Oval Definition:	oval:org.opensuse.security:def:56826
Revision Date: 2020-12-01 Version: 1 Title: Security update for libcroco (Moderate) Description: This update for libcroco fixes the following issues: Security issues fixed: - CVE-2017-7960: Fixed heap overflow (input: check end of input before reading a byte) (bsc#1034481). - CVE-2017-7961: Fixed undefined behavior (tknzr: support only max long rgb values) (bsc#1034482). - CVE-2017-8834: Fixed denial of service (memory allocation error) via a crafted CSS file (bsc#1043898). - CVE-2017-8871: Fixed denial of service (infinite loop and CPU consumption) via a crafted CSS file (bsc#1043899). Family: unix Class: patch Status: Reference(s): 1000435 1001765 1003813 1005666 1007197 1008557 1008567 1008833 1008876 1008979 1009062 1009969 1010040 1010213 1010294 1010475 1010478 1010501 1010502 1010507 1010612 1010711 1010716 1012060 1012260 1012422 1012917 1012985 1013001 1013038 1013479 1013531 1013540 1013542 1014410 1014746 1016713 1016725 1016961 1017164 1017170 1017410 1017589 1017710 1018100 1019032 1019148 1019260 1019300 1019783 1019851 1020214 1020602 1021258 1021577 1026191 1034481 1034482 1041469 1041894 1043898 1043899 1049703 1052311 1052368 1060354 1060355 1060360 1060361 1060362 1060364 1061204 1064786 1065464 1066489 1068565 1073210 1075812 1078436 1082216 1082233 1082234 1091551 1092697 1094767 1096515 1096718 1107343 1108771 1108986 1109363 1109465 1110506 1110507 1111622 1122668 1123053 1123886 1126088 1126428 1129729 1132666 1136035 1138676 1143215 1152916 1155089 1160594 1160764 1161779 1163922 1176756 1177872 703591 839074 856380 857131 857394 858727 880984 893359 921338 921778 922052 922056 923036 923037 924381 936923 938963 954374 956159 960506 961305 970293 972993 976340 980560 981709 982210 982211 982251 983087 983348 984194 984419 985850 987173 987192 987576 987857 990074 990384 991273 993739 996269 997807 999101 CVE-2011-2709 CVE-2012-6711 CVE-2015-8605 CVE-2015-8962 CVE-2015-8963 CVE-2015-8964 CVE-2016-0686 CVE-2016-0687 CVE-2016-0695 CVE-2016-10088 CVE-2016-3425 CVE-2016-3427 CVE-2016-7167 CVE-2016-7796 CVE-2016-7910 CVE-2016-7911 CVE-2016-7913 CVE-2016-7914 CVE-2016-8399 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8633 CVE-2016-8645 CVE-2016-9083 CVE-2016-9084 CVE-2016-9756 CVE-2016-9793 CVE-2016-9806 CVE-2017-1000112 CVE-2017-1002201 CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 CVE-2017-16541 CVE-2017-2583 CVE-2017-2584 CVE-2017-5551 CVE-2017-7960 CVE-2017-7961 CVE-2017-8834 CVE-2017-8871 CVE-2018-12015 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12381 CVE-2018-12383 CVE-2018-12385 CVE-2018-12386 CVE-2018-12387 CVE-2018-18074 CVE-2018-6797 CVE-2018-6798 CVE-2018-6913 CVE-2019-2614 CVE-2019-2627 CVE-2019-2628 CVE-2020-15683 CVE-2020-15969 CVE-2020-8013 SUSE-SU-2016:0541-1 SUSE-SU-2016:1250-1 SUSE-SU-2016:2476-1 SUSE-SU-2017:0464-1 SUSE-SU-2017:2423-1 SUSE-SU-2017:2618-1 SUSE-SU-2018:1972-1 SUSE-SU-2018:3591-2 SUSE-SU-2019:1468-1 SUSE-SU-2019:2976-1 SUSE-SU-2019:3270-1 SUSE-SU-2020:0545-1 SUSE-SU-2020:0555-1 SUSE-SU-2020:3053-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information cracklib-2.9.6-lp150.2 is installed OR libcrack2-2.9.6-lp150.2 is installed OR libcrack2-32bit-2.9.6-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.4 is installed OR kernel-debug-base-4.12.14-lp151.28.4 is installed OR kernel-debug-devel-4.12.14-lp151.28.4 is installed OR kernel-default-4.12.14-lp151.28.4 is installed OR kernel-default-base-4.12.14-lp151.28.4 is installed OR kernel-default-devel-4.12.14-lp151.28.4 is installed OR kernel-devel-4.12.14-lp151.28.4 is installed OR kernel-docs-4.12.14-lp151.28.4 is installed OR