Oval Definition:	oval:org.opensuse.security:def:56886
Revision Date: 2020-12-01 Version: 1 Title: Security update for SDL (Moderate) Description: This update for SDL fixes the following issues: Security issues fixed: - CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806). - CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099). - CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799). - CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805). - CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827). - CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826). - CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824). - CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803). - CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802). - CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825). - CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800). Family: unix Class: patch Status: Reference(s): 1002414 1007739 1007740 1007741 1007742 1007743 1007744 1007747 1014543 1014975 1015187 1037559 1038564 1042892 1046191 1050751 1063671 1064392 1066471 1066472 1090671 1102682 1103203 1105323 1106171 1106172 1106173 1106195 1107410 1107411 1107412 1107413 1107420 1107421 1107422 1107423 1107426 1107581 1108027 1109105 1115550 1117001 1117260 1119183 1121816 1121821 1124799 1124800 1124802 1124803 1124805 1124806 1124824 1124825 1124826 1124827 1125099 1167068 1170558 1171363 682920 906574 924960 933288 933878 936227 942865 957566 957567 957598 957600 960837 971741 972127 979005 983273 999817 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4536 CVE-2009-4538 CVE-2010-1146 CVE-2010-1436 CVE-2010-1641 CVE-2010-2066 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2011-0712 CVE-2011-1020 CVE-2011-1577 CVE-2011-2203 CVE-2012-0056 CVE-2013-0160 CVE-2013-0231 CVE-2013-0913 CVE-2013-2850 CVE-2013-4312 CVE-2014-0038 CVE-2014-00691 CVE-2014-0196 CVE-2014-8964 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-4000 CVE-2015-5073 CVE-2015-7833 CVE-2015-7884 CVE-2015-7885 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2015-8709 CVE-2015-8812 CVE-2015-8899 CVE-2016-0617 CVE-2016-0723 CVE-2016-0728 CVE-2016-0758 CVE-2016-1237 CVE-2016-1283 CVE-2016-1541 CVE-2016-1583 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-2383 CVE-2016-2384 CVE-2016-2847 CVE-2016-3134 CVE-2016-3135 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3140 CVE-2016-3156 CVE-2016-3191 CVE-2016-3672 CVE-2016-3689 CVE-2016-3713 CVE-2016-3951 CVE-2016-4470 CVE-2016-4482 CVE-2016-4486 CVE-2016-4557 CVE-2016-4558 CVE-2016-4569 CVE-2016-4578 CVE-2016-4794 CVE-2016-4805 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998 CVE-2016-5195 CVE-2016-5244 CVE-2016-5412 CVE-2016-5696 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197 CVE-2016-6480 CVE-2016-6828 CVE-2016-7039 CVE-2016-7097 CVE-2016-7445 CVE-2016-8332 CVE-2016-8658 CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 CVE-2016-9572 CVE-2016-9573 CVE-2016-9580 CVE-2016-9581 CVE-2016-9933 CVE-2017-13080 CVE-2017-15649 CVE-2017-7533 CVE-2017-7645 CVE-2017-8779 CVE-2017-8890 CVE-2017-9242 CVE-2018-10902 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16509 CVE-2018-16510 CVE-2018-16511 CVE-2018-16513 CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16543 CVE-2018-16585 CVE-2018-16802 CVE-2018-17183 CVE-2018-19416 CVE-2018-19517 CVE-2018-5390 CVE-2019-6109 CVE-2019-6111 CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638 CVE-2020-12108 CVE-2020-12137 SUSE-SU-2016:1588-1 SUSE-SU-2016:2971-1 SUSE-SU-2016:3211-1 SUSE-SU-2016:3269-1 SUSE-SU-2016:3270-1 SUSE-SU-2017:1336-1 SUSE-SU-2017:2091-1 SUSE-SU-2017:3150-1 SUSE-SU-2018:2960-1 SUSE-SU-2018:2975-1 SUSE-SU-2019:0899-1 SUSE-SU-2019:0941-1 SUSE-SU-2019:1326-1 SUSE-SU-2020:1301-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information kbd-2.0.4-lp150.6 is installed