Oval Definition:	oval:org.opensuse.security:def:56025
Revision Date: 2021-06-02 Version: 1 Title: Security update for libwebp (Critical) Description: This update for libwebp fixes the following issues: - CVE-2018-25010: Fixed heap-based buffer overflow in ApplyFilter() (bsc#1185685). - CVE-2020-36330: Fixed heap-based buffer overflow in ChunkVerifyAndAssign() (bsc#1185691). - CVE-2020-36332: Fixed extreme memory allocation when reading a file (bsc#1185674). - CVE-2020-36329: Fixed use-after-free in EmitFancyRGB() (bsc#1185652). - CVE-2018-25012: Fixed heap-based buffer overflow in GetLE24() (bsc#1185690). - CVE-2018-25013: Fixed heap-based buffer overflow in ShiftBytes() (bsc#1185654). - CVE-2020-36331: Fixed heap-based buffer overflow in ChunkAssignData() (bsc#1185686). - CVE-2018-25009: Fixed heap-based buffer overflow in GetLE16() (bsc#1185673). - CVE-2018-25011: Fixed fail on multiple image chunks (bsc#1186247). Family: unix Class: patch Status: Reference(s): 1002991 1021227 1024076 1024079 1029320 1032287 1033783 1034560 1035082 1042146 1043960 1045628 1046024 1048046 1051429 1053532 1055676 1057743 1058173 1059011 1064926 1065109 1066210 1066801 1069468 1069758 1072798 1088268 1090036 1103098 1119947 1124729 1124734 1128378 1185652 1185654 1185673 1185674 1185685 1185686 1185690 1185691 1186247 872796 909474 909475 911837 942628 958324 CVE-2012-2737 CVE-2013-0211 CVE-2014-0595 CVE-2014-8137 CVE-2014-8138 CVE-2015-2304 CVE-2015-5185 CVE-2015-8045 CVE-2015-8047 CVE-2015-8048 CVE-2015-8049 CVE-2015-8050 CVE-2015-8055 CVE-2015-8056 CVE-2015-8057 CVE-2015-8058 CVE-2015-8059 CVE-2015-8060 CVE-2015-8061 CVE-2015-8062 CVE-2015-8063 CVE-2015-8064 CVE-2015-8065 CVE-2015-8066 CVE-2015-8067 CVE-2015-8068 CVE-2015-8069 CVE-2015-8070 CVE-2015-8071 CVE-2015-8401 CVE-2015-8402 CVE-2015-8403 CVE-2015-8404 CVE-2015-8405 CVE-2015-8406 CVE-2015-8407 CVE-2015-8408 CVE-2015-8409 CVE-2015-8410 CVE-2015-8411 CVE-2015-8412 CVE-2015-8413 CVE-2015-8414 CVE-2015-8415 CVE-2015-8416 CVE-2015-8417 CVE-2015-8418 CVE-2015-8419 CVE-2015-8420 CVE-2015-8421 CVE-2015-8422 CVE-2015-8423 CVE-2015-8424 CVE-2015-8425 CVE-2015-8426 CVE-2015-8427 CVE-2015-8428 CVE-2015-8429 CVE-2015-8430 CVE-2015-8431 CVE-2015-8432 CVE-2015-8433 CVE-2015-8434 CVE-2015-8435 CVE-2015-8436 CVE-2015-8437 CVE-2015-8438 CVE-2015-8439 CVE-2015-8440 CVE-2015-8441 CVE-2015-8442 CVE-2015-8443 CVE-2015-8444 CVE-2015-8445 CVE-2015-8446 CVE-2015-8447 CVE-2015-8448 CVE-2015-8449 CVE-2015-8450 CVE-2015-8451 CVE-2015-8452 CVE-2015-8453 CVE-2015-8454 CVE-2015-8455 CVE-2016-10196 CVE-2016-7942 CVE-2017-0861 CVE-2017-1000368 CVE-2017-14992 CVE-2017-16539 CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5455 CVE-2017-5456 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5469 CVE-2017-5470 CVE-2017-5472 CVE-2017-5837 CVE-2017-5844 CVE-2017-7467 CVE-2017-7749 CVE-2017-7750 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754 CVE-2017-7755 CVE-2017-7756 CVE-2017-7757 CVE-2017-7758 CVE-2017-7761 CVE-2017-7763 CVE-2017-7764 CVE-2017-7765 CVE-2017-7768 CVE-2017-7778 CVE-2018-1000199 CVE-2018-16884 CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2018-5391 CVE-2019-6974 CVE-2019-7221 CVE-2019-9213 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 SUSE-SU-2015:0258-1 SUSE-SU-2015:2218-1 SUSE-SU-2015:2236-1 SUSE-SU-2016:3001-1 SUSE-SU-2017:1012-1 SUSE-SU-2017:1092-1 SUSE-SU-2017:1626-1 SUSE-SU-2017:1669-1 SUSE-SU-2018:0386-1 SUSE-SU-2018:1237-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP2-LTSS-SAP SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libpython2_7-1_0-2.7.14-lp150.5 is installed OR python-base-2.7.14-lp150.5 is installed OR python-xml-2.7.14-lp150.5 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libIlmImf-2_2-23-2.2.1-lp151.4.3 is installed OR libIlmImf-2_2-23-32bit-2.2.1-lp151.4.3 is installed OR libIlmImfUtil-2_2-23-2.2.1-lp151.4.3 is installed OR libIlmImfUtil-2_2-23-32bit-2.2.1-lp151.4.3 is installed OR openexr-2.2.1-lp151.4.3 is installed OR openexr-devel-2.2.1-lp151.4.3 is installed OR openexr-doc-2.2.1-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libjasper-1.900.1-134.17 is installed OR libjasper-32bit-1.900.1-134.