Oval Definition:oval:org.opensuse.security:def:56645
Revision Date:2020-12-01Version:1
Title:Security update for lcms2 (Moderate)
Description:

This update for lcms2 fixes the following security issues:

- CVE-2016-10165: The Type_MLU_Read function allowed remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggered an out-of-bounds heap read (bsc#1021364). - CVE-2018-16435: A integer overflow was fixed in the AllocateDataSet function in cmscgats.c, that could lead to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. (bsc#1108813) - Ensure that LUT stages match channel count (bsc#1026649). - sanitize input and output channels on MPE profiles (bsc#1026650).
Family:unixClass:patch
Status:Reference(s):1005258
1008846
1021364
1026649
1026650
1037811
1045986
1060445
1061005
1081925
1097560
1108813
1109412
1109413
1109414
1111996
1112039
1112534
1112535
1113247
1113252
1113255
1115034
1116827
1118830
1118831
1120640
1121034
1121035
1121056
1133131
1133232
1139945
1141913
1142772
1145692
1155089
1160968
954204
972468
973786
977043
CVE-2012-2812
CVE-2012-2813
CVE-2012-2814
CVE-2012-2836
CVE-2012-2837
CVE-2012-2840
CVE-2012-2841
CVE-2015-2698
CVE-2016-0636
CVE-2016-10165
CVE-2016-1245
CVE-2016-3076
CVE-2016-9190
CVE-2017-1000368
CVE-2017-1002201
CVE-2017-7793
CVE-2017-7805
CVE-2017-7810
CVE-2017-7814
CVE-2017-7818
CVE-2017-7819
CVE-2017-7823
CVE-2017-7824
CVE-2017-7825
CVE-2018-1000876
CVE-2018-1058
CVE-2018-16435
CVE-2018-17358
CVE-2018-17359
CVE-2018-17360
CVE-2018-17985
CVE-2018-18309
CVE-2018-18386
CVE-2018-18483
CVE-2018-18484
CVE-2018-18605
CVE-2018-18606
CVE-2018-18607
CVE-2018-19931
CVE-2018-19932
CVE-2018-20623
CVE-2018-20651
CVE-2018-20671
CVE-2019-1010180
CVE-2019-12781
CVE-2020-2583
CVE-2020-2590
CVE-2020-2593
CVE-2020-2601
CVE-2020-2604
CVE-2020-2654
CVE-2020-2659
SUSE-SU-2015:2302-1
SUSE-SU-2016:0959-1
SUSE-SU-2016:2618-1
SUSE-SU-2017:1778-1
SUSE-SU-2017:2688-1
SUSE-SU-2018:0756-1
SUSE-SU-2018:1191-1
SUSE-SU-2018:2902-1
SUSE-SU-2018:3545-1
SUSE-SU-2019:2379-1
SUSE-SU-2019:2650-1
SUSE-SU-2019:2914-1
SUSE-SU-2019:2932-1
SUSE-SU-2020:0261-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • guestfs-data-1.38.0-lp150.2 is installed
  • OR libguestfs0-1.38.0-lp150.2 is installed
  • OR virt-v2v-1.38.0-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exim-4.88-lp151.4.3 is installed
  • OR eximon-4.88-lp151.4.3 is installed
  • OR eximstats-html-4.88-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • lcms2-2.7-9.7 is installed
  • OR liblcms2-2-2.7-9.7 is installed
  • OR liblcms2-2-32bit-2.7-9.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • krb5-1.12.1-22 is installed
  • OR krb5-32bit-1.12.1-22 is installed
  • OR krb5-client-1.12.1-22 is installed
  • OR krb5-doc-1.12.1-22 is installed
  • OR krb5-plugin-kdb-ldap-1.12.1-22 is installed
  • OR krb5-plugin-preauth-otp-1.12.1-22 is installed
  • OR krb5-plugin-preauth-pkinit-1.12.1-22 is installed
  • OR krb5-server-1.12.1-22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • MozillaFirefox-52.4.0esr-109.6 is installed
  • OR MozillaFirefox-devel-52.4.0esr-109.6 is installed
  • OR MozillaFirefox-translations-52.4.0esr-109.6 is installed
  • OR libfreebl3-3.29.5-58.3 is installed
  • OR libfreebl3-32bit-3.29.5-58.3 is installed
  • OR libfreebl3-hmac-3.29.5-58.3 is installed
  • OR libfreebl3-hmac-32bit-3.29.5-58.3 is installed
  • OR libsoftokn3-3.29.5-58.3 is installed
  • OR libsoftokn3-32bit-3.29.5-58.3 is installed
  • OR libsoftokn3-hmac-3.29.5-58.3 is installed
  • OR libsoftokn3-hmac-32bit-3.29.5-58.3 is installed
  • OR mozilla-nss-3.29.5-58.3 is installed
  • OR mozilla-nss-32bit-3.29.5-58.3 is installed
  • OR mozilla-nss-certs-3.29.5-58.3 is installed