OR kbd-legacy-2.0.4-lp150.6 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information elfutils-0.168-lp151.4.3 is installed OR elfutils-lang-0.168-lp151.4.3 is installed OR libasm-devel-0.168-lp151.4.3 is installed OR libasm1-0.168-lp151.4.3 is installed OR libasm1-32bit-0.168-lp151.4.3 is installed OR libdw-devel-0.168-lp151.4.3 is installed OR libdw1-0.168-lp151.4.3 is installed OR libdw1-32bit-0.168-lp151.4.3 is installed OR libebl-devel-0.168-lp151.4.3 is installed OR libebl-plugins-0.168-lp151.4.3 is installed OR libebl-plugins-32bit-0.168-lp151.4.3 is installed OR libelf-devel-0.168-lp151.4.3 is installed OR libelf-devel-32bit-0.168-lp151.4.3 is installed OR libelf1-0.168-lp151.4.3 is installed OR libelf1-32bit-0.168-lp151.4.3 is installed Definition Synopsis openSUSE Leap 15.1 NonFree is installed AND opera-65.0.3467.62-lp151.2.9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information SDL-1.2.15-15.11 is installed OR libSDL-1_2-0-1.2.15-15.11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND sysstat-12.0.2-10.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND gd-2.1.0-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_35-default-4-2 is installed OR kgraft-patch-3_12_69-60_64_35-xen-4-2 is installed OR kgraft-patch-SLE12-SP1_Update_14-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information kernel-default-4.4.21-69 is installed OR kernel-default-base-4.4.21-69 is installed OR kernel-default-devel-4.4.21-69 is installed OR kernel-default-man-4.4.21-69 is installed OR kernel-devel-4.4.21-69 is installed OR kernel-macros-4.4.21-69 is installed OR kernel-source-4.4.21-69 is installed OR kernel-syms-4.4.21-69 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openslp-2.0.0-18.17 is installed OR openslp-32bit-2.0.0-18.17 is installed OR openslp-server-2.0.0-18.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information glibc-2.22-62.13 is installed OR glibc-32bit-2.22-62.13 is installed OR glibc-devel-2.22-62.13 is installed OR glibc-devel-32bit-2.22-62.13 is installed OR glibc-html-2.22-62.13 is installed OR glibc-i18ndata-2.22-62.13 is installed OR glibc-info-2.22-62.13 is installed OR glibc-locale-2.22-62.13 is installed OR glibc-locale-32bit-2.22-62.13 is installed OR glibc-profile-2.22-62.13 is installed OR glibc-profile-32bit-2.22-62.13 is installed OR nscd-2.22-62.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND log4j-1.2.15-126.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information cups-1.7.5-20.17 is installed OR cups-client-1.7.5-20.17 is installed OR cups-libs-1.7.5-20.17 is installed OR cups-libs-32bit-1.7.5-20.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information opie-2.4-724 is installed OR opie-32bit-2.4-724 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information ghostscript-9.25-23.13 is installed OR ghostscript-x11-9.25-23.13 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information freeradius-server-3.0.15-2.14 is installed OR freeradius-server-doc-3.0.15-2.14 is installed OR freeradius-server-krb5-3.0.15-2.14 is installed OR freeradius-server-ldap-3.0.15-2.14 is installed OR freeradius-server-libs-3.0.15-2.14 is installed OR freeradius-server-mysql-3.0.15-2.14 is installed OR freeradius-server-perl-3.0.15-2.14 is installed OR freeradius-server-postgresql-3.0.15-2.14 is installed OR freeradius-server-python-3.0.15-2.14 is installed OR freeradius-server-sqlite-3.0.15-2.14 is installed OR freeradius-server-utils-3.0.15-2.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information openstack-manila-7.3.1~dev15-4.18 is installed OR openstack-manila-api-7.3.1~dev15-4.18 is installed OR openstack-manila-data-7.3.1~dev15-4.18 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.18 is installed OR openstack-manila-share-7.3.1~dev15-4.18 is installed OR python-manila-7.3.1~dev15-4.18 is installed
BACK