Oval Definition:	oval:org.opensuse.security:def:55796
Revision Date: 2020-12-01 Version: 1 Title: Security update for tiff (Moderate) Description: This update for tiff fixes the following issues: CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images (bsc#964225) * CVE-2016-3186: Buffer overflow in gif2tiff (bnc#973340). * CVE-2016-5875: heap-based buffer overflow when using the PixarLog compressionformat (bsc#987351) * CVE-2016-5316: Out-of-bounds read in PixarLogCleanup() function in tif_pixarlog.c (bsc#984837) * CVE-2016-5314: Out-of-bounds write in PixarLogDecode() function (bsc#984831) * CVE-2016-5317: Out-of-bounds write in PixarLogDecode() function in libtiff.so (bsc#984842) * CVE-2016-5320: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c (bsc#984808) Family: unix Class: patch Status: Reference(s): 1031875 1031877 1031879 1031886 1032880 1044947 1077559 1077568 1077572 1107832 1108963 1110233 1112039 1176262 817120 852367 854367 854370 865222 894361 906574 924960 933288 933878 936227 942865 957566 957567 957598 957600 960837 964225 967087 967812 967814 967815 967964 967965 967966 967967 971741 972127 973340 984808 984831 984837 984842 987351 CVE-2007-6746 CVE-2011-2054 CVE-2013-3829 CVE-2013-4002 CVE-2013-5609 CVE-2013-5610 CVE-2013-5611 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5615 CVE-2013-5616 CVE-2013-5618 CVE-2013-5619 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851 CVE-2013-6671 CVE-2013-6672 CVE-2013-6673 CVE-2014-3565 CVE-2014-8964 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-5073 CVE-2015-5174 CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 CVE-2016-1283 CVE-2016-1523 CVE-2016-3186 CVE-2016-3191 CVE-2016-5314 CVE-2016-5316 CVE-2016-5317 CVE-2016-5320 CVE-2016-5875 CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396 CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 CVE-2018-14633 CVE-2018-14634 CVE-2018-17182 CVE-2018-18386 CVE-2018-6196 CVE-2018-6197 CVE-2018-6198 CVE-2019-20916 SUSE-SU-2016:0564-1 SUSE-SU-2016:0769-1 SUSE-SU-2016:2271-1 SUSE-SU-2016:3161-1 SUSE-SU-2017:1093-1 SUSE-SU-2017:1635-1 SUSE-SU-2018:3772-1 SUSE-SU-2019:0776-1 SUSE-SU-2020:2698-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.0 NonFree openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND argyllcms-1.9.2-lp150.2 is installed Definition Synopsis openSUSE Leap 15.0 NonFree is installed AND opera-54.0.2952.41-lp150.2.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information docker-18.09.6_ce-lp151.2.6 is installed OR docker-bash-completion-18.09.6_ce-lp151.2.6 is installed OR docker-test-18.09.6_ce-lp151.2.6 is installed OR docker-zsh-completion-18.09.6_ce-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information java-1_6_0-openjdk-1.6.0.0_b27.1.12.7-0.2 is installed OR java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.7-0.2 is installed OR java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.7-0.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.2.0esr-0.7 is installed OR MozillaFirefox-branding-SLED-24-0.7 is installed OR MozillaFirefox-translations-24.2.0esr-0.7 is installed OR libfreebl3-3.15.3.1-0.7 is installed OR libfreebl3-32bit-3.15.3.1-0.7 is installed OR libsoftokn3-3.15.3.1-0.7 is installed OR libsoftokn3-32bit-3.15.3.1-0.7 is installed OR mozilla-nss-3.15.3.1-0.7 is installed OR mozilla-nss-32bit-3.15.3.1-0.7 is installed OR mozilla-nss-tools-3.15.3.1-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-38.6.1esr-34 is installed OR MozillaFirefox-translations-38.6.1esr-34 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libtiff5-4.0.6-26 is installed OR libtiff5-32bit-4.0.6-26 is installed OR tiff-4.0.6-26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND w3m-0.5.3.git20161120-161.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libsoup-2_4-1-2.44.2-1 is installed OR libsoup-2_4-1-32bit-2.44.2-1 is installed OR libsoup-lang-2.44.2-1 is installed OR typelib-1_0-Soup-2_4-2.44.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_93-default-5-2 is installed OR kgraft-patch-3_12_74-60_64_93-xen-5-2 is installed OR kgraft-patch-SLE12-SP1_Update_28-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND libdmx1-1.1.3-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.109 is installed OR kernel-default-base-4.4.121-92.109 is installed OR kernel-default-devel-4.4.121-92.109 is installed OR kernel-devel-4.4.121-92.109 is installed OR kernel-macros-4.4.121-92.109 is installed OR kernel-source-4.4.121-92.109 is installed OR kernel-syms-4.4.121-92.109 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-devel-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information qemu-2.6.2-41.43 is installed OR qemu-block-curl-2.6.2-41.43 is installed OR qemu-block-rbd-2.6.2-41.43 is installed OR qemu-block-ssh-2.6.2-41.43 is installed OR qemu-guest-agent-2.6.2-41.43 is installed OR qemu-ipxe-1.0.0-41.43 is installed OR qemu-kvm-2.6.2-41.43 is installed OR qemu-lang-2.6.2-41.43 is installed OR qemu-ppc-2.6.2-41.43 is installed OR qemu-s390-2.6.2-41.43 is installed OR qemu-seabios-1.9.1-41.43 is installed OR qemu-sgabios-8-41.43 is installed OR qemu-tools-2.6.2-41.43 is installed OR qemu-vgabios-1.9.1-41.43 is installed OR qemu-x86-2.6.2-41.43 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND ctags-5.8-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ovmf-2017+git1492060560.b6d11d7c46-4.12 is installed OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.12 is installed OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information fontconfig-2.11.1-7 is installed OR fontconfig-32bit-2.11.1-7 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openvpn-2.3.8-16.17 is installed OR openvpn-auth-pam-plugin-2.3.8-16.17 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND python-pip-10.0.1-11.9 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openslp-2.0.0-18.17 is installed OR openslp-32bit-2.0.0-18.17 is installed OR openslp-server-2.0.0-18.17 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-haml-4.0.6-3.3 is installed OR rubygem-haml-4.0.6-3.3 is installed
BACK