Oval Definition:oval:org.opensuse.security:def:56632
Revision Date:2020-12-01Version:1
Title:Security update for jasper (Moderate)
Description:

This update for jasper fixes the following issues:

Security issues fixed: - CVE-2016-9262: Multiple integer overflows in the jas_realloc function in base/jas_malloc.c and mem_resize function in base/jas_stream.c allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. (bsc#1009994) - CVE-2016-9388: The ras_getcmap function in ras_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010975) - CVE-2016-9389: The jpc_irct and jpc_iict functions in jpc_mct.c allow remote attackers to cause a denial of service (assertion failure). (bsc#1010968) - CVE-2016-9390: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010774) - CVE-2016-9391: The jpc_bitstream_getbits function in jpc_bs.c allows remote attackers to cause a denial of service (assertion failure) via a very large integer. (bsc#1010782) - CVE-2017-1000050: The jp2_encode function in jp2_enc.c allows remote attackers to cause a denial of service. (bsc#1047958)

CVEs already fixed with previous update: - CVE-2016-9392: The calcstepsizes function in jpc_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010757) - CVE-2016-9393: The jpc_pi_nextrpcl function in jpc_t2cod.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010766) - CVE-2016-9394: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010756)
Family:unixClass:patch
Status:Reference(s):1005886
1009994
1010756
1010757
1010766
1010774
1010782
1010968
1010975
1032144
1047958
1052311
1052368
1052916
1073703
1078431
1081518
1083093
1086036
1093898
1096759
1098369
1100097
1103383
1104199
1104202
1123371
1123377
1123378
1140290
1150003
1150250
1171252
1171254
774666
917427
946148
952539
953518
954126
954519
955104
955493
955609
956631
959330
959552
969894
970135
971949
988675
988676
988935
990500
990970
991934
992224
993665
994421
994625
994761
994772
994775
995785
995789
995792
CVE-2013-1991
CVE-2013-2000
CVE-2015-8370
CVE-2016-1950
CVE-2016-1952
CVE-2016-1953
CVE-2016-1954
CVE-2016-1957
CVE-2016-1958
CVE-2016-1960
CVE-2016-1961
CVE-2016-1962
CVE-2016-1964
CVE-2016-1965
CVE-2016-1966
CVE-2016-1974
CVE-2016-1977
CVE-2016-1978
CVE-2016-1979
CVE-2016-2790
CVE-2016-2791
CVE-2016-2792
CVE-2016-2793
CVE-2016-2794
CVE-2016-2795
CVE-2016-2796
CVE-2016-2797
CVE-2016-2798
CVE-2016-2799
CVE-2016-2800
CVE-2016-2801
CVE-2016-2802
CVE-2016-6258
CVE-2016-6259
CVE-2016-6519
CVE-2016-6833
CVE-2016-6834
CVE-2016-6835
CVE-2016-6836
CVE-2016-6888
CVE-2016-7092
CVE-2016-7093
CVE-2016-7094
CVE-2016-8611
CVE-2016-9262
CVE-2016-9388
CVE-2016-9389
CVE-2016-9390
CVE-2016-9391
CVE-2016-9392
CVE-2016-9393
CVE-2016-9394
CVE-2017-1000050
CVE-2017-1000112
CVE-2017-2885
CVE-2017-5950
CVE-2018-10915
CVE-2018-10925
CVE-2018-12910
CVE-2018-16890
CVE-2018-2562
CVE-2018-2612
CVE-2018-2622
CVE-2018-2640
CVE-2018-2665
CVE-2018-2668
CVE-2018-3760
CVE-2019-13173
CVE-2019-1547
CVE-2019-1563
CVE-2019-3822
CVE-2019-3823
CVE-2020-12653
CVE-2020-12654
SUSE-SU-2015:2387-1
SUSE-SU-2016:0727-1
SUSE-SU-2016:2457-1
SUSE-SU-2016:2473-1
SUSE-SU-2017:2441-1
SUSE-SU-2018:0339-1
SUSE-SU-2018:0631-1
SUSE-SU-2018:0697-1
SUSE-SU-2018:2204-2
SUSE-SU-2018:2603-1
SUSE-SU-2018:3377-1
SUSE-SU-2019:0249-1
SUSE-SU-2019:2181-1
SUSE-SU-2019:2397-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gnome-shell-3.26.2+20180130.0d9c74212-lp150.2 is installed
  • OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-lp150.2 is installed
  • OR gnome-shell-lang-3.26.2+20180130.0d9c74212-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • containerd-1.2.5-lp151.2.3 is installed
  • OR containerd-ctr-1.2.5-lp151.2.3 is installed
  • OR containerd-test-1.2.5-lp151.2.3 is installed
  • OR docker-18.09.6_ce-lp151.2.3 is installed
  • OR docker-bash-completion-18.09.6_ce-lp151.2.3 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3 is installed
  • OR docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3 is installed
  • OR docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3 is installed
  • OR docker-test-18.09.6_ce-lp151.2.3 is installed
  • OR docker-zsh-completion-18.09.6_ce-lp151.2.3 is installed
  • OR go-1.12-lp151.2.3 is installed
  • OR go-doc-1.12-lp151.2.3 is installed
  • OR go-race-1.12-lp151.2.3 is installed
