OVAL Reference oval:org.opensuse.security:def:58499

Oval Definition:

oval:org.opensuse.security:def:58499

Revision Date:	2020-12-01	Version:	1
Title:	Security update for jasper (Moderate)
Description:	This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-9262: Multiple integer overflows in the jas_realloc function in base/jas_malloc.c and mem_resize function in base/jas_stream.c allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. (bsc#1009994) - CVE-2016-9388: The ras_getcmap function in ras_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010975) - CVE-2016-9389: The jpc_irct and jpc_iict functions in jpc_mct.c allow remote attackers to cause a denial of service (assertion failure). (bsc#1010968) - CVE-2016-9390: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010774) - CVE-2016-9391: The jpc_bitstream_getbits function in jpc_bs.c allows remote attackers to cause a denial of service (assertion failure) via a very large integer. (bsc#1010782) - CVE-2017-1000050: The jp2_encode function in jp2_enc.c allows remote attackers to cause a denial of service. (bsc#1047958) CVEs already fixed with previous update: - CVE-2016-9392: The calcstepsizes function in jpc_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010757) - CVE-2016-9393: The jpc_pi_nextrpcl function in jpc_t2cod.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010766) - CVE-2016-9394: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010756)
Family:	unix	Class:	patch
Status:		Reference(s):	1009994 1010756 1010757 1010766 1010774 1010782 1010968 1010975 1019416 1024416 1027147 1047958 1049379 1050135 1052249 1052253 1052545 1053431 1054924 1055219 1055430 1061873 1067841 1067844 1076366 1083125 1083630 1085447 1085449 1090368 1090646 1090869 1093311 1096723 1102682 1105323 1106191 1129180 1131863 1134156 1139959 1140122 1140359 1146882 1146884 1170715 1170771 1172698 1172704 1174157 1174662 993692 993707 CVE-2016-7530 CVE-2016-9262 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 CVE-2016-9391 CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2017-1000050 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10078 CVE-2017-10081 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10115 CVE-2017-10116 CVE-2017-10125 CVE-2017-10243 CVE-2017-11446 CVE-2017-11534 CVE-2017-12428 CVE-2017-12431 CVE-2017-12433 CVE-2017-12627 CVE-2017-13133 CVE-2017-13139 CVE-2017-13166 CVE-2017-15033 CVE-2017-15098 CVE-2017-15099 CVE-2017-2619 CVE-2018-1000026 CVE-2018-1087 CVE-2018-10902 CVE-2018-10938 CVE-2018-1417 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-5390 CVE-2018-8781 CVE-2018-8897 CVE-2019-12973 CVE-2019-13012 CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 CVE-2019-3835 CVE-2019-3839 CVE-2020-12243 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-8023 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 SUSE-SU-2017:0859-1 SUSE-SU-2017:1916-1 SUSE-SU-2017:2263-1 SUSE-SU-2017:2949-1 SUSE-SU-2017:3391-1 SUSE-SU-2018:0663-1 SUSE-SU-2018:1524-1 SUSE-SU-2018:1764-2 SUSE-SU-2019:1830-1 SUSE-SU-2020:1193-1 SUSE-SU-2020:2861-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libICE6-1.0.9-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libxslt-1.1.32-lp151.3.3 is installed OR libxslt-devel-1.1.32-lp151.3.3 is installed OR libxslt-devel-32bit-1.1.32-lp151.3.3 is installed OR libxslt-python-1.1.32-lp151.3.3 is installed OR libxslt-tools-1.1.32-lp151.3.3 is installed OR libxslt1-1.1.32-lp151.3.3 is installed OR libxslt1-32bit-1.1.32-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information jasper-1.900.14-195.3 is installed OR libjasper1-1.900.14-195.3 is installed OR libjasper1-32bit-1.900.14-195.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_32-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_11-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information grub2-2.02-2 is installed OR grub2-arm64-efi-2.02-2 is installed OR grub2-i386-pc-2.02-2 is installed OR grub2-powerpc-ieee1275-2.02-2 is installed OR grub2-s390x-emu-2.02-2 is installed OR grub2-snapper-plugin-2.02-2 is installed OR grub2-systemd-sleep-plugin-2.02-2 is installed OR grub2-x86_64-efi-2.02-2 is installed OR grub2-x86_64-xen-2.02-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information freeradius-server-3.0.15-2.11 is installed OR freeradius-server-doc-3.0.15-2.11 is installed OR freeradius-server-krb5-3.0.15-2.11 is installed OR freeradius-server-ldap-3.0.15-2.11 is installed OR freeradius-server-libs-3.0.15-2.11 is installed OR freeradius-server-mysql-3.0.15-2.11 is installed OR freeradius-server-perl-3.0.15-2.11 is installed OR freeradius-server-postgresql-3.0.15-2.11 is installed OR freeradius-server-python-3.0.15-2.11 is installed OR freeradius-server-sqlite-3.0.15-2.11 is installed OR freeradius-server-utils-3.0.15-2.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gtk2-data-2.24.31-7 is installed OR gtk2-lang-2.24.31-7 is installed OR gtk2-tools-2.24.31-7 is installed OR gtk2-tools-32bit-2.24.31-7 is installed OR libgtk-2_0-0-2.24.31-7 is installed OR libgtk-2_0-0-32bit-2.24.31-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information tomcat-9.0.36-3.42 is installed OR tomcat-admin-webapps-9.0.36-3.42 is installed OR tomcat-docs-webapp-9.0.36-3.42 is installed OR tomcat-el-3_0-api-9.0.36-3.42 is installed OR tomcat-javadoc-9.0.36-3.42 is installed OR tomcat-jsp-2_3-api-9.0.36-3.42 is installed OR tomcat-lib-9.0.36-3.42 is installed OR tomcat-servlet-4_0-api-9.0.36-3.42 is installed OR tomcat-webapps-9.0.36-3.42 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed

BACK