Oval Definition:oval:org.opensuse.security:def:56159
Revision Date:2020-12-01Version:1
Title:Security update for libraw (Moderate)
Description:

This update for libraw fixes the following issues:

- CVE-2015-3885: A specially crafted raw image file could have caused a Denial of Service through an integer overflow. (bsc#930683)

- CVE-2015-8367: The function phase_one_correct() did not handle memory object initialization correctly, which may have caused some other problems. (bsc#957517)

- CVE-2017-6886: memory corruption in parse_tiff_ifd() func (internal/dcraw_common.cpp) could lead to Denial of service (bsc#1039380)

- CVE-2017-6889: integer overflow error within the 'foveon_load_camf()' function (dcraw_foveon.c) could lead to Denial of service (bsc#1039210)

- CVE-2017-6890: boundary error within the 'foveon_load_camf()' function (dcraw_foveon.c) (bsc#1039209)

Family:unixClass:patch
Status:Reference(s):1000677
1001912
1004499
1005878
1019334
1021641
1022085
1022271
1038564
1039209
1039210
1039379
1039380
1042892
1050751
1060321
1063798
1072385
1082023
1102682
1103203
1105323
1158785
1158787
1158788
1158789
1158790
1158791
1158792
1158793
1158795
777565
867362
873385
883380
884333
886785
891116
894936
903649
915517
917830
917968
919463
920016
920110
920160
920250
920733
921430
923002
923245
923431
924701
925705
925881
925903
926240
926953
927355
928988
929076
929142
929143
930092
930683
930934
931620
932350
932458
932483
932882
933429
933721
933896
933904
933907
933936
934944
935053
935055
935572
935705
935866
935906
936077
936095
936118
936423
936637
936695
936831
936875
936921
936925
937032
937256
937402
937444
937503
937641
937855
938485
938746
939910
939932
939994
940338
940398
940925
940966
942204
942305
942350
942367
942404
942605
942688
942938
943006
943010
943477
945484
945493
947458
950437
957517
960382
962052
CVE-2007-4129
CVE-2009-0793
CVE-2010-1163
CVE-2010-1646
CVE-2011-0010
CVE-2011-1831
CVE-2011-1832
CVE-2011-1833
CVE-2011-1834
CVE-2011-1835
CVE-2011-1836
CVE-2011-1837
CVE-2012-2337
CVE-2013-1775
CVE-2013-1776
CVE-2013-4276
CVE-2014-0172
CVE-2014-9447
CVE-2014-9687
CVE-2014-9687
CVE-2014-9728
CVE-2014-9729
CVE-2014-9730
CVE-2014-9731
CVE-2015-0247
CVE-2015-0777
CVE-2015-1420
CVE-2015-1572
CVE-2015-1805
CVE-2015-2150
CVE-2015-2830
CVE-2015-3885
CVE-2015-4000
CVE-2015-4167
CVE-2015-4700
CVE-2015-5352
CVE-2015-5364
CVE-2015-5366
CVE-2015-5600
CVE-2015-5707
CVE-2015-6252
CVE-2015-6563
CVE-2015-6564
CVE-2015-7830
CVE-2015-8367
CVE-2015-8711
CVE-2015-8712
CVE-2015-8713
CVE-2015-8714
CVE-2015-8715
CVE-2015-8716
CVE-2015-8717
CVE-2015-8718
CVE-2015-8719
CVE-2015-8720
CVE-2015-8721
CVE-2015-8722
CVE-2015-8723
CVE-2015-8724
CVE-2015-8725
CVE-2015-8726
CVE-2015-8727
CVE-2015-8728
CVE-2015-8729
CVE-2015-8730
CVE-2015-8731
CVE-2015-8732
CVE-2015-8733
CVE-2016-1572
CVE-2016-1572
CVE-2016-2108
CVE-2016-7056
CVE-2016-8610
CVE-2017-13735
CVE-2017-14608
CVE-2017-16909
CVE-2017-3731
CVE-2017-6886
CVE-2017-6887
CVE-2017-6889
CVE-2017-6890
CVE-2017-6899
CVE-2017-7533
CVE-2017-8890
CVE-2017-9242
CVE-2018-10902
CVE-2018-5390
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387
CVE-2019-19604
SUSE-SU-2015:1678-1
SUSE-SU-2015:1695-1
SUSE-SU-2016:0110-1
SUSE-SU-2016:0241-1
SUSE-SU-2017:0461-1