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.554-0.29 is installed OR flash-player-gnome-11.2.202.554-0.29 is installed OR flash-player-kde4-11.2.202.554-0.29 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND minicom-2.7-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND sudo-1.8.10p3-10.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information accountsservice-0.6.35-3 is installed OR accountsservice-lang-0.6.35-3 is installed OR libaccountsservice0-0.6.35-3 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-branding-SLE-52-31 is installed OR MozillaFirefox-devel-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.35 is installed OR openssh-askpass-gnome-7.2p2-74.35 is installed OR openssh-fips-7.2p2-74.35 is installed OR openssh-helpers-7.2p2-74.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180425-13.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information glib2-2.48.2-12.12 is installed OR glib2-lang-2.48.2-12.12 is installed OR glib2-tools-2.48.2-12.12 is installed OR libgio-2_0-0-2.48.2-12.12 is installed OR libgio-2_0-0-32bit-2.48.2-12.12 is installed OR libglib-2_0-0-2.48.2-12.12 is installed OR libglib-2_0-0-32bit-2.48.2-12.12 is installed OR libgmodule-2_0-0-2.48.2-12.12 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.12 is installed OR libgobject-2_0-0-2.48.2-12.12 is installed OR libgobject-2_0-0-32bit-2.48.2-12.12 is installed OR libgthread-2_0-0-2.48.2-12.12 is installed OR libgthread-2_0-0-32bit-2.48.2-12.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.2-2.53 is installed OR libwebkit2gtk-4_0-37-2.28.2-2.53 is installed OR libwebkit2gtk3-lang-2.28.2-2.53 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.2-2.53 is installed OR typelib-1_0-WebKit2-4_0-2.28.2-2.53 is installed OR webkit2gtk-4_0-injected-bundles-2.28.2-2.53 is installed OR webkit2gtk3-2.28.2-2.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ghostscript-9.25-23.13 is installed OR ghostscript-x11-9.25-23.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gdk-pixbuf-lang-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-19.17 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-19.17 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information containerd-0.2.9+gitr706_06b9cb351610-16.8 is installed OR docker-17.09.1_ce-98.8 is installed OR docker-libnetwork-0.7.0.1+gitr2066_7b2b1feb1de4-10 is installed OR docker-runc-1.0.0rc4+gitr3338_3f2f8b84a77f-1.3 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2066_7b2b1feb1de4-10 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libvirt-2.0.0-27.45 is installed OR libvirt-client-2.0.0-27.45 is installed OR libvirt-daemon-2.0.0-27.45 is installed OR libvirt-daemon-config-network-2.0.0-27.45 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed OR libvirt-daemon-driver-network-2.0.0-27.45 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed OR libvirt-daemon-hooks-2.0.0-27.45 is installed OR libvirt-daemon-lxc-2.0.0-27.45 is installed OR libvirt-daemon-qemu-2.0.0-27.45 is installed OR libvirt-daemon-xen-2.0.0-27.45 is installed OR libvirt-doc-2.0.0-27.45 is installed OR libvirt-lock-sanlock-2.0.0-27.45 