Oval Definition:	oval:org.opensuse.security:def:57005
Revision Date: 2021-06-02 Version: 1 Title: Security update for libwebp (Critical) Description: This update for libwebp fixes the following issues: - CVE-2018-25010: Fixed heap-based buffer overflow in ApplyFilter() (bsc#1185685). - CVE-2020-36330: Fixed heap-based buffer overflow in ChunkVerifyAndAssign() (bsc#1185691). - CVE-2020-36332: Fixed extreme memory allocation when reading a file (bsc#1185674). - CVE-2020-36329: Fixed use-after-free in EmitFancyRGB() (bsc#1185652). - CVE-2018-25012: Fixed heap-based buffer overflow in GetLE24() (bsc#1185690). - CVE-2018-25013: Fixed heap-based buffer overflow in ShiftBytes() (bsc#1185654). - CVE-2020-36331: Fixed heap-based buffer overflow in ChunkAssignData() (bsc#1185686). - CVE-2018-25009: Fixed heap-based buffer overflow in GetLE16() (bsc#1185673). - CVE-2018-25011: Fixed fail on multiple image chunks (bsc#1186247). Family: unix Class: patch Status: Reference(s): 1005480 1005893 1006221 1016366 1016369 1023895 1032680 1035596 1038564 1042892 1046191 1050751 1052261 1054028 1056995 1059066 1059101 1059155 1061265 1066198 1068101 1076962 1077717 1083125 1085447 1087082 1087845 1089895 1090368 1090638 1090646 1091755 1092497 1093215 1094019 1096890 1099720 1122012 1124357 1133719 1138301 1138303 1156669 1160878 1160883 1160895 1160912 1162388 1185652 1185654 1185673 1185674 1185685 1185686 1185690 1185691 1186247 903543 936786 976955 980486 985025 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2010-4494 CVE-2011-1831 CVE-2011-1832 CVE-2011-1833 CVE-2011-1834 CVE-2011-1835 CVE-2011-1836 CVE-2011-1837 CVE-2011-1944 CVE-2012-5134 CVE-2013-0338 CVE-2013-1969 CVE-2014-0191 CVE-2014-3660 CVE-2014-9687 CVE-2015-1819 CVE-2015-3239 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317 CVE-2015-8710 CVE-2016-10009 CVE-2016-10011 CVE-2016-1572 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627 CVE-2016-3705 CVE-2016-4483 CVE-2016-8858 CVE-2017-11462 CVE-2017-12424 CVE-2017-13166 CVE-2017-14517 CVE-2017-14518 CVE-2017-14520 CVE-2017-14977 CVE-2017-16239 CVE-2017-17833 CVE-2017-7533 CVE-2017-7645 CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 CVE-2017-8054 CVE-2017-8890 CVE-2017-9242 CVE-2018-1000199 CVE-2018-10675 CVE-2018-11255 CVE-2018-12982 CVE-2018-20751 CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2018-3639 CVE-2018-5783 CVE-2018-8781 CVE-2018-8897 CVE-2019-10161 CVE-2019-10167 CVE-2019-18901 CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2758 CVE-2019-2805 CVE-2019-2938 CVE-2019-2974 CVE-2020-2574 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 SUSE-SU-2017:0607-2 SUSE-SU-2017:2091-1 SUSE-SU-2017:2659-1 SUSE-SU-2017:2947-1 SUSE-SU-2017:2952-1 SUSE-SU-2017:3080-1 SUSE-SU-2017:3213-1 SUSE-SU-2018:1375-1 SUSE-SU-2018:1506-1 SUSE-SU-2018:2991-1 SUSE-SU-2019:0284-1 SUSE-SU-2019:1849-1 SUSE-SU-2019:2105-1 SUSE-SU-2020:0831-1 SUSE-SU-2021:1830-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libpotrace0-1.15-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND skopeo-0.1.32-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libpodofo0_9_2-0.9.2-3.9 is installed OR podofo-0.9.2-3.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information openssh-6.6p1-54.7 is installed OR openssh-askpass-gnome-6.6p1-54.7 is installed OR openssh-fips-6.6p1-54.7 is installed OR openssh-helpers-6.6p1-54.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_35-default-4-2 is installed OR kgraft-patch-3_12_69-60_64_35-xen-4-2 is installed OR kgraft-patch-SLE12-SP1_Update_14-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information ecryptfs-utils-103-7 is installed OR ecryptfs-utils-32bit-103-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.4.0esr-109.55 is installed OR MozillaFirefox-devel-60.4.0esr-109.55 is installed OR MozillaFirefox-translations-common-60.4.0esr-109.55 is installed OR libfreebl3-3.40.1-58.18 is installed OR libfreebl3-32bit-3.40.1-58.18 is installed OR libsoftokn3-3.40.1-58.18 is installed OR libsoftokn3-32bit-3.40.1-58.18 is installed OR mozilla-nspr-4.20-19.6 is installed OR mozilla-nspr-32bit-4.20-19.6 is installed OR mozilla-nss-3.40.1-58.18 is installed OR mozilla-nss-32bit-3.40.1-58.18 is installed OR mozilla-nss-certs-3.40.1-58.18 is installed OR mozilla-nss-certs-32bit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-3.40.1-58.18 is installed OR mozilla-nss-sysinit-32bit-3.40.1-58.18 is installed OR mozilla-nss-tools-3.40.1-58.