Oval Definition:oval:org.opensuse.security:def:57217
Revision Date:2020-12-01Version:1
Title:Security update for freetype2
Description:



This update fixes:

* * OOB access in bdf_free_font() and _bdf_parse_glyphs() (CVE-2012-5668 and CVE-2012-5669)

As well as the following non-security bugs:

* [bdf] Savannah bug #37905. o src/bdf/bdflib.c (_bdf_parse_start): Reset `props_size' to zero in case of allocation error; this value gets used in a loop in * [bdf] Fix Savannah bug #37906. o src/bdf/bdflib.c (_bdf_parse_glyphs): Use correct array size for checking `glyph_enc'.

Security Issue references:

* CVE-2012-5668 * CVE-2012-5669

Family:unixClass:patch
Status:Reference(s):1055857
1059893
1087082
1087083
1096141
1097108
1099306
1100147
1103203
1107832
1108963
1110233
1116574
1117951
1128829
1128963
1130103
1133528
1139073
1141035
1144902
1154043
1155988
1160163
1162202
795826
927841
959277
CVE-2012-5668
CVE-2012-5669
CVE-2014-3566
CVE-2015-3310
CVE-2015-7201
CVE-2015-7202
CVE-2015-7205
CVE-2015-7210
CVE-2015-7212
CVE-2015-7213
CVE-2015-7214
CVE-2015-7222
CVE-2016-1000031
CVE-2016-6328
CVE-2017-18344
CVE-2017-7544
CVE-2018-10853
CVE-2018-13785
CVE-2018-14633
CVE-2018-14634
CVE-2018-17182
CVE-2018-3136
CVE-2018-3139
CVE-2018-3149
CVE-2018-3169
CVE-2018-3180
CVE-2018-3183
CVE-2018-3214
CVE-2018-3639
CVE-2018-3640
CVE-2018-3646
CVE-2019-10218
CVE-2019-11135
CVE-2019-11139
CVE-2019-18634
CVE-2019-3859
SUSE-SU-2015:2334-1
SUSE-SU-2017:0474-1
SUSE-SU-2018:0193-1
SUSE-SU-2018:1935-1
SUSE-SU-2018:2391-1
SUSE-SU-2018:4064-1
SUSE-SU-2019:1060-1
SUSE-SU-2019:1214-1
SUSE-SU-2019:2893-1
SUSE-SU-2019:2959-1
SUSE-SU-2020:0407-1
SUSE-SU-2020:0516-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • accountsservice-0.6.45-lp150.2 is installed
  • OR accountsservice-lang-0.6.45-lp150.2 is installed
  • OR libaccountsservice0-0.6.45-lp150.2 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.45-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libqb-1.0.3+20190326.a521604-lp151.2.3 is installed
  • OR libqb-devel-1.0.3+20190326.a521604-lp151.2.3 is installed
  • OR libqb-devel-32bit-1.0.3+20190326.a521604-lp151.2.3 is installed
  • OR libqb-tests-1.0.3+20190326.a521604-lp151.2.3 is installed
  • OR libqb-tools-1.0.3+20190326.a521604-lp151.2.3 is installed
  • OR libqb20-1.0.3+20190326.a521604-lp151.2.3 is installed
  • OR libqb20-32bit-1.0.3+20190326.a521604-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • freetype2-2.3.7-25.32 is installed
  • OR freetype2-32bit-2.3.7-25.32 is installed
  • OR freetype2-devel-2.3.7-25.32 is installed
  • OR ft2demos-2.3.7-25.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-38.5.0esr-28 is installed
  • OR MozillaFirefox-translations-38.5.0esr-28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND ucode-intel-20180703-13.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • res-signingkeys-3.0.18-26 is installed
  • OR smt-3.0.18-26 is installed
  • OR smt-support-3.0.18-26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libvirt-2.0.0-27.61 is installed
  • OR libvirt-client-2.0.0-27.61 is installed
  • OR libvirt-daemon-2.0.0-27.61 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.61 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.61 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.61 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.61 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.61 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.61 is installed
