Oval Definition:	oval:org.opensuse.security:def:57485
Revision Date: 2021-08-05 Version: 1 Title: Security update for libsndfile (Critical) Description: This update for libsndfile fixes the following issues: - CVE-2018-13139: Fixed a stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (bsc#1100167) - CVE-2018-19432: Fixed a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. (bsc#1116993) - CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540) - CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. (bsc#1117954) Family: unix Class: patch Status: Reference(s): 1005410 1006118 1007925 1008340 1008648 1017141 1017695 1019938 1020063 1021578 1021687 1027243 1041445 1100167 1102682 1111331 1111634 1111635 1116993 1117080 1117954 1129346 1131595 1133191 1135273 1138034 1150733 1151021 1160048 1160968 1162972 1188540 877258 902375 908275 952810 CVE-2009-0946 CVE-2010-2497 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2010-3855 CVE-2011-0226 CVE-2011-3256 CVE-2011-3439 CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2014-2240 CVE-2014-2241 CVE-2014-3146 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2015-3451 CVE-2015-4513 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 CVE-2015-8872 CVE-2016-4804 CVE-2016-8637 CVE-2017-9148 CVE-2018-1000807 CVE-2018-1000808 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-13139 CVE-2018-17954 CVE-2018-19432 CVE-2018-19758 CVE-2018-5390 CVE-2019-10164 CVE-2019-11091 CVE-2019-11487 CVE-2019-14835 CVE-2019-16770 CVE-2019-3689 CVE-2019-3886 CVE-2019-9636 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 CVE-2021-3246 SUSE-SU-2015:1981-1 SUSE-SU-2017:0951-1 SUSE-SU-2017:1705-1 SUSE-SU-2018:4063-1 SUSE-SU-2019:0961-1 SUSE-SU-2019:1438-1 SUSE-SU-2019:1767-1 SUSE-SU-2019:1783-1 SUSE-SU-2019:2781-1 SUSE-SU-2020:0311-1 SUSE-SU-2020:0456-1 SUSE-SU-2021:2615-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information cups-pk-helper-0.2.6-lp150.1 is installed OR cups-pk-helper-lang-0.2.6-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libtasn1-4.13-lp151.4.3 is installed OR libtasn1-6-4.13-lp151.4.3 is installed OR libtasn1-6-32bit-4.13-lp151.4.3 is installed OR libtasn1-devel-4.13-lp151.4.3 is installed OR libtasn1-devel-32bit-4.13-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND python-lxml-2.3.6-0.13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information MozillaFirefox-38.4.0esr-25 is installed OR MozillaFirefox-branding-SLED-38-15 is installed OR MozillaFirefox-translations-38.4.0esr-25 is installed OR libfreebl3-3.19.2.1-19 is installed OR libfreebl3-32bit-3.19.2.1-19 is installed OR libsoftokn3-3.19.2.1-19 is installed OR libsoftokn3-32bit-3.19.2.1-19 is installed OR mozilla-nspr-4.10.10-16 is installed OR mozilla-nspr-32bit-4.10.10-16 is installed OR mozilla-nss-3.19.2.1-19 is installed OR mozilla-nss-32bit-3.19.2.1-19 is installed OR mozilla-nss-tools-3.19.2.1-19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_110-default-5-2 is installed OR kgraft-patch-3_12_74-60_64_110-xen-5-2 is installed OR kgraft-patch-SLE12-SP1_Update_33-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND dosfstools-3.0.26-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_98-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_26-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information python-cryptography-1.3.1-7.13 is installed OR python-pyOpenSSL-16.0.0-4.11 is installed OR python-setuptools-18.0.1-4.8 is installed OR python3-cryptography-1.3.1-7.13 is installed OR python3-pyOpenSSL-16.0.0-4.11 is installed OR python3-setuptools-18.0.1-4.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cups-pk-helper-0.2.5-5 is installed OR cups-pk-helper-lang-0.2.5-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libsndfile1-1.0.25-36.23.1 is installed OR libsndfile1-32bit-1.0.25-36.23.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kernel-default-4.4.180-94.127 is installed OR kernel-default-base-4.4.180-94.127 is installed OR kernel-default-devel-4.4.180-94.127 is installed OR kernel-default-kgraft-4.4.180-94.127 is installed OR kernel-default-man-4.4.180-94.127 is installed OR kernel-devel-4.4.180-94.127 is installed OR kernel-macros-4.4.180-94.127 is installed OR kernel-source-4.4.180-94.127 is installed OR kernel-syms-4.4.180-94.127 is installed OR kgraft-patch-4_4_180-94_127-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_34-1-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND python-urllib3-1.22-7.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libX11-6-1.6.2-12.5 is installed OR libX11-6-32bit-1.6.2-12.5 is installed OR libX11-data-1.6.2-12.5 is installed OR libX11-xcb1-1.6.2-12.5 is installed OR libX11-xcb1-32bit-1.6.2-12.5 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information pdns-4.1.2-3.3 is installed OR pdns-backend-mysql-4.1.2-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information kafka-0.10.2.2-5.6 is installed OR openstack-monasca-api-2.2.1~dev24-3.6 is installed OR python-monasca-api-2.2.1~dev24-3.6 is installed
BACK