Oval Definition:	oval:org.opensuse.security:def:56674
Revision Date: 2020-12-01 Version: 1 Title: Security update for freetype2 (Important) Description: This update for freetype2 fixes the following security issues: - CVE-2016-10244: Make sure that the parse_charstrings function in type1/t1load.c does ensure that a font contains a glyph name to prevent a DoS through a heap-based buffer over-read or possibly have unspecified other impact via a crafted file (bsc#1028103) - CVE-2017-8105: Fix an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.ca (bsc#1035807) - CVE-2017-8287: an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c (bsc#1036457) - Fix several integer overflow issues in truetype/ttinterp.c (bsc#1079600) Family: unix Class: patch Status: Reference(s): 1021669 1028103 1032647 1035807 1036457 1052009 1061041 1064069 1064070 1064071 1064072 1064073 1064075 1064077 1064078 1064079 1064080 1064081 1064082 1064083 1064084 1064085 1064086 1065641 1068032 1079600 1079798 1079799 1079800 1079801 1082216 1082233 1082234 1084878 1092100 1092497 1106913 1109105 1109673 1111479 1111480 1112229 1117022 1117274 1117313 1117327 1117331 1117665 1121753 1135966 1135967 1137865 1139550 1140671 1141054 1144338 1144903 1145477 1146285 1146361 1146378 1146391 1146413 1146425 1146512 1146514 1146516 1146519 1146584 1147122 1148394 1148938 1149376 1149522 1149527 1149555 1149612 1149849 1150025 1150112 1150223 1150452 1150457 1150465 1150466 1151347 1151350 1152685 1152782 1152788 1153158 1153161 1154372 1155671 1155898 1156187 1156334 1159913 1165631 906574 924960 933288 933878 936227 942865 952062 957566 957567 957598 957600 960837 971741 972127 980670 989196 990628 990856 991809 CVE-2014-4607 CVE-2014-8964 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-5073 CVE-2015-8025 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2016-10165 CVE-2016-10244 CVE-2016-10906 CVE-2016-1283 CVE-2016-1602 CVE-2016-2830 CVE-2016-2835 CVE-2016-2836 CVE-2016-2837 CVE-2016-2838 CVE-2016-2839 CVE-2016-3191 CVE-2016-5252 CVE-2016-5254 CVE-2016-5258 CVE-2016-5259 CVE-2016-5262 CVE-2016-5263 CVE-2016-5264 CVE-2016-5265 CVE-2016-6354 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2017-14867 CVE-2017-16227 CVE-2017-18509 CVE-2017-18595 CVE-2017-5495 CVE-2017-7864 CVE-2017-8105 CVE-2017-8287 CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2018-12207 CVE-2018-17183 CVE-2018-17407 CVE-2018-17961 CVE-2018-18073 CVE-2018-18284 CVE-2018-19409 CVE-2018-19475 CVE-2018-19476 CVE-2018-19477 CVE-2018-20976 CVE-2018-5378 CVE-2018-5379 CVE-2018-5380 CVE-2018-5381 CVE-2018-6797 CVE-2018-6798 CVE-2018-6913 CVE-2019-0154 CVE-2019-0155 CVE-2019-10220 CVE-2019-11135 CVE-2019-13272 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14821 CVE-2019-14835 CVE-2019-15098 CVE-2019-15211 CVE-2019-15212 CVE-2019-15214 CVE-2019-15215 CVE-2019-15216 CVE-2019-15217 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15290 CVE-2019-15291 CVE-2019-15505 CVE-2019-15666 CVE-2019-15807 CVE-2019-15902 CVE-2019-15917 CVE-2019-15924 CVE-2019-15926 CVE-2019-15927 CVE-2019-16231 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16413 CVE-2019-16995 CVE-2019-17055 CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2019-18680 CVE-2019-18805 CVE-2019-5108 CVE-2019-9456 CVE-2019-9506 CVE-2020-1749 SUSE-SU-2015:2053-2 SUSE-SU-2016:1507-1 SUSE-SU-2016:2131-1 SUSE-SU-2016:2971-1 SUSE-SU-2017:2747-1 SUSE-SU-2017:2989-1 SUSE-SU-2018:0414-1 SUSE-SU-2018:0455-1 SUSE-SU-2018:1074-1 SUSE-SU-2018:3033-2 SUSE-SU-2018:4090-1 SUSE-SU-2019:0450-1 SUSE-SU-2019:2984-1 SUSE-SU-2019:3237-1 SUSE-SU-2020:0868-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libHX28-3.22-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information irssi-1.1.3-33 is installed OR irssi-devel-1.1.3-33 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information freetype2-2.6.3-7.15 is installed OR ft2demos-2.6.3-7.15 is installed OR libfreetype6-2.6.3-7.15 is installed OR libfreetype6-32bit-2.6.3-7.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information xscreensaver-5.22-7 is installed OR xscreensaver-data-5.22-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.151-27.8 is installed OR java-1_8_0-openjdk-demo-1.8.0.151-27.8 is installed OR java-1_8_0-openjdk-devel-1.8.0.151-27.8 is installed OR java-1_8_0-openjdk-headless-1.8.0.151-27.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information liblzo2-2-2.08-1 is installed OR liblzo2-2-32bit-2.08-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-devel-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information jakarta-commons-fileupload-1.1.1-120 is installed OR jakarta-commons-fileupload-javadoc-1.1.1-120 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gnome-shell-3.20.4-77.17 is installed OR gnome-shell-browser-plugin-3.20.4-77.17 is installed OR gnome-shell-lang-3.20.4-77.17 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information git-2.12.3-27.9 is installed OR git-core-2.12.3-27.9 is installed OR git-doc-2.12.3-27.9 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information ghostscript-9.26-23.16 is installed OR ghostscript-x11-9.26-23.16 is installed OR libspectre-0.2.7-12.4 is installed OR libspectre1-0.2.7-12.4 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ceph-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR ceph-common-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librados2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librbd1-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librgw2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rados-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rbd-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rgw-12.2.12+git.1587570958.35d78d0243-2.45 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Twisted-15.2.1-9.5 is installed
BACK