  • OR libvirt-daemon-xen-2.0.0-27.61 is installed
  • OR libvirt-doc-2.0.0-27.61 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.61 is installed
  • OR libvirt-nss-2.0.0-27.61 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • ghostscript-9.25-23.13 is installed
  • OR ghostscript-x11-9.25-23.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_50-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_15-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gstreamer-1.8.3-9 is installed
  • OR gstreamer-lang-1.8.3-9 is installed
  • OR gstreamer-utils-1.8.3-9 is installed
  • OR libgstreamer-1_0-0-1.8.3-9 is installed
  • OR libgstreamer-1_0-0-32bit-1.8.3-9 is installed
  • OR typelib-1_0-Gst-1_0-1.8.3-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_100-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libX11-1.6.2-12.8 is installed
  • OR libX11-6-1.6.2-12.8 is installed
  • OR libX11-6-32bit-1.6.2-12.8 is installed
  • OR libX11-data-1.6.2-12.8 is installed
  • OR libX11-xcb1-1.6.2-12.8 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.8 is installed
  • OR libxcb-1.10-4.5 is installed
  • OR libxcb-dri2-0-1.10-4.5 is installed
  • OR libxcb-dri2-0-32bit-1.10-4.5 is installed
  • OR libxcb-dri3-0-1.10-4.5 is installed
  • OR libxcb-dri3-0-32bit-1.10-4.5 is installed
  • OR libxcb-glx0-1.10-4.5 is installed
  • OR libxcb-glx0-32bit-1.10-4.5 is installed
  • OR libxcb-present0-1.10-4.5 is installed
  • OR libxcb-present0-32bit-1.10-4.5 is installed
  • OR libxcb-randr0-1.10-4.5 is installed
  • OR libxcb-render0-1.10-4.5 is installed
  • OR libxcb-render0-32bit-1.10-4.5 is installed
  • OR libxcb-shape0-1.10-4.5 is installed
  • OR libxcb-shm0-1.10-4.5 is installed
  • OR libxcb-shm0-32bit-1.10-4.5 is installed
  • OR libxcb-sync1-1.10-4.5 is installed
  • OR libxcb-sync1-32bit-1.10-4.5 is installed
  • OR libxcb-xf86dri0-1.10-4.5 is installed
  • OR libxcb-xfixes0-1.10-4.5 is installed
  • OR libxcb-xfixes0-32bit-1.10-4.5 is installed
  • OR libxcb-xinerama0-1.10-4.5 is installed
  • OR libxcb-xkb1-1.10-4.5 is installed
  • OR libxcb-xkb1-32bit-1.10-4.5 is installed
  • OR libxcb-xv0-1.10-4.5 is installed
  • OR libxcb1-1.10-4.5 is installed
  • OR libxcb1-32bit-1.10-4.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • MozillaFirefox-60.3.0-109.50 is installed
  • OR MozillaFirefox-translations-common-60.3.0-109.50 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • jasper-1.900.14-195.15 is installed
  • OR libjasper1-1.900.14-195.15 is installed
  • OR libjasper1-32bit-1.900.14-195.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.6 is installed
  • OR libssh2-1-32bit-1.4.3-20.6 is installed
  • OR libssh2_org-1.4.3-20.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • mariadb-10.2.22-4.11 is installed
  • OR mariadb-client-10.2.22-4.11 is installed
  • OR mariadb-errormessages-10.2.22-4.11 is installed
  • OR mariadb-galera-10.2.22-4.11 is installed
  • OR mariadb-tools-10.2.22-4.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • cups-1.7.5-20.26 is installed
  • OR cups-client-1.7.5-20.26 is installed
  • OR cups-libs-1.7.5-20.26 is installed
  • OR cups-libs-32bit-1.7.5-20.26 is installed
    • BACK