Oval Definition:	oval:org.opensuse.security:def:56200
Revision Date: 2020-12-01 Version: 1 Title: Security update for libwpd (Important) Description: This update for libwpd fixes the following issues: Security issue fixed: - CVE-2017-14226: WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application. (bnc#1058025) Bugfixes: - Fix various crashes, leaks and hangs when reading damaged files found by oss-fuzz. - Fix crash when NULL is passed as input stream. - Use symbol visibility on Linux. The library only exports public functions now. - Avoid infinite loop. (libwpd#3) - Remove bashism. (libwpd#5) - Fix various crashes and hangs when reading broken files found with the help of american-fuzzy-lop. - Make --help output of all command line tools more help2man-friendly. - Miscellaneous fixes and cleanups. - Generate manpages for the libwpd-tools Family: unix Class: patch Status: Reference(s): 1009280 1017646 1024041 1024047 1024076 1024079 1045327 1057950 1058025 1111789 1112039 1123022 1130116 952099 952871 957812 958791 963415 967787 968046 968047 968048 968051 968053 968374 CVE-2008-1420 CVE-2009-3379 CVE-2011-1526 CVE-2011-2186 CVE-2011-3563 CVE-2011-3571 CVE-2011-4862 CVE-2011-5035 CVE-2012-0444 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0547 CVE-2012-1682 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 CVE-2012-3136 CVE-2012-3174 CVE-2012-3216 CVE-2012-4416 CVE-2012-4681 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 CVE-2013-0169 CVE-2013-0401 CVE-2013-0422 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0431 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0450 CVE-2013-0809 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1488 CVE-2013-1493 CVE-2013-1500 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1569 CVE-2013-1571 CVE-2013-1667 CVE-2013-2186 CVE-2013-2383 CVE-2013-2384 CVE-2013-2407 CVE-2013-2412 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2423 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431 CVE-2013-2436 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5800 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5805 CVE-2013-5806 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851 CVE-2013-5878 CVE-2013-5884 CVE-2013-5893 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2013-6629 CVE-2013-6954 CVE-2014-0050 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0408 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454 CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403 CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427 CVE-2014-2483 CVE-2014-2490 CVE-2014-3566 CVE-2014-3641 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4266 CVE-2014-4268 CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6517 CVE-2014-6519 CVE-2014-6531 CVE-2014-6558 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2014-7230 CVE-2014-7231 CVE-2014-9390 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0460 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808 CVE-2015-3195 CVE-2015-3197 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4734 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 CVE-2015-7575 CVE-2015-8126 CVE-2015-8472 CVE-2015-8540 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 CVE-2016-0636 CVE-2016-0686 CVE-2016-0687 CVE-2016-0695 CVE-2016-0702 CVE-2016-0703 CVE-2016-0705 CVE-2016-0797 CVE-2016-0799 CVE-2016-0800 CVE-2016-10087 CVE-2016-2315 CVE-2016-2324 CVE-2016-3425 CVE-2016-3427 CVE-2016-3458 CVE-2016-3485 CVE-2016-3498 CVE-2016-3500 CVE-2016-3503 CVE-2016-3508 CVE-2016-3511 CVE-2016-3550 CVE-2016-3598 CVE-2016-3606 CVE-2016-3610 CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5597 CVE-2017-1000251 CVE-2017-14226 CVE-2017-15274 CVE-2017-5837 CVE-2017-5839 CVE-2017-5842 CVE-2017-5844 CVE-2018-18386 CVE-2019-3814 CVE-2019-7524 SUSE-SU-2015:2251-1 SUSE-SU-2016:0624-1 SUSE-SU-2016:3078-1 SUSE-SU-2017:0950-1 SUSE-SU-2017:1041-1 SUSE-SU-2017:2779-1 SUSE-SU-2017:2931-1 SUSE-SU-2019:0900-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information alsa-1.1.5-lp150.4 is installed OR libasound2-1.1.5-lp150.4 is installed OR libasound2-32bit-1.1.5-lp150.4 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.2-lp151.2.3 is installed OR libjavascriptcoregtk-4_0-18-32bit-2.24.2-lp151.2.3 is installed OR libwebkit2gtk-4_0-37-2.24.2-lp151.2.3 is installed OR libwebkit2gtk-4_0-37-32bit-2.24.2-lp151.2.3 is installed OR libwebkit2gtk3-lang-2.24.2-lp151.2.3 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.2-lp151.2.3 is installed OR typelib-1_0-WebKit2-4_0-2.24.2-lp151.2.3 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.24.2-lp151.2.3 is installed OR webkit-jsc-4-2.24.2-lp151.2.3 is installed OR webkit2gtk-4_0-injected-bundles-2.24.2-lp151.2.3 is installed OR webkit2gtk3-2.24.2-lp151.2.3 is installed OR webkit2gtk3-devel-2.24.2-lp151.2.3 is installed OR webkit2gtk3-minibrowser-2.24.2-lp151.2.3 is installed OR webkit2gtk3-plugin-process-gtk2-2.24.2-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.36 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.36 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libwpd-0.10.2-2.4 is installed OR libwpd-0_10-10-0.10.2-2.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND apache2-mod_perl-2.0.8-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_21-default-10-4 is installed OR kgraft-patch-3_12_67-60_64_21-xen-10-4 is installed OR kgraft-patch-SLE12-SP1_Update_10-10-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND git-core-1.8.5.6-18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ntp-4.2.8p12-64.8 is installed OR ntp-doc-4.2.8p12-64.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND libmspack0-0.4-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsnmp30-5.7.3-6.3 is installed OR libsnmp30-32bit-5.7.3-6.3 is installed OR net-snmp-5.7.3-6.3 is installed OR perl-SNMP-5.7.3-6.3 is installed OR snmp-mibs-5.7.3-6.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libssh2-1-1.4.3-19 is installed OR libssh2-1-32bit-1.4.3-19 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-cinder-7.0.2~a0~dev1-1 is installed OR openstack-cinder-api-7.0.2~a0~dev1-1 is installed OR openstack-cinder-backup-7.0.2~a0~dev1-1 is installed OR openstack-cinder-scheduler-7.0.2~a0~dev1-1 is installed OR openstack-cinder-volume-7.0.2~a0~dev1-1 is installed OR python-cinder-7.0.2~a0~dev1-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND yast2-smt-3.0.14-17.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information galera-3-25.3.24-4.3 is installed OR galera-3-wsrep-provider-25.3.24-4.3 is installed OR libmariadb3-3.0.6-3.6 is installed OR mariadb-10.2.21-4.8 is installed OR mariadb-client-10.2.21-4.8 is installed OR mariadb-connector-c-3.0.6-3.6 is installed OR mariadb-errormessages-10.2.21-4.8 is installed OR mariadb-galera-10.2.21-4.8 is installed OR mariadb-tools-10.2.21-4.8 is installed
BACK