OVAL Reference oval:org.opensuse.security:def:56638

Oval Definition:

oval:org.opensuse.security:def:56638

Revision Date:	2020-12-01	Version:	1
Title:	Security update for exempi (Moderate)
Description:	This update for exempi fixes the following security issues: - CVE-2017-18233: Prevent integer overflow in the Chunk class that allowed remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file (bsc#1085584). - CVE-2017-18238: The TradQT_Manager::ParseCachedBoxes function allowed remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file (bsc#1085583). - CVE-2018-7728: Fixed heap-based buffer overflow, which allowed denial of service via crafted TIFF image (bsc#1085297). - CVE-2018-7730: Fixed heap-based buffer overflow in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp (bsc#1085295). - CVE-2017-18236: The ASF_Support::ReadHeaderObject function allowed remote attackers to cause a denial of service (infinite loop) via a crafted .asf file (bsc#1085589). - CVE-2017-18234: Prevent use-after-free that allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a .pdf file containing JPEG data (bsc#1085585).
Family:	unix	Class:	patch
Status:		Reference(s):	1010470 1012260 1012382 1019074 1021577 1026191 1038564 1041469 1041894 1042892 1045330 1049703 1052286 1052311 1052368 1055755 1061204 1062568 1063416 1064786 1065464 1066001 1066489 1067118 1068032 1072689 1072865 1073210 1074488 1075617 1075621 1076366 1077182 1077560 1077779 1078436 1078669 1078672 1078673 1078674 1080255 1080287 1080464 1080757 1081512 1082299 1083244 1083483 1083494 1083640 1084323 1085107 1085114 1085295 1085297 1085447 1085583 1085584 1085585 1085589 1091551 1092697 1094767 1096515 1097158 1097748 1105019 1106515 1107343 1108033 1108771 1108986 1109363 1109465 1110506 1110507 1115960 1118159 1118900 1120657 1122706 1127558 1128954 1128987 1131053 1131961 1132860 1133719 1133722 1136784 1143475 1145796 1145867 1148383 1148987 1150895 1152916 1153332 1160467 1160468 703591 839074 857131 865241 893359 941939 955131 966682 976777 CVE-2013-0157 CVE-2013-7447 CVE-2014-9114 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-5218 CVE-2016-10127 CVE-2016-3697 CVE-2016-5011 CVE-2016-7915 CVE-2017-1000112 CVE-2017-12190 CVE-2017-13166 CVE-2017-15299 CVE-2017-16541 CVE-2017-16644 CVE-2017-16911 CVE-2017-16912 CVE-2017-16913 CVE-2017-16914 CVE-2017-18017 CVE-2017-18204 CVE-2017-18208 CVE-2017-18221 CVE-2017-18233 CVE-2017-18234 CVE-2017-18236 CVE-2017-18238 CVE-2017-8890 CVE-2017-9242 CVE-2018-0732 CVE-2018-1066 CVE-2018-1068 CVE-2018-12115 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12381 CVE-2018-12383 CVE-2018-12385 CVE-2018-12386 CVE-2018-12387 CVE-2018-15727 CVE-2018-16301 CVE-2018-19039 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-5332 CVE-2018-5333 CVE-2018-558213 CVE-2018-6927 CVE-2018-7566 CVE-2018-7728 CVE-2018-7730 CVE-2019-13627 CVE-2019-14896 CVE-2019-14897 CVE-2019-15043 CVE-2019-15165 CVE-2019-3813 CVE-2019-5477 SUSE-SU-2015:2168-2 SUSE-SU-2016:1159-1 SUSE-SU-2016:2550-1 SUSE-SU-2017:2448-1 SUSE-SU-2018:0663-1 SUSE-SU-2018:0848-1 SUSE-SU-2018:2796-1 SUSE-SU-2018:3389-1 SUSE-SU-2018:3591-1 SUSE-SU-2019:0230-1 SUSE-SU-2019:2510-1 SUSE-SU-2019:2669-1 SUSE-SU-2019:2671-1 SUSE-SU-2020:0204-1 SUSE-SU-403
