Oval Definition:	oval:org.opensuse.security:def:57924
Revision Date: 2021-06-02 Version: 1 Title: Security update for libwebp (Critical) Description: This update for libwebp fixes the following issues: - CVE-2018-25010: Fixed heap-based buffer overflow in ApplyFilter() (bsc#1185685). - CVE-2020-36330: Fixed heap-based buffer overflow in ChunkVerifyAndAssign() (bsc#1185691). - CVE-2020-36332: Fixed extreme memory allocation when reading a file (bsc#1185674). - CVE-2020-36329: Fixed use-after-free in EmitFancyRGB() (bsc#1185652). - CVE-2018-25012: Fixed heap-based buffer overflow in GetLE24() (bsc#1185690). - CVE-2018-25013: Fixed heap-based buffer overflow in ShiftBytes() (bsc#1185654). - CVE-2020-36331: Fixed heap-based buffer overflow in ChunkAssignData() (bsc#1185686). - CVE-2018-25009: Fixed heap-based buffer overflow in GetLE16() (bsc#1185673). - CVE-2018-25011: Fixed fail on multiple image chunks (bsc#1186247). Family: unix Class: patch Status: Reference(s): 1006984 1006989 1012075 1016715 1019948 1027038 1037811 1039034 1040107 1040114 1041891 1042632 1043328 1047218 1052522 1055165 1055268 1058374 1058729 1060110 1062583 1067443 1068906 1069401 1080891 1082318 1083087 1085276 1088681 1092544 1093130 1097560 1097824 1103809 1103810 1104076 1104826 1120114 1120115 1120116 1120117 1120118 1120119 1120120 1120121 1120122 1122706 1129346 1130847 1132728 1132729 1132732 1132734 1134718 1139083 1145092 1162610 1172515 1176315 1185652 1185654 1185673 1185674 1185685 1185686 1185690 1185691 1186247 977043 CVE-2008-1686 CVE-2013-4326 CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749 CVE-2016-2183 CVE-2016-4975 CVE-2016-8743 CVE-2017-10268 CVE-2017-10286 CVE-2017-10320 CVE-2017-10365 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384 CVE-2017-12596 CVE-2017-15365 CVE-2017-3257 CVE-2017-3302 CVE-2017-3308 CVE-2017-3309 CVE-2017-3313 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 CVE-2017-9110 CVE-2017-9114 CVE-2018-12470 CVE-2018-12471 CVE-2018-12472 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-2755 CVE-2018-2759 CVE-2018-2761 CVE-2018-2766 CVE-2018-2767 CVE-2018-2771 CVE-2018-2777 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2786 CVE-2018-2787 CVE-2018-2810 CVE-2018-2813 CVE-2018-2817 CVE-2018-2819 CVE-2018-6307 CVE-2018-7750 CVE-2019-10208 CVE-2019-10245 CVE-2019-12900 CVE-2019-2602 CVE-2019-2684 CVE-2019-2697 CVE-2019-2698 CVE-2019-3813 CVE-2019-9636 CVE-2019-9948 CVE-2020-17507 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 CVE-2020-8597 SUSE-SU-2017:0720-1 SUSE-SU-2018:0585-1 SUSE-SU-2018:0844-1 SUSE-SU-2018:1853-1 SUSE-SU-2018:2815-1 SUSE-SU-2018:2898-1 SUSE-SU-2019:0060-1 SUSE-SU-2019:0230-1 SUSE-SU-2019:1439-1 SUSE-SU-2019:1644-1 SUSE-SU-2019:2013-1 SUSE-SU-2019:2158-1 SUSE-SU-2019:2159-1 SUSE-SU-2020:0490-1 SUSE-SU-2020:2760-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information bind-9.11.2-lp150.7 is installed OR bind-chrootenv-9.11.2-lp150.7 is installed OR bind-utils-9.11.2-lp150.7 is installed OR libbind9-160-9.11.2-lp150.7 is installed OR libdns169-9.11.2-lp150.7 is installed OR libirs160-9.11.2-lp150.7 is installed OR libisc166-9.11.2-lp150.7 is installed OR libisccc160-9.11.2-lp150.7 is installed OR libisccfg160-9.11.2-lp150.7 is installed OR liblwres160-9.11.2-lp150.7 is installed OR python3-bind-9.11.2-lp150.7 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information rmt-server-2.3.1-lp151.2.3 is installed OR rmt-server-config-2.3.1-lp151.2.3 is installed OR rmt-server-pubcloud-2.3.1-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libpython2_7-1_0-2.7.13-28.26 is installed OR libpython2_7-1_0-32bit-2.7.13-28.26 is installed OR python-2.7.13-28.26 is installed OR python-32bit-2.7.13-28.26 is installed OR python-base-2.7.13-28.26 is installed OR python-base-32bit-2.7.13-28.26 is installed OR python-curses-2.7.13-28.26 is installed OR python-demo-2.7.13-28.26 is installed OR python-devel-2.7.13-28.26 is installed OR python-doc-2.7.13-28.26 is installed OR python-doc-pdf-2.7.13-28.26 is installed OR python-gdbm-2.7.13-28.26 is installed OR python-idle-2.7.13-28.26 is installed OR python-tk-2.7.13-28.26 is installed OR python-xml-2.7.13-28.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND rtkit-0.11_git201205151338-8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.35-30.50 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.35-30.50 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.35-30.50 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.35-30.50 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gdk-pixbuf-lang-2.34.0-18 is installed OR gdk-pixbuf-query-loaders-2.34.0-18 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-18 is installed OR libgdk_pixbuf-2_0-0-2.34.0-18 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-18 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libwebp5-0.4.3-4.7.1 is installed OR libwebp5-32bit-0.4.3-4.7.1 is installed OR libwebpdemux1-0.4.3-4.7.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpolkit0-0.113-5.12 is installed OR polkit-0.113-5.12 is installed OR typelib-1_0-Polkit-1_0-0.113-5.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libicu-doc-52.1-8.7 is installed OR libicu52_1-52.1-8.7 is installed OR libicu52_1-32bit-52.1-8.7 is installed OR libicu52_1-data-52.1-8.7 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information galera-3-25.3.23-8 is installed OR galera-3-wsrep-provider-25.3.23-8 is installed OR libmariadb3-3.0.3-1.3 is installed OR mariadb-10.2.15-7 is installed OR mariadb-client-10.2.15-7 is installed OR mariadb-connector-c-3.0.3-1.3 is installed OR mariadb-errormessages-10.2.15-7 is installed OR mariadb-galera-10.2.15-7 is installed OR mariadb-tools-10.2.15-7 is installed OR ruby2.1-rubygem-mysql2-0.4.10-7 is installed OR rubygem-mysql2-0.4.10-7 is installed OR xtrabackup-2.4.10-5 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND git-2.12.3-27.17 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.0-11.27 is installed
BACK