Oval Definition:	oval:org.opensuse.security:def:56351
Revision Date: 2020-12-01 Version: 1 Title: Security update for libsndfile (Moderate) Description: This update for libsndfile fixes the following issues: - CVE-2017-16942: Divide-by-zero in the function wav_w64_read_fmt_chunk(), which may lead to Denial of service (bsc#1069874). - CVE-2017-6892: Fixed an out-of-bounds read memory access in the aiff_read_chanmap() (bsc#1043978). - CVE-2017-14634: In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. (bsc#1059911) - CVE-2017-14245: An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. (bsc#1059912) - CVE-2017-14246: An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.(bsc#1059913) Family: unix Class: patch Status: Reference(s): 1038564 1042892 1043978 1049255 1049621 1052311 1052368 1059911 1059912 1059913 1069874 1083125 1085447 1090368 1090646 1107832 1108963 1110233 1122292 1122299 1141780 1141782 1141783 1141785 1141787 1141789 1147021 1173144 968849 CVE-2009-3627 CVE-2011-1098 CVE-2011-1154 CVE-2011-1155 CVE-2011-1831 CVE-2011-1832 CVE-2011-1833 CVE-2011-1834 CVE-2011-1835 CVE-2011-1836 CVE-2011-1837 CVE-2011-2709 CVE-2012-2451 CVE-2013-7447 CVE-2014-3675 CVE-2014-3676 CVE-2014-3677 CVE-2014-8080 CVE-2014-8090 CVE-2016-2098 CVE-2017-1000112 CVE-2017-11406 CVE-2017-11407 CVE-2017-11408 CVE-2017-11410 CVE-2017-11411 CVE-2017-13166 CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2017-16942 CVE-2017-6892 CVE-2017-8890 CVE-2017-9242 CVE-2018-11212 CVE-2018-14633 CVE-2018-14634 CVE-2018-17182 CVE-2018-8781 CVE-2018-8897 CVE-2019-11771 CVE-2019-11772 CVE-2019-11775 CVE-2019-2449 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-4473 CVE-2019-7317 CVE-2020-8163 SUSE-SU-2016:0867-1 SUSE-SU-2017:2033-1 SUSE-SU-2017:2447-1 SUSE-SU-2018:0352-1 SUSE-SU-2018:1519-1 SUSE-SU-2019:2371-1 SUSE-SU-2020:2140-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information dhcp-4.3.5-lp150.4 is installed OR dhcp-client-4.3.5-lp150.4 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information mumble-1.2.19-9 is installed OR mumble-32bit-1.2.19-lp151.4.6 is installed OR mumble-server-1.2.19-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libsndfile-1.0.25-36.7 is installed OR libsndfile1-1.0.25-36.7 is installed OR libsndfile1-32bit-1.0.25-36.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libwireshark8-2.2.8-48.6 is installed OR libwiretap6-2.2.8-48.6 is installed OR libwscodecs1-2.2.8-48.6 is installed OR libwsutil7-2.2.8-48.6 is installed OR wireshark-2.2.8-48.6 is installed OR wireshark-gtk-2.2.8-48.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information ecryptfs-utils-103-5 is installed OR ecryptfs-utils-32bit-103-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_51-default-2-2 is installed OR kgraft-patch-3_12_74-60_64_51-xen-2-2 is installed OR kgraft-patch-SLE12-SP1_Update_18-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gtk2-data-2.24.31-7 is installed OR gtk2-lang-2.24.31-7 is installed OR gtk2-tools-2.24.31-7 is installed OR gtk2-tools-32bit-2.24.31-7 is installed OR libgtk-2_0-0-2.24.31-7 is installed OR libgtk-2_0-0-32bit-2.24.31-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND yast2-smt-3.0.14-17.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.73 is installed OR kernel-default-base-4.4.121-92.73 is installed OR kernel-default-devel-4.4.121-92.73 is installed OR kernel-devel-4.4.121-92.73 is installed OR kernel-macros-4.4.121-92.73 is installed OR kernel-source-4.4.121-92.73 is installed OR kernel-syms-4.4.121-92.73 is installed OR kgraft-patch-4_4_121-92_73-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_21-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information expat-2.1.0-21.3 is installed OR libexpat1-2.1.0-21.3 is installed OR libexpat1-32bit-2.1.0-21.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information ruby2.1-rubygem-actionview-4_2-4.2.2-8 is installed OR rubygem-actionview-4_2-4.2.2-8 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND Package Information ruby2.1-rubygem-actionview-4_2-4.2.9-9.9 is installed OR ruby2.1-rubygem-activesupport-4_2-4.2.9-7.6 is installed OR rubygem-actionview-4_2-4.2.9-9.9 is installed OR rubygem-activesupport-4_2-4.2.9-7.6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libopenssl-devel-1.0.2j-60.46 is installed OR libopenssl1_0_0-1.0.2j-60.46 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed OR openssl-1.0.2j-60.46 is installed OR openssl-doc-1.0.2j-60.46 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.5 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-haml-4.0.6-3.3 is installed OR rubygem-haml-4.0.6-3.3 is installed
BACK