SUSE-SU-2017:2090-1
SUSE-SU-2017:2300-1
SUSE-SU-2017:3392-1
SUSE-SU-2019:3311-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND dnsmasq-2.78-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exim-4.88-lp151.4.3 is installed
  • OR eximon-4.88-lp151.4.3 is installed
  • OR eximstats-html-4.88-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND wireshark-1.12.9-0.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • kernel-default-3.0.101-65 is installed
  • OR kernel-default-base-3.0.101-65 is installed
  • OR kernel-default-devel-3.0.101-65 is installed
  • OR kernel-default-extra-3.0.101-65 is installed
  • OR kernel-pae-3.0.101-65 is installed
  • OR kernel-pae-base-3.0.101-65 is installed
  • OR kernel-pae-devel-3.0.101-65 is installed
  • OR kernel-pae-extra-3.0.101-65 is installed
  • OR kernel-source-3.0.101-65 is installed
  • OR kernel-syms-3.0.101-65 is installed
  • OR kernel-trace-3.0.101-65 is installed
  • OR kernel-trace-devel-3.0.101-65 is installed
  • OR kernel-xen-3.0.101-65 is installed
  • OR kernel-xen-base-3.0.101-65 is installed
  • OR kernel-xen-devel-3.0.101-65 is installed
  • OR kernel-xen-extra-3.0.101-65 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libraw-0.15.4-9 is installed
  • OR libraw9-0.15.4-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • elfutils-0.158-6 is installed
  • OR libasm1-0.158-6 is installed
  • OR libasm1-32bit-0.158-6 is installed
  • OR libdw1-0.158-6 is installed
  • OR libdw1-32bit-0.158-6 is installed
  • OR libebl1-0.158-6 is installed
  • OR libebl1-32bit-0.158-6 is installed
  • OR libelf1-0.158-6 is installed
  • OR libelf1-32bit-0.158-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_45-default-3-2 is installed
  • OR kgraft-patch-3_12_74-60_64_45-xen-3-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_16-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND coolkey-1.1.0-147 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libcgroup-tools-0.41.rc1-9 is installed
  • OR libcgroup1-0.41.rc1-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.74 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.74 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.74 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libnetpbm11-10.66.3-7 is installed
  • OR libnetpbm11-32bit-10.66.3-7 is installed
  • OR netpbm-10.66.3-7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ibus-1.5.13-15.11 is installed
  • OR ibus-gtk-1.5.13-15.11 is installed
  • OR ibus-gtk3-1.5.13-15.11 is installed
  • OR ibus-lang-1.5.13-15.11 is installed
  • OR libibus-1_0-5-1.5.13-15.11 is installed
  • OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libecpg6-10.12-1.18 is installed
  • OR libpq5-10.12-1.18 is installed
  • OR libpq5-32bit-10.12-1.18 is installed
  • OR postgresql10-10.12-1.18 is installed
  • OR postgresql10-contrib-10.12-1.18 is installed
  • OR postgresql10-docs-10.12-1.18 is installed
  • OR postgresql10-libs-10.12-1.18 is installed
  • OR postgresql10-plperl-10.12-1.18 is installed
  • OR postgresql10-plpython-10.12-1.18 is installed
  • OR postgresql10-pltcl-10.12-1.18 is installed
  • OR postgresql10-server-10.12-1.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-urllib3-1.23-3.6 is installed
    • BACK