OVAL Reference oval:org.opensuse.security:def:56285

Oval Definition:

oval:org.opensuse.security:def:56285

Revision Date:	2020-12-01	Version:	1
Title:	Security update for tiff (Important)
Description:	This update for tiff fixes the following issues: Security issues fixed: - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to 'WRITE of size 2048' and libtiff/tif_next.c:64:9 (bsc#1031247). - CVE-2016-10271: tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 1' and libtiff/tif_fax3.c:413:13 (bsc#1031249). - CVE-2016-10270: LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 8' and libtiff/tif_read.c:523:22 (bsc#1031250). - CVE-2016-10269: LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 512' and libtiff/tif_unix.c:340:2 (bsc#1031254). - CVE-2016-10268: tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 78490' and libtiff/tif_unix.c:115:23 (bsc#1031255). - CVE-2016-10267: LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8 (bsc#1031262). - CVE-2016-10266: LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. (bsc#1031263).
Family:	unix	Class:	patch
Status:		Reference(s):	1028391 1031247 1031249 1031250 1031254 1031255 1031262 1031263 1032138 1032230 1040643 1050879 1050887 1050888 1050889 1050891 1051184 1051791 1059777 1061076 1061077 1061080 1061081 1061082 1061084 1061086 1061087 1064569 1064580 1064583 1094161 1120489 930189 976844 CVE-2008-4316 CVE-2011-0020 CVE-2011-0064 CVE-2011-2895 CVE-2012-2396 CVE-2012-3524 CVE-2012-5112 CVE-2012-5133 CVE-2013-6462 CVE-2013-7440 CVE-2014-0209 CVE-2014-0210 CVE-2014-0211 CVE-2014-1344 CVE-2014-1384 CVE-2014-1385 CVE-2014-1386 CVE-2014-1387 CVE-2014-1388 CVE-2014-1389 CVE-2014-1390 CVE-2014-1748 CVE-2014-3686 CVE-2015-0210 CVE-2015-1071 CVE-2015-1076 CVE-2015-1081 CVE-2015-1083 CVE-2015-1120 CVE-2015-1122 CVE-2015-1127 CVE-2015-1153 CVE-2015-1155 CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 CVE-2015-1863 CVE-2015-2330 CVE-2015-3658 CVE-2015-3659 CVE-2015-3727 CVE-2015-3731 CVE-2015-3741 CVE-2015-3743 CVE-2015-3745 CVE-2015-3747 CVE-2015-3748 CVE-2015-3749 CVE-2015-3752 CVE-2015-5788 CVE-2015-5794 CVE-2015-5801 CVE-2015-5809 CVE-2015-5822 CVE-2015-5928 CVE-2015-8868 CVE-2016-10219 CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 CVE-2016-10270 CVE-2016-10271 CVE-2016-10272 CVE-2016-10317 CVE-2016-2851 CVE-2016-6354 CVE-2017-11714 CVE-2017-12132 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15591 CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-15670 CVE-2017-15671 CVE-2017-15804 CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5409 CVE-2017-5410 CVE-2017-5526 CVE-2017-9216 CVE-2017-9612 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9835 CVE-2018-11236 CVE-2018-20217 SUSE-SU-2015:1651-1 SUSE-SU-2016:1543-1 SUSE-SU-2017:0714-1 SUSE-SU-2017:1044-1 SUSE-SU-2017:2873-1 SUSE-SU-2018:0407-1 SUSE-SU-2018:2185-1 SUSE-SU-2019:0113-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND kdump-0.8.16-lp150.11 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information chromedriver-74.0.3729.157-lp151.2.3 is installed OR chromium-74.0.3729.157-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND python-setuptools-0.6c11-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libtiff5-4.0.7-43 is installed OR libtiff5-32bit-4.0.7-43 is installed OR tiff-4.0.7-43 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information glib2-lang-2.38.2-5 is installed OR glib2-tools-2.38.2-5 is installed OR libgio-2_0-0-2.38.2-5 is installed OR libgio-2_0-0-32bit-2.38.2-5 is installed OR libglib-2_0-0-2.38.2-5 is installed OR libglib-2_0-0-32bit-2.38.2-5 is installed OR libgmodule-2_0-0-2.38.2-5 is installed OR libgmodule-2_0-0-32bit-2.38.2-5 is installed OR libgobject-2_0-0-2.38.2-5 is installed OR libgobject-2_0-0-32bit-2.38.2-5 is installed OR libgthread-2_0-0-2.38.2-5 is installed OR libgthread-2_0-0-32bit-2.38.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information glibc-2.19-40.16 is installed OR glibc-32bit-2.19-40.16 is installed OR glibc-devel-2.19-40.16 is installed OR glibc-devel-32bit-2.19-40.16 is installed OR glibc-html-2.19-40.16 is installed OR glibc-i18ndata-2.19-40.16 is installed OR glibc-info-2.19-40.16 is installed OR glibc-locale-2.19-40.16 is installed OR glibc-locale-32bit-2.19-40.16 is installed OR glibc-profile-2.19-40.16 is installed OR glibc-profile-32bit-2.19-40.16 is installed OR nscd-2.19-40.16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information at-3.1.14-7 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed OR libkde4-4.12.0-7 is installed OR libkde4-32bit-4.12.0-7 is installed OR libkdecore4-4.12.0-7 is installed OR libkdecore4-32bit-4.12.0-7 is installed OR libksuseinstall1-4.12.0-7 is installed OR libksuseinstall1-32bit-4.12.0-7 is installed OR libnetpbm11-10.66.3-4 is installed OR libnetpbm11-32bit-10.66.3-4 is installed OR netpbm-10.66.3-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.25 is installed OR openssh-askpass-gnome-7.2p2-74.25 is installed OR openssh-fips-7.2p2-74.25 is installed OR openssh-helpers-7.2p2-74.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_50-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_15-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information perl-5.18.2-11 is installed OR perl-32bit-5.18.2-11 is installed OR perl-base-5.18.2-11 is installed OR perl-doc-5.18.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information gnome-shell-3.20.4-77.23 is installed OR gnome-shell-browser-plugin-3.20.4-77.23 is installed OR gnome-shell-lang-3.20.4-77.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information xen-4.5.5_18-22.31 is installed OR xen-doc-html-4.5.5_18-22.31 is installed OR xen-kmp-default-4.5.5_18_k3.12.74_60.64.60-22.31 is installed OR xen-libs-4.5.5_18-22.31 is installed OR xen-libs-32bit-4.5.5_18-22.31 is installed OR xen-tools-4.5.5_18-22.31 is installed OR xen-tools-domU-4.5.5_18-22.31 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.55-38.44 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed

BACK