Oval Definition:	oval:org.opensuse.security:def:56405
Revision Date: 2020-12-01 Version: 1 Title: Security update for tiff (Important) Description: This update for tiff to version 4.0.9 fixes the following issues: Security issues fixed: - CVE-2014-8128: Fix out-of-bounds read with malformed TIFF image in multiple tools (bsc#969783). - CVE-2015-7554: Fix invalid write in tiffsplit / _TIFFVGetField (bsc#960341). - CVE-2016-10095: Fix stack-based buffer overflow in _TIFFVGetField (tif_dir.c) (bsc#1017690). - CVE-2016-5318: Fix stackoverflow in thumbnail (bsc#983436). - CVE-2017-16232: Fix memory-based DoS in tiff2bw (bsc#1069213). Family: unix Class: patch Status: Reference(s): 1004221 1017690 1054724 1055587 1056291 1056334 1057378 1057585 1057966 1062069 1062942 1063122 1069213 1070162 1081557 1096564 1097108 1099306 1119947 960341 969783 983436 986971 CVE-2007-4772 CVE-2007-6600 CVE-2009-1210 CVE-2009-1267 CVE-2009-1268 CVE-2009-1269 CVE-2009-3241 CVE-2009-3242 CVE-2009-3243 CVE-2009-4034 CVE-2009-4136 CVE-2010-1169 CVE-2010-1170 CVE-2010-1455 CVE-2010-2993 CVE-2010-3433 CVE-2010-3445 CVE-2010-4300 CVE-2010-4301 CVE-2010-4538 CVE-2011-0024 CVE-2011-0538 CVE-2011-0713 CVE-2011-1138 CVE-2011-1139 CVE-2011-1140 CVE-2011-1143 CVE-2011-1590 CVE-2011-1591 CVE-2011-1592 CVE-2011-1957 CVE-2011-1958 CVE-2011-1959 CVE-2011-2174 CVE-2011-2175 CVE-2011-2597 CVE-2011-2698 CVE-2011-3266 CVE-2011-3360 CVE-2011-3483 CVE-2012-0866 CVE-2012-0867 CVE-2012-0868 CVE-2012-2143 CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-2655 CVE-2012-2738 CVE-2012-3488 CVE-2012-3489 CVE-2012-3548 CVE-2012-4048 CVE-2012-4049 CVE-2012-4285 CVE-2012-4286 CVE-2012-4287 CVE-2012-4288 CVE-2012-4289 CVE-2012-4290 CVE-2012-4291 CVE-2012-4292 CVE-2012-4293 CVE-2012-4294 CVE-2012-4295 CVE-2012-4296 CVE-2012-4297 CVE-2012-4298 CVE-2012-5237 CVE-2012-5238 CVE-2012-5239 CVE-2012-5240 CVE-2012-5592 CVE-2012-5593 CVE-2012-5594 CVE-2012-5595 CVE-2012-5596 CVE-2012-5597 CVE-2012-5598 CVE-2012-5599 CVE-2012-5600 CVE-2012-5601 CVE-2012-5602 CVE-2012-5643 CVE-2013-0255 CVE-2013-1572 CVE-2013-1573 CVE-2013-1574 CVE-2013-1575 CVE-2013-1576 CVE-2013-1577 CVE-2013-1578 CVE-2013-1579 CVE-2013-1580 CVE-2013-1581 CVE-2013-1582 CVE-2013-1583 CVE-2013-1584 CVE-2013-1585 CVE-2013-1586 CVE-2013-1587 CVE-2013-1588 CVE-2013-1589 CVE-2013-1590 CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-1984 CVE-2013-1995 CVE-2013-1998 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 CVE-2013-3555 CVE-2013-3556 CVE-2013-3557 CVE-2013-3558 CVE-2013-3559 CVE-2013-3560 CVE-2013-3561 CVE-2013-3562 CVE-2013-4083 CVE-2013-4920 CVE-2013-4921 CVE-2013-4922 CVE-2013-4923 CVE-2013-4924 CVE-2013-4925 CVE-2013-4926 CVE-2013-4927 CVE-2013-4928 CVE-2013-4929 CVE-2013-4930 CVE-2013-4931 CVE-2013-4932 CVE-2013-4933 CVE-2013-4934 CVE-2013-4935 CVE-2013-4936 CVE-2013-5717 CVE-2013-5718 CVE-2013-5719 CVE-2013-5720 CVE-2013-5721 CVE-2013-5722 CVE-2013-6336 CVE-2013-6337 CVE-2013-6338 CVE-2013-6339 CVE-2013-6340 CVE-2013-7112 CVE-2013-7113 CVE-2013-7114 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-0067 CVE-2014-2281 CVE-2014-2282 CVE-2014-2283 CVE-2014-2299 CVE-2014-2907 CVE-2014-3686 CVE-2014-4020 CVE-2014-4038 CVE-2014-4039 CVE-2014-5161 CVE-2014-5162 CVE-2014-5163 CVE-2014-5164 CVE-2014-5165 CVE-2014-7141 CVE-2014-7142 CVE-2014-8128 CVE-2014-9749 CVE-2015-0210 CVE-2015-0559 CVE-2015-0560 CVE-2015-0561 CVE-2015-0562 CVE-2015-0563 CVE-2015-0564 CVE-2015-1863 CVE-2015-2188 CVE-2015-2189 CVE-2015-2191 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-3814 CVE-2015-4141 CVE-2015-4142 CVE-2015-4143 CVE-2015-5130 CVE-2015-5288 CVE-2015-5289 CVE-2015-5310 CVE-2015-5400 CVE-2015-7514 CVE-2015-7554 CVE-2015-7830 CVE-2015-8041 CVE-2015-8711 CVE-2015-8712 CVE-2015-8713 CVE-2015-8714 CVE-2015-8715 CVE-2015-8716 CVE-2015-8717 CVE-2015-8718 CVE-2015-8719 CVE-2015-8720 CVE-2015-8721 CVE-2015-8722 CVE-2015-8723 CVE-2015-8724 CVE-2015-8725 CVE-2015-8726 CVE-2015-8727 CVE-2015-8728 CVE-2015-8729 CVE-2015-8730 CVE-2015-8731 CVE-2015-8732 CVE-2015-8733 