Oval Definition:oval:org.opensuse.security:def:56839
Revision Date:2020-12-01Version:1
Title:Security update for netpbm (Moderate)
Description:

This update for netpbm fixes the following issues:

Security issues fixed:

- CVE-2018-8975: The pm_mallocarray2 function allowed remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file (bsc#1086777). - CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack() (bsc#1024288). - CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster() function (bsc#1024291).

- create netpbm-vulnerable subpackage and move pstopnm there (bsc#1136936)

Family:unixClass:patch
Status:Reference(s):1005480
1005544
1005893
1006221
1016366
1016369
1024288
1024291
1057389
1077717
1086777
1090338
1095735
1096740
1111151
1115099
1115929
1116437
1123054
1136936
1153108
1155094
1156334
1156669
1160878
1160883
1160895
1160912
1162224
1162367
1162388
1162825
1163102
1163103
1163104
1165894
965803
965807
965810
977012
CVE-2011-1831
CVE-2011-1832
CVE-2011-1833
CVE-2011-1834
CVE-2011-1835
CVE-2011-1836
CVE-2011-1837
CVE-2014-9092
CVE-2014-9687
CVE-2016-10009
CVE-2016-10011
CVE-2016-1521
CVE-2016-1523
CVE-2016-1526
CVE-2016-1572
CVE-2016-4049
CVE-2016-4658
CVE-2016-8858
CVE-2017-1000251
CVE-2017-2579
CVE-2017-2580
CVE-2017-5715
CVE-2018-1000805
CVE-2018-19211
CVE-2018-3665
CVE-2018-8975
CVE-2019-10220
CVE-2019-15604
CVE-2019-15605
CVE-2019-15606
CVE-2019-15917
CVE-2019-18348
CVE-2019-18901
CVE-2019-2737
CVE-2019-2739
CVE-2019-2740
CVE-2019-2758
CVE-2019-2805
CVE-2019-2938
CVE-2019-2974
CVE-2019-9674
CVE-2020-2574
CVE-2020-8492
SUSE-SU-2016:0779-1
SUSE-SU-2016:1482-1
SUSE-SU-2016:2650-1
SUSE-SU-2017:0607-2
SUSE-SU-2017:2459-1
SUSE-SU-2018:1571-1
SUSE-SU-2018:2086-1
SUSE-SU-2018:3967-1
SUSE-SU-2019:0481-1
SUSE-SU-2019:1645-1
SUSE-SU-2020:0488-1
SUSE-SU-2020:0831-1
SUSE-SU-2020:0854-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • emacs-25.3-lp150.1 is installed
  • OR emacs-info-25.3-lp150.1 is installed
  • OR emacs-nox-25.3-lp150.1 is installed
  • OR etags-25.3-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gnutls-3.6.7-lp151.2.3 is installed
  • OR gnutls-guile-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane0-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx28-3.6.7-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libnetpbm11-10.66.3-8.7 is installed
  • OR libnetpbm11-32bit-10.66.3-8.7 is installed
  • OR netpbm-10.66.3-8.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libncurses5-5.9-61 is installed
  • OR libncurses5-32bit-5.9-61 is installed
  • OR libncurses6-5.9-61 is installed
  • OR libncurses6-32bit-5.9-61 is installed
  • OR ncurses-5.9-61 is installed
  • OR ncurses-devel-5.9-61 is installed
  • OR ncurses-utils-5.9-61 is installed
  • OR tack-5.9-61 is installed
  • OR terminfo-5.9-61 is installed
  • OR terminfo-base-5.9-61 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libxml2-2.9.1-26.3 is installed
  • OR libxml2-2-2.9.1-26.3 is installed
  • OR libxml2-2-32bit-2.9.1-26.3 is installed
  • OR libxml2-doc-2.9.1-26.3 is installed
  • OR libxml2-tools-2.9.1-26.3 is installed
  • OR python-libxml2-2.9.1-26.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.60 is installed
  • OR kernel-default-base-3.12.74-60.64.60 is installed
  • OR kernel-default-devel-3.12.74-60.64.60 is installed
  • OR kernel-default-man-3.12.74-60.64.60 is installed
  • OR kernel-devel-3.12.74-60.64.60 is installed
  • OR kernel-macros-3.12.74-60.64.60 is installed
  • OR kernel-source-3.12.74-60.64.60 is installed
  • OR kernel-syms-3.12.74-60.64.60 is installed
  • OR kernel-xen-3.12.74-60.64.60 is installed
  • OR kernel-xen-base-3.12.74-60.64.60 is installed
  • OR kernel-xen-devel-3.12.74-60.64.60 is installed
  • OR kgraft-patch-3_12_74-60_64_60-default-1-2 is installed
  • OR kgraft-patch-3_12_74-60_64_60-xen-1-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_21-1-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • ecryptfs-utils-103-7 is installed
  • OR ecryptfs-utils-32bit-103-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.95 is installed
  • OR kernel-default-base-4.4.121-92.95 is installed
  • OR kernel-default-devel-4.4.121-92.95 is installed
  • OR kernel-devel-4.4.121-92.95 is installed
  • OR kernel-macros-4.4.121-92.95 is installed
  • OR kernel-source-4.4.121-92.95 is installed
  • OR kernel-syms-4.4.121-92.95 is installed
  • OR lttng-modules-2.7.1-9.6 is installed
  • OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kernel-default-4.4.121-92.92 is installed
  • OR kernel-default-base-4.4.121-92.92 is installed
  • OR kernel-default-devel-4.4.121-92.92 is installed
  • OR kernel-devel-4.4.121-92.92 is installed
  • OR kernel-macros-4.4.121-92.92 is installed
  • OR kernel-source-4.4.121-92.92 is installed
  • OR kernel-syms-4.4.121-92.92 is installed
  • OR kgraft-patch-4_4_121-92_92-default-1-3.7 is installed
  • OR kgraft-patch-SLE12-SP2_Update_24-1-3.7 is installed
  • OR lttng-modules-2.7.1-9.4 is installed
  • OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_38-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_13-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libhivex0-1.3.10-4 is installed
  • OR perl-Win-Hivex-1.3.10-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.1-2.50 is installed
  • OR libwebkit2gtk-4_0-37-2.28.1-2.50 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.1-2.50 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.1-2.50 is installed
  • OR webkit2gtk3-2.28.1-2.50 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.9.0-109.86 is installed
  • OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_107-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_29-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libssh2-1-1.4.3-19 is installed
  • OR libssh2-1-32bit-1.4.3-19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • kernel-firmware-20170530-21.22 is installed
  • OR ucode-amd-20170530-21.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Django1-1.11.23-3.9 is installed
    • BACK