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information groff-1.22.3-lp150.3 is installed OR groff-full-1.22.3-lp150.3 is installed OR gxditview-1.22.3-lp150.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information gnutls-3.6.7-lp151.2.3 is installed OR gnutls-guile-3.6.7-lp151.2.3 is installed OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed OR libgnutls-dane0-3.6.7-lp151.2.3 is installed OR libgnutls-devel-3.6.7-lp151.2.3 is installed OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed OR libgnutls30-3.6.7-lp151.2.3 is installed OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed OR libgnutlsxx28-3.6.7-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information exempi-2.2.1-5.7 is installed OR libexempi3-2.2.1-5.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.20-18 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr3.20-18 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr3.20-18 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr3.20-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_57-default-2-2 is installed OR kgraft-patch-3_12_74-60_64_57-xen-2-2 is installed OR kgraft-patch-SLE12-SP1_Update_20-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libblkid1-2.28-40 is installed OR libblkid1-32bit-2.28-40 is installed OR libfdisk1-2.28-40 is installed OR libmount1-2.28-40 is installed OR libmount1-32bit-2.28-40 is installed OR libsmartcols1-2.28-40 is installed OR libuuid1-2.28-40 is installed OR libuuid1-32bit-2.28-40 is installed OR python-libmount-2.28-40 is installed OR util-linux-2.28-40 is installed OR util-linux-lang-2.28-40 is installed OR util-linux-systemd-2.28-40 is installed OR uuidd-2.28-40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND wpa_supplicant-2.6-15.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND ucode-intel-20180425-13.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information freeradius-server-3.0.14-1 is installed OR freeradius-server-doc-3.0.14-1 is installed OR freeradius-server-krb5-3.0.14-1 is installed OR freeradius-server-ldap-3.0.14-1 is installed OR freeradius-server-libs-3.0.14-1 is installed OR freeradius-server-mysql-3.0.14-1 is installed OR freeradius-server-perl-3.0.14-1 is installed OR freeradius-server-postgresql-3.0.14-1 is installed OR freeradius-server-python-3.0.14-1 is installed OR freeradius-server-sqlite-3.0.14-1 is installed OR freeradius-server-utils-3.0.14-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information python-certifi-2018.4.16-3.6 is installed OR python-chardet-3.0.4-5.6 is installed OR python-urllib3-1.22-3.20 is installed OR python3-certifi-2018.4.16-3.6 is installed OR python3-chardet-3.0.4-5.6 is installed OR python3-requests-2.20.1-5 is installed OR python3-urllib3-1.22-3.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cyrus-sasl-2.1.26-8.7 is installed OR cyrus-sasl-32bit-2.1.26-8.7 is installed OR cyrus-sasl-crammd5-2.1.26-8.7 is installed OR cyrus-sasl-crammd5-32bit-2.1.26-8.7 is installed OR cyrus-sasl-digestmd5-2.1.26-8.7 is installed OR cyrus-sasl-gssapi-2.1.26-8.7 is installed OR cyrus-sasl-gssapi-32bit-2.1.26-8.7 is installed OR cyrus-sasl-otp-2.1.26-8.7 is installed OR cyrus-sasl-otp-32bit-2.1.26-8.7 is installed OR cyrus-sasl-plain-2.1.26-8.7 is installed OR cyrus-sasl-plain-32bit-2.1.26-8.7 is installed OR cyrus-sasl-saslauthd-2.1.26-8.7 is installed OR cyrus-sasl-sqlauxprop-2.1.26-8.7 is installed OR cyrus-sasl-sqlauxprop-32bit-2.1.26-8.7 is installed OR libsasl2-3-2.1.26-8.7 is installed OR libsasl2-3-32bit-2.1.26-8.7 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND docker-1.10.3-66 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND nodejs6-6.14.4-11.18 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed

BACK