CVE-2016-0766 CVE-2016-0773 CVE-2016-10095 CVE-2016-10165 CVE-2016-2390 CVE-2016-2523 CVE-2016-2530 CVE-2016-2531 CVE-2016-2532 CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572 CVE-2016-3947 CVE-2016-3948 CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 CVE-2016-4553 CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 CVE-2016-5318 CVE-2016-5350 CVE-2016-5351 CVE-2016-5352 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5358 CVE-2016-5359 CVE-2016-5423 CVE-2016-5424 CVE-2016-5746 CVE-2016-6504 CVE-2016-6505 CVE-2016-6506 CVE-2016-6507 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 CVE-2016-8605 CVE-2016-9841 CVE-2017-10281 CVE-2017-10285 CVE-2017-10293 CVE-2017-10295 CVE-2017-10309 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2017-10911 CVE-2017-11600 CVE-2017-12809 CVE-2017-13672 CVE-2017-13711 CVE-2017-14167 CVE-2017-15038 CVE-2017-15268 CVE-2017-15289 CVE-2017-16232 CVE-2017-18190 CVE-2018-10853 CVE-2018-16884 CVE-2018-3646 SUSE-SU-2016:2189-1 SUSE-SU-2017:0398-1 SUSE-SU-2017:2924-1 SUSE-SU-2017:3411-1 SUSE-SU-2018:0073-1 SUSE-SU-2018:0604-1 SUSE-SU-2018:2355-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information kdelibs4-4.14.38-lp150.5 is installed OR kdelibs4-branding-upstream-4.14.38-lp150.5 is installed OR kdelibs4-core-4.14.38-lp150.5 is installed OR libkde4-4.14.38-lp150.5 is installed OR libkdecore4-4.14.38-lp150.5 is installed OR libksuseinstall1-4.14.38-lp150.5 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information apache-commons-beanutils-1.9.2-lp151.3.3 is installed OR apache-commons-beanutils-javadoc-1.9.2-lp151.3.3 is installed Definition Synopsis openSUSE Leap 15.1 NonFree is installed AND opera-67.0.3575.97-lp151.2.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libtiff5-4.0.9-44.7 is installed OR libtiff5-32bit-4.0.9-44.7 is installed OR tiff-4.0.9-44.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information qemu-2.9.1-6.6 is installed OR qemu-block-curl-2.9.1-6.6 is installed OR qemu-ipxe-1.0.0-6.6 is installed OR qemu-kvm-2.9.1-6.6 is installed OR qemu-seabios-1.10.2-6.6 is installed OR qemu-sgabios-8-6.6 is installed OR qemu-tools-2.9.1-6.6 is installed OR qemu-vgabios-1.10.2-6.6 is installed OR qemu-x86-2.9.1-6.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libXi6-1.7.4-9 is installed OR libXi6-32bit-1.7.4-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_57-default-11-2 is installed OR kgraft-patch-3_12_74-60_64_57-xen-11-2 is installed OR kgraft-patch-SLE12-SP1_Update_20-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libecpg6-9.4.9-14 is installed OR libpq5-9.4.9-14 is installed OR libpq5-32bit-9.4.9-14 is installed OR postgresql94-9.4.9-14 is installed OR postgresql94-contrib-9.4.9-14 is installed OR postgresql94-docs-9.4.9-14 is installed OR postgresql94-server-9.4.9-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_104-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_28-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND chrony-2.3-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_140-94_42-default-10-2 is installed OR kgraft-patch-SLE12-SP3_Update_15-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dhcp-4.3.3-10.14 is installed OR dhcp-client-4.3.3-10.14 is installed OR dhcp-relay-4.3.3-10.14 is installed OR dhcp-server-4.3.3-10.14 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information openstack-ironic-4.2.3~a0~dev14-1 is installed OR openstack-ironic-api-4.2.3~a0~dev14-1 is installed OR openstack-ironic-conductor-4.2.3~a0~dev14-1 is installed OR python-ironic-4.2.3~a0~dev14-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information xen-4.7.6_06-43.51 is installed OR xen-doc-html-4.7.6_06-43.51 is installed OR xen-libs-4.7.6_06-43.51 is installed OR xen-libs-32bit-4.7.6_06-43.51 is installed OR xen-tools-4.7.6_06-43.51 is installed OR xen-tools-domU-4.7.6_06-43.51 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-actionpack-4_2-4.2.9-7.6 is installed OR rubygem-actionpack-4_2-4.2.9-7.6 is installed
BACK