654 912705 913059 914112 914126 914254 914291 914294 914300 914457 914464 914726 915188 915322 915335 915425 915454 915456 915550 915660 916107 916513 916646 917089 917128 918161 918255 979422 995964 CVE-2006-4484 CVE-2007-4129 CVE-2009-1886 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 CVE-2010-0547 CVE-2010-0728 CVE-2010-0787 CVE-2010-0926 CVE-2010-1635 CVE-2010-1642 CVE-2010-2063 CVE-2010-2252 CVE-2010-3069 CVE-2011-0719 CVE-2011-2522 CVE-2011-2694 CVE-2011-3146 CVE-2012-0817 CVE-2012-0870 CVE-2012-1182 CVE-2012-2111 CVE-2012-4510 CVE-2012-4929 CVE-2012-6150 CVE-2013-0172 CVE-2013-0213 CVE-2013-0214 CVE-2013-0454 CVE-2013-1863 CVE-2013-1881 CVE-2013-4124 CVE-2013-4242 CVE-2013-4408 CVE-2013-4475 CVE-2013-4476 CVE-2013-4496 CVE-2013-6442 CVE-2014-0178 CVE-2014-0239 CVE-2014-0244 CVE-2014-3493 CVE-2014-3560 CVE-2014-3591 CVE-2014-3673 CVE-2014-3687 CVE-2014-4877 CVE-2014-7822 CVE-2014-7841 CVE-2014-8104 CVE-2014-8143 CVE-2014-8160 CVE-2014-8559 CVE-2014-9419 CVE-2014-9584 CVE-2014-9848 CVE-2015-0240 CVE-2015-0837 CVE-2015-2059 CVE-2015-3223 CVE-2015-5191 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-5370 CVE-2015-7511 CVE-2015-7560 CVE-2015-8467 CVE-2015-8543 CVE-2016-0771 CVE-2016-1006 CVE-2016-1011 CVE-2016-1012 CVE-2016-1013 CVE-2016-1014 CVE-2016-1015 CVE-2016-1016 CVE-2016-1017 CVE-2016-1018 CVE-2016-1019 CVE-2016-1020 CVE-2016-1021 CVE-2016-1022 CVE-2016-1023 CVE-2016-1024 CVE-2016-1025 CVE-2016-1026 CVE-2016-1027 CVE-2016-1028 CVE-2016-1029 CVE-2016-1030 CVE-2016-1031 CVE-2016-1032 CVE-2016-1033 CVE-2016-1096 CVE-2016-1097 CVE-2016-1098 CVE-2016-1099 CVE-2016-1100 CVE-2016-1101 CVE-2016-1102 CVE-2016-1103 CVE-2016-1104 CVE-2016-1105 CVE-2016-1106 CVE-2016-1107 CVE-2016-1108 CVE-2016-1109 CVE-2016-1110 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 CVE-2016-2119 CVE-2016-2123 CVE-2016-2125 CVE-2016-2126 CVE-2016-4108 CVE-2016-4109 CVE-2016-4110 CVE-2016-4111 CVE-2016-4112 CVE-2016-4113 CVE-2016-4114 CVE-2016-4115 CVE-2016-4116 CVE-2016-4117 CVE-2016-4971 CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 CVE-2016-6313 CVE-2016-6328 CVE-2016-7098 CVE-2016-7098 CVE-2016-8707 CVE-2016-8866 CVE-2016-9556 CVE-2016-9559 CVE-2016-9773 CVE-2017-11103 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-14746 CVE-2017-15275 CVE-2017-18551 CVE-2017-18595 CVE-2017-2619 CVE-2017-6508 CVE-2017-7494 CVE-2017-7544 CVE-2018-1050 CVE-2018-1057 CVE-2018-10858 CVE-2018-10919 CVE-2018-20030 CVE-2018-20976 CVE-2018-21008 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14821 CVE-2019-14835 CVE-2019-15030 CVE-2019-15031 CVE-2019-15090 CVE-2019-15098 CVE-2019-15117 CVE-2019-15118 CVE-2019-15211 CVE-2019-15212 CVE-2019-15214 CVE-2019-15215 CVE-2019-15216 CVE-2019-15217 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15222 CVE-2019-15239 CVE-2019-15290 CVE-2019-15291 CVE-2019-15292 CVE-2019-15538 CVE-2019-15666 CVE-2019-15902 CVE-2019-15917 CVE-2019-15919 CVE-2019-15920 CVE-2019-15921 CVE-2019-15924 CVE-2019-15926 CVE-2019-15927 CVE-2019-9278 CVE-2019-9456 CVE-2019-9506 CVE-2020-0093 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 SUSE-SU-2015:0529-1 SUSE-SU-2016:1305-1 SUSE-SU-2016:2953-1 SUSE-SU-2016:3258-1 SUSE-SU-2016:3268-1 SUSE-SU-2019:2651-1 SUSE-SU-2020:1553-2 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libXi6-1.7.9-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information docker-18.09.6_ce-lp151.2.6 is installed OR docker-bash-completion-18.09.6_ce-lp151.2.6 is installed OR docker-test-18.09.6_ce-lp151.2.6 is installed OR docker-zsh-completion-18.09.6_ce-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND puppet-2.6.18-0.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information dbus-1-1.2.10-3.31 is installed OR dbus-1-32bit-1.2.10-3.31 is installed OR dbus-1-x11-1.2.10-3.31 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information kernel-default-3.12.38-44 is installed OR kernel-default-devel-3.12.38-44 is installed OR kernel-default-extra-3.12.38-44 is installed OR kernel-devel-3.12.38-44 is installed OR kernel-macros-3.12.38-44 is installed OR kernel-source-3.12.38-44 is installed OR kernel-syms-3.12.38-44 is installed OR kernel-xen-3.12.38-44 is installed OR kernel-xen-devel-3.12.38-44 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND perl-Tk-804.031-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND coolkey-1.1.0-147 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cups-pk-helper-0.2.5-5 is installed OR