  • OR mozilla-nss-certs-32bit-3.29.5-58.3 is installed
  • OR mozilla-nss-devel-3.29.5-58.3 is installed
  • OR mozilla-nss-sysinit-3.29.5-58.3 is installed
  • OR mozilla-nss-sysinit-32bit-3.29.5-58.3 is installed
  • OR mozilla-nss-tools-3.29.5-58.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libexif12-0.6.21-6 is installed
  • OR libexif12-32bit-0.6.21-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libdcerpc-binding0-4.4.2-38.25 is installed
  • OR libdcerpc-binding0-32bit-4.4.2-38.25 is installed
  • OR libdcerpc0-4.4.2-38.25 is installed
  • OR libdcerpc0-32bit-4.4.2-38.25 is installed
  • OR libndr-krb5pac0-4.4.2-38.25 is installed
  • OR libndr-krb5pac0-32bit-4.4.2-38.25 is installed
  • OR libndr-nbt0-4.4.2-38.25 is installed
  • OR libndr-nbt0-32bit-4.4.2-38.25 is installed
  • OR libndr-standard0-4.4.2-38.25 is installed
  • OR libndr-standard0-32bit-4.4.2-38.25 is installed
  • OR libndr0-4.4.2-38.25 is installed
  • OR libndr0-32bit-4.4.2-38.25 is installed
  • OR libnetapi0-4.4.2-38.25 is installed
  • OR libnetapi0-32bit-4.4.2-38.25 is installed
  • OR libsamba-credentials0-4.4.2-38.25 is installed
  • OR libsamba-credentials0-32bit-4.4.2-38.25 is installed
  • OR libsamba-errors0-4.4.2-38.25 is installed
  • OR libsamba-errors0-32bit-4.4.2-38.25 is installed
  • OR libsamba-hostconfig0-4.4.2-38.25 is installed
  • OR libsamba-hostconfig0-32bit-4.4.2-38.25 is installed
  • OR libsamba-passdb0-4.4.2-38.25 is installed
  • OR libsamba-passdb0-32bit-4.4.2-38.25 is installed
  • OR libsamba-util0-4.4.2-38.25 is installed
  • OR libsamba-util0-32bit-4.4.2-38.25 is installed
  • OR libsamdb0-4.4.2-38.25 is installed
  • OR libsamdb0-32bit-4.4.2-38.25 is installed
  • OR libsmbclient0-4.4.2-38.25 is installed
  • OR libsmbclient0-32bit-4.4.2-38.25 is installed
  • OR libsmbconf0-4.4.2-38.25 is installed
  • OR libsmbconf0-32bit-4.4.2-38.25 is installed
  • OR libsmbldap0-4.4.2-38.25 is installed
  • OR libsmbldap0-32bit-4.4.2-38.25 is installed
  • OR libtevent-util0-4.4.2-38.25 is installed
  • OR libtevent-util0-32bit-4.4.2-38.25 is installed
  • OR libwbclient0-4.4.2-38.25 is installed
  • OR libwbclient0-32bit-4.4.2-38.25 is installed
  • OR samba-4.4.2-38.25 is installed
  • OR samba-client-4.4.2-38.25 is installed
  • OR samba-client-32bit-4.4.2-38.25 is installed
  • OR samba-doc-4.4.2-38.25 is installed
  • OR samba-libs-4.4.2-38.25 is installed
  • OR samba-libs-32bit-4.4.2-38.25 is installed
  • OR samba-winbind-4.4.2-38.25 is installed
  • OR samba-winbind-32bit-4.4.2-38.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • ghostscript-9.15-22 is installed
  • OR ghostscript-x11-9.15-22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-78.0.1-112.3 is installed
  • OR MozillaFirefox-branding-SLE-78-35.3 is installed
  • OR MozillaFirefox-devel-78.0.1-112.3 is installed
  • OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_143-94_47-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_16-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • dovecot22-2.2.31-19.11 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.11 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.11 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND sudo-1.8.10p3-2.19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND yast2-smt-3.0.14-17.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libjpeg-turbo-1.5.3-31.19 is installed
  • OR libjpeg62-62.2.0-31.19 is installed
  • OR libjpeg62-32bit-62.2.0-31.19 is installed
  • OR libjpeg62-turbo-1.5.3-31.19 is installed
  • OR libjpeg8-8.1.2-31.19 is installed
  • OR libjpeg8-32bit-8.1.2-31.19 is installed
  • OR libturbojpeg0-8.1.2-31.19 is installed
    • BACK