  • OR go1.11-1.11.9-lp151.2.3 is installed
  • OR go1.11-doc-1.11.9-lp151.2.3 is installed
  • OR go1.11-race-1.11.9-lp151.2.3 is installed
  • OR go1.12-1.12.4-lp151.2.3 is installed
  • OR go1.12-doc-1.12.4-lp151.2.3 is installed
  • OR go1.12-race-1.12.4-lp151.2.3 is installed
  • OR golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • jasper-1.900.14-195.5 is installed
  • OR libjasper1-1.900.14-195.5 is installed
  • OR libjasper1-32bit-1.900.14-195.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • grub2-2.02~beta2-73 is installed
  • OR grub2-i386-pc-2.02~beta2-73 is installed
  • OR grub2-powerpc-ieee1275-2.02~beta2-73 is installed
  • OR grub2-s390x-emu-2.02~beta2-73 is installed
  • OR grub2-snapper-plugin-2.02~beta2-73 is installed
  • OR grub2-x86_64-efi-2.02~beta2-73 is installed
  • OR grub2-x86_64-xen-2.02~beta2-73 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_48-default-3-2 is installed
  • OR kgraft-patch-3_12_74-60_64_48-xen-3-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_17-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libXxf86dga1-1.1.4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.80 is installed
  • OR kernel-default-base-4.4.121-92.80 is installed
  • OR kernel-default-devel-4.4.121-92.80 is installed
  • OR kernel-devel-4.4.121-92.80 is installed
  • OR kernel-macros-4.4.121-92.80 is installed
  • OR kernel-source-4.4.121-92.80 is installed
  • OR kernel-syms-4.4.121-92.80 is installed
  • OR kgraft-patch-4_4_121-92_80-default-1-3.5 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-1-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_80-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-2-2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND
  • MozillaFirefox-60.7.2-109.80 is installed
  • OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND
  • MozillaFirefox-60.7.2-109.80 is installed
  • OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • eog-3.20.4-7 is installed
  • OR eog-lang-3.20.4-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.10-30.69 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.10-30.69 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.10-30.69 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.10-30.69 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • gcc9-9.2.1+r275327-1.3 is installed
  • OR libasan5-9.2.1+r275327-1.3 is installed
  • OR libasan5-32bit-9.2.1+r275327-1.3 is installed
  • OR libatomic1-9.2.1+r275327-1.3 is installed
  • OR libatomic1-32bit-9.2.1+r275327-1.3 is installed
  • OR libgcc_s1-9.2.1+r275327-1.3 is installed
  • OR libgcc_s1-32bit-9.2.1+r275327-1.3 is installed
  • OR libgfortran5-9.2.1+r275327-1.3 is installed
  • OR libgfortran5-32bit-9.2.1+r275327-1.3 is installed
  • OR libgo14-9.2.1+r275327-1.3 is installed
  • OR libgo14-32bit-9.2.1+r275327-1.3 is installed
  • OR libgomp1-9.2.1+r275327-1.3 is installed
  • OR libgomp1-32bit-9.2.1+r275327-1.3 is installed
  • OR libitm1-9.2.1+r275327-1.3 is installed
  • OR libitm1-32bit-9.2.1+r275327-1.3 is installed
  • OR liblsan0-9.2.1+r275327-1.3 is installed
  • OR libquadmath0-9.2.1+r275327-1.3 is installed
  • OR libquadmath0-32bit-9.2.1+r275327-1.3 is installed
  • OR libstdc++6-9.2.1+r275327-1.3 is installed
  • OR libstdc++6-32bit-9.2.1+r275327-1.3 is installed
  • OR libstdc++6-locale-9.2.1+r275327-1.3 is installed
  • OR libtsan0-9.2.1+r275327-1.3 is installed
  • OR libubsan1-9.2.1+r275327-1.3 is installed
  • OR libubsan1-32bit-9.2.1+r275327-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND ctags-5.8-7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-horizon-plugin-manila-ui-1.2.1~a0~dev2-3 is installed
  • OR python-horizon-plugin-manila-ui-1.2.1~a0~dev2-3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • crowbar-4.0+git.1528801103.f5708341-7.20 is installed
  • OR crowbar-core-4.0+git.1534246408.3ab19c567-9.33 is installed
  • OR crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33 is installed
  • OR crowbar-devel-4.0+git.1528801103.f5708341-7.20 is installed
  • OR crowbar-ha-4.0+git.1533750802.5768e73-4.34 is installed
  • OR crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39 is installed
  • OR crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND sudo-1.8.20p2-3.14 is installed
    • BACK