Oval Definition:	oval:org.opensuse.security:def:58005
Revision Date: 2021-09-16 Version: 1 Title: Security update for transfig (Moderate) Description: This update for transfig fixes the following issues: Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef() (bsc#1186329). - CVE-2020-21683: Fixed buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c (bsc#1189325). - CVE-2020-21682: Fixed buffer overflow in the set_fill component in genge.c (bsc#1189346). - CVE-2020-21681: Fixed buffer overflow in the set_color component in genge.c (bsc#1189345). - CVE-2020-21680: Fixed stack-based buffer overflow in the put_arrow() component in genpict2e.c (bsc#1189343). - CVE-2019-19797: out-of-bounds write in read_colordef in read.c (bsc#1159293). - CVE-2019-19555: stack-based buffer overflow because of an incorrect sscanf (bsc#1161698). - CVE-2019-19746: segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130). Family: unix Class: patch Status: Reference(s): 1006984 1006989 1010685 1012382 1012917 1019784 1022476 1031717 1037811 1038078 1038085 1043652 1048585 1052360 1056427 1060279 1066223 1066842 1068032 1068038 1068569 1068984 1069160 1070799 1072163 1072484 1072589 1073229 1073928 1074134 1074392 1074488 1074621 1074709 1074839 1074847 1075066 1075078 1075087 1075091 1075428 1075617 1075621 1075627 1075994 1076017 1076110 1076806 1076809 1076872 1076899 1077068 1077560 1077592 1078526 1078681 1080157 1083125 1083424 1083630 1087082 1088268 1090036 1090368 1090646 1090869 1090953 1091041 1092289 1093215 1094019 1097560 1097824 1098369 1098531 1101644 1101645 1101651 1101656 1103809 1103810 1104076 1109673 1110279 1111853 1112142 1112143 1112144 1112146 1112147 1112152 1112153 1116998 1129346 1130847 1136882 1137825 1155321 1155787 1156318 1157471 1159130 1159293 1159329 1161698 1161719 1163809 1165528 1169658 1186329 1189325 1189343 1189345 1189346 963844 977043 988524 988903 CVE-2016-1248 CVE-2017-0861 CVE-2017-12627 CVE-2017-15129 CVE-2017-17712 CVE-2017-17862 CVE-2017-17864 CVE-2017-18017 CVE-2017-2518 CVE-2017-5715 CVE-2018-1000004 CVE-2018-1000199 CVE-2018-1087 CVE-2018-12327 CVE-2018-12470 CVE-2018-12471 CVE-2018-12472 CVE-2018-13785 CVE-2018-16435 CVE-2018-17407 CVE-2018-2938 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214 CVE-2018-3639 CVE-2018-3639 CVE-2018-3760 CVE-2018-4191 CVE-2018-4197 CVE-2018-4207 CVE-2018-4208 CVE-2018-4209 CVE-2018-4210 CVE-2018-4212 CVE-2018-4213 CVE-2018-4261 CVE-2018-4262 CVE-2018-4263 CVE-2018-4264 CVE-2018-4265 CVE-2018-4266 CVE-2018-4267 CVE-2018-4270 CVE-2018-4272 CVE-2018-4273 CVE-2018-4278 CVE-2018-4284 CVE-2018-4299 CVE-2018-4306 CVE-2018-4309 CVE-2018-4312 CVE-2018-4314 CVE-2018-4315 CVE-2018-4316 CVE-2018-4317 CVE-2018-4318 CVE-2018-4319 CVE-2018-4323 CVE-2018-4328 CVE-2018-4345 CVE-2018-4358 CVE-2018-4359 CVE-2018-4361 CVE-2018-4372 CVE-2018-4373 CVE-2018-4375 CVE-2018-4376 CVE-2018-4378 CVE-2018-4382 CVE-2018-4386 CVE-2018-4392 CVE-2018-4416 CVE-2018-5332 CVE-2018-5333 CVE-2018-7170 CVE-2018-8781 CVE-2018-8897 CVE-2019-12387 CVE-2019-19191 CVE-2019-19555 CVE-2019-19746 CVE-2019-19797 CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9636 CVE-2019-9948 CVE-2020-10018 CVE-2020-11793 CVE-2020-21680 CVE-2020-21681 CVE-2020-21682 CVE-2020-21683 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2021-3561 SUSE-SU-2016:2942-1 SUSE-SU-2018:0416-1 SUSE-SU-2018:1242-1 SUSE-SU-2018:1377-1 SUSE-SU-2018:1523-1 SUSE-SU-2018:2217-1 SUSE-SU-2018:2898-1 SUSE-SU-2018:3033-2 SUSE-SU-2018:3342-1 SUSE-SU-2019:0049-1 SUSE-SU-2019:0059-1 SUSE-SU-2019:1439-1 SUSE-SU-2019:2066-1 SUSE-SU-2019:3050-1 SUSE-SU-2020:0115-1 SUSE-SU-2020:1135-1 SUSE-SU-2020:2225-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND klogd-1.4.1-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-77.0.3865.90-lp151.2.33 is installed OR chromium-77.0.3865.90-lp151.2.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libsqlite3-0-3.8.10.2-9.15 is installed OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed OR sqlite3-3.8.10.2-9.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gvim-7.4.326-7 is installed OR vim-7.4.326-7 is installed OR vim-data-7.4.326-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ntp-4.2.8p12-64.8 is installed OR ntp-doc-4.2.8p12-64.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND transfig-3.2.8a-2.17.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libopenssl-devel-1.0.2j-60.46 is installed OR libopenssl1_0_0-1.0.2j-60.46 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed OR openssl-1.0.2j-60.46 is installed OR openssl-doc-1.0.2j-60.46 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libupsclient1-2.7.1-1 is installed OR nut-2.7.1-1 is installed OR nut-drivers-net-2.7.1-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information ruby2.1-rubygem-sprockets-2_12-2.12.5-1.3 is installed OR rubygem-sprockets-2_12-2.12.5-1.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-SQLAlchemy-1.1.12-3.5 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.5 is installed
BACK