cups-pk-helper-lang-0.2.5-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libdcerpc-binding0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libdcerpc-binding0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libdcerpc0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libdcerpc0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-krb5pac0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-krb5pac0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-nbt0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-nbt0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-standard0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr-standard0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libndr0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libnetapi0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libnetapi0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-credentials0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-credentials0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-errors0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-errors0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-hostconfig0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-passdb0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-passdb0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-util0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamba-util0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamdb0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsamdb0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbclient0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbclient0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbconf0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbconf0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbldap0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libsmbldap0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libtevent-util0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libtevent-util0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR libwbclient0-4.6.16+git.124.aee309c5c18-3.32 is installed OR libwbclient0-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-client-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-client-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-doc-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-libs-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-libs-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-winbind-4.6.16+git.124.aee309c5c18-3.32 is installed OR samba-winbind-32bit-4.6.16+git.124.aee309c5c18-3.32 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information libexif-0.6.22-5.6 is installed OR libexif12-32bit-0.6.22-5.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.41 is installed OR kernel-azure-base-4.12.14-5.41 is installed OR kernel-azure-devel-4.12.14-5.41 is installed OR kernel-devel-azure-4.12.14-5.41 is installed OR kernel-source-azure-4.12.14-5.41 is installed OR kernel-syms-azure-4.12.14-5.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cups-pk-helper-0.2.5-3 is installed OR cups-pk-helper-lang-0.2.5-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_60-default-8-2 is installed OR kgraft-patch-3_12_74-60_64_60-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_21-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information krb5-1.12.5-39 is installed OR krb5-32bit-1.12.5-39 is installed OR krb5-client-1.12.5-39 is installed OR krb5-doc-1.12.5-39 is installed OR krb5-plugin-kdb-ldap-1.12.5-39 is installed OR krb5-plugin-preauth-otp-1.12.5-39 is installed OR krb5-plugin-preauth-pkinit-1.12.5-39 is installed OR krb5-server-1.12.5-39 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.4.0esr-109.55 is installed OR MozillaFirefox-devel-60.4.0esr-109.55 is installed OR MozillaFirefox-translations-common-60.4.0esr-109.55 is installed OR libfreebl3-3.40.1-58.18 is installed OR libfreebl3-32bit-3.40.1-58.18 is installed OR libsoftokn3-3.40.1-58.18 is installed OR libsoftokn3-32bit-3.40.1-58.18 is installed OR mozilla-nspr-4.20-19.6 is installed OR mozilla-nspr-32bit-4.20-19.6 is installed OR mozilla-nss-3.40.1-58.18 is installed OR mozilla-nss-32bit-3.40.1-58.18 is installed OR mozilla-nss-certs-3.40.1-58.18 is installed OR mozilla-nss-certs-32bit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-32bit-3.40.1-58.18 is installed OR mozilla-nss-tools-3.40.1-58.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180425-13.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_38-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_13-12-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information groff-1.22.2-5 is installed OR groff-full-1.22.2-5 is installed OR gxditview-1.22.2-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libsolv-0.6.36-2.16 is installed OR libsolv-tools-0.6.36-2.16 is installed OR libzypp-16.20.0-2.39 is installed OR perl-solv-0.6.36-2.16 is installed OR python-solv-0.6.36-2.16 is installed OR zypper-1.13.51-21.26 is installed OR zypper-log-1.13.51-21.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-activesupport-4_2-4.2.2-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND nodejs6-6.17.0-11.27 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information galera-3-25.3.24-4.3 is installed OR galera-3-wsrep-provider-25.3.24-4.3 is installed OR libmariadb3-3.0.6-3.6 is installed OR mariadb-10.2.21-4.8 is installed OR mariadb-client-10.2.21-4.8 is installed OR mariadb-connector-c-3.0.6-3.6 is installed OR mariadb-errormessages-10.2.21-4.8 is installed OR mariadb-galera-10.2.21-4.8 is installed OR mariadb-tools-10.2.21-4.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-haml-4.0.6-3.3 is installed OR rubygem-haml-4.0.6-3.3 is installed
BACK