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-openjdk-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-demo-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-devel-1.8.0.212-27.32 is installed OR java-1_8_0-openjdk-headless-1.8.0.212-27.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_59-92_24-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_9-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information at-3.1.14-7 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.124 is installed OR kernel-default-base-4.4.180-94.124 is installed OR kernel-default-devel-4.4.180-94.124 is installed OR kernel-devel-4.4.180-94.124 is installed OR kernel-macros-4.4.180-94.124 is installed OR kernel-source-4.4.180-94.124 is installed OR kernel-syms-4.4.180-94.124 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libwebp5-0.4.3-4.7.1 is installed OR libwebp5-32bit-0.4.3-4.7.1 is installed OR libwebpdemux1-0.4.3-4.7.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libwireshark9-2.4.14-48.45 is installed OR libwiretap7-2.4.14-48.45 is installed OR libwscodecs1-2.4.14-48.45 is installed OR libwsutil8-2.4.14-48.45 is installed OR wireshark-2.4.14-48.45 is installed OR wireshark-gtk-2.4.14-48.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information MozillaFirefox-60.2.2esr-109.46 is installed OR MozillaFirefox-branding-SLE-60-32.3 is installed OR MozillaFirefox-translations-common-60.2.2esr-109.46 is installed OR apache2-mod_nss-1.0.14-19.6 is installed OR libfreebl3-3.36.4-58.15 is installed OR libfreebl3-32bit-3.36.4-58.15 is installed OR libfreebl3-hmac-3.36.4-58.15 is installed OR libfreebl3-hmac-32bit-3.36.4-58.15 is installed OR libsoftokn3-3.36.4-58.15 is installed OR libsoftokn3-32bit-3.36.4-58.15 is installed OR libsoftokn3-hmac-3.36.4-58.15 is installed OR libsoftokn3-hmac-32bit-3.36.4-58.15 is installed OR mozilla-nspr-4.19-19.3 is installed OR mozilla-nspr-32bit-4.19-19.3 is installed OR mozilla-nss-3.36.4-58.15 is installed OR mozilla-nss-32bit-3.36.4-58.15 is installed OR mozilla-nss-certs-3.36.4-58.15 is installed OR mozilla-nss-certs-32bit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-32bit-3.36.4-58.15 is installed OR mozilla-nss-tools-3.36.4-58.15 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information openstack-nova-14.0.10~dev13-4.11 is installed OR openstack-nova-api-14.0.10~dev13-4.11 is installed OR openstack-nova-cells-14.0.10~dev13-4.11 is installed OR openstack-nova-cert-14.0.10~dev13-4.11 is installed OR openstack-nova-compute-14.0.10~dev13-4.11 is installed OR openstack-nova-conductor-14.0.10~dev13-4.11 is installed OR openstack-nova-console-14.0.10~dev13-4.11 is installed OR openstack-nova-consoleauth-14.0.10~dev13-4.11 is installed OR openstack-nova-doc-14.0.10~dev13-4.11 is installed OR openstack-nova-novncproxy-14.0.10~dev13-4.11 is installed OR openstack-nova-placement-api-14.0.10~dev13-4.11 is installed OR openstack-nova-scheduler-14.0.10~dev13-4.11 is installed OR openstack-nova-serialproxy-14.0.10~dev13-4.11 is installed OR openstack-nova-vncproxy-14.0.10~dev13-4.11 is installed OR python-nova-14.0.10~dev13-4.11 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_7_0-openjdk-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.32-3.28 is installed OR mariadb-galera-10.2.32-3.28 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND slf4j-1.7.12-3.3 is installed
BACK