is installed OR libvirt-nss-2.0.0-27.45 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-core-branding-upstream-6.0+git.1571412352.8da4d261f-3.13 is installed OR crowbar-openstack-6.0+git.1572264221.3826a58b8-3.13 is installed OR grafana-6.2.5-3.9 is installed OR openstack-cinder-13.0.8~dev8-3.13 is installed OR openstack-cinder-api-13.0.8~dev8-3.13 is installed OR openstack-cinder-backup-13.0.8~dev8-3.13 is installed OR openstack-cinder-scheduler-13.0.8~dev8-3.13 is installed OR openstack-cinder-volume-13.0.8~dev8-3.13 is installed OR openstack-dashboard-14.0.5~dev1-3.9 is installed OR openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR openstack-keystone-14.1.1~dev26-3.13 is installed OR openstack-manila-7.3.1~dev15-4.13 is installed OR openstack-manila-api-7.3.1~dev15-4.13 is installed OR openstack-manila-data-7.3.1~dev15-4.13 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.13 is installed OR openstack-manila-share-7.3.1~dev15-4.13 is installed OR openstack-neutron-13.0.6~dev3-3.13 is installed OR openstack-neutron-dhcp-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-fwaas-13.0.3~dev2-3.6 is installed OR openstack-neutron-ha-tool-13.0.6~dev3-3.13 is installed OR openstack-neutron-l3-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-lbaas-13.0.1~dev15-3.10 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev15-3.10 is installed OR openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-macvtap-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metadata-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metering-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-server-13.0.6~dev3-3.13 is installed OR openstack-nova-18.2.4~dev18-3.13 is installed OR openstack-nova-api-18.2.4~dev18-3.13 is installed OR openstack-nova-cells-18.2.4~dev18-3.13 is installed OR openstack-nova-compute-18.2.4~dev18-3.13 is installed OR openstack-nova-conductor-18.2.4~dev18-3.13 is installed OR openstack-nova-console-18.2.4~dev18-3.13 is installed OR openstack-nova-novncproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-placement-api-18.2.4~dev18-3.13 is installed OR openstack-nova-scheduler-18.2.4~dev18-3.13 is installed OR openstack-nova-serialproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-vncproxy-18.2.4~dev18-3.13 is installed OR openstack-octavia-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-agent-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-image-0.1.1-7.3 is installed OR openstack-octavia-amphora-image-x86_64-0.1.1-7.3 is installed OR openstack-octavia-api-3.2.1~dev1-3.13 is installed OR openstack-octavia-health-manager-3.2.1~dev1-3.13 is installed OR openstack-octavia-housekeeping-3.2.1~dev1-3.13 is installed OR openstack-octavia-worker-3.2.1~dev1-3.13 is installed OR python-Django1-1.11.24-3.12 is installed OR python-cinder-13.0.8~dev8-3.13 is installed OR python-horizon-14.0.5~dev1-3.9 is installed OR python-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR python-keystone-14.1.1~dev26-3.13 is installed OR python-keystonemiddleware-5.2.1-11 is installed OR python-manila-7.3.1~dev15-4.13 is installed OR python-neutron-13.0.6~dev3-3.13 is installed OR python-neutron-fwaas-13.0.3~dev2-3.6 is installed OR python-neutron-lbaas-13.0.1~dev15-3.10 is installed OR python-nova-18.2.4~dev18-3.13 is installed OR python-octavia-3.2.1~dev1-3.13 is installed OR python-octaviaclient-1.6.1-3.3 is installed OR python-openstack_auth-14.0.5~dev1-3.9 is installed OR python-os-brick-2.5.8-3.6 is installed OR python-os-brick-common-2.5.8-3.6 is installed OR python-oslo.cache-1.30.4-3.3 is installed OR python-oslo.messaging-8.1.4-3.3 is installed
BACK