kernel-docs-html-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.4 is installed OR kernel-macros-4.12.14-lp151.28.4 is installed OR kernel-obs-build-4.12.14-lp151.28.4 is installed OR kernel-obs-qa-4.12.14-lp151.28.4 is installed OR kernel-source-4.12.14-lp151.28.4 is installed OR kernel-source-vanilla-4.12.14-lp151.28.4 is installed OR kernel-syms-4.12.14-lp151.28.4 is installed OR kernel-vanilla-4.12.14-lp151.28.4 is installed OR kernel-vanilla-base-4.12.14-lp151.28.4 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.4 is installed Definition Synopsis openSUSE Leap 15.1 NonFree is installed AND opera-65.0.3467.62-lp151.2.9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libcroco-0.6.11-12.3 is installed OR libcroco-0_6-3-0.6.11-12.3 is installed OR libcroco-0_6-3-32bit-0.6.11-12.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information MozillaFirefox-60.2.2esr-109.46 is installed OR MozillaFirefox-branding-SLE-60-32.3 is installed OR MozillaFirefox-translations-common-60.2.2esr-109.46 is installed OR libfreebl3-3.36.4-58.15 is installed OR libfreebl3-32bit-3.36.4-58.15 is installed OR libsoftokn3-3.36.4-58.15 is installed OR libsoftokn3-32bit-3.36.4-58.15 is installed OR mozilla-nspr-4.19-19.3 is installed OR mozilla-nspr-32bit-4.19-19.3 is installed OR mozilla-nss-3.36.4-58.15 is installed OR mozilla-nss-32bit-3.36.4-58.15 is installed OR mozilla-nss-certs-3.36.4-58.15 is installed OR mozilla-nss-certs-32bit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-32bit-3.36.4-58.15 is installed OR mozilla-nss-tools-3.36.4-58.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libgudev-1_0-0-210-114 is installed OR libgudev-1_0-0-32bit-210-114 is installed OR libudev1-210-114 is installed OR libudev1-32bit-210-114 is installed OR systemd-210-114 is installed OR systemd-32bit-210-114 is installed OR systemd-bash-completion-210-114 is installed OR systemd-sysvinit-210-114 is installed OR udev-210-114 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-8-2 is installed OR kgraft-patch-3_12_67-60_64_24-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_11-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information curl-7.37.0-31 is installed OR libcurl4-7.37.0-31 is installed OR libcurl4-32bit-7.37.0-31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libmysqlclient18-10.0.35-29.20 is installed OR libmysqlclient18-32bit-10.0.35-29.20 is installed OR mariadb-10.0.35-29.20 is installed OR mariadb-client-10.0.35-29.20 is installed OR mariadb-errormessages-10.0.35-29.20 is installed OR mariadb-tools-10.0.35-29.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libecpg6-9.6.3-2 is installed OR libpq5-9.6.3-2 is installed OR libpq5-32bit-9.6.3-2 is installed OR postgresql96-9.6.3-2 is installed OR postgresql96-contrib-9.6.3-2 is installed OR postgresql96-docs-9.6.3-2 is installed OR postgresql96-server-9.6.3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kernel-default-4.4.180-94.121 is installed OR kernel-default-base-4.4.180-94.121 is installed OR kernel-default-devel-4.4.180-94.121 is installed OR kernel-default-kgraft-4.4.180-94.121 is installed OR kernel-default-man-4.4.180-94.121 is installed OR kernel-devel-4.4.180-94.121 is installed OR kernel-macros-4.4.180-94.121 is installed OR kernel-source-4.4.180-94.121 is installed OR kernel-syms-4.4.180-94.121 is installed OR kgraft-patch-4_4_180-94_121-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_32-1-4.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND libraptor2-0-2.0.10-3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information dnsmasq-2.78-18.3 is installed OR dnsmasq-utils-2.78-18.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed
BACK