Oval Definition:	oval:org.opensuse.security:def:58551
Revision Date: 2020-12-01 Version: 1 Title: Security update for openjpeg2 (Moderate) Description: This update for openjpeg2 fixes several issues. These security issues were fixed: - CVE-2016-10507: Integer overflow vulnerability in the bmp24toimage function allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file (bsc#1056421). - CVE-2017-14039: A heap-based buffer overflow was discovered in the opj_t2_encode_packet function. The vulnerability caused an out-of-bounds write, which may have lead to remote denial of service or possibly unspecified other impact (bsc#1056622). - CVE-2017-14164: A size-validation issue was discovered in opj_j2k_write_sot. The vulnerability caused an out-of-bounds write, which may have lead to remote DoS or possibly remote code execution (bsc#1057511). - CVE-2017-14040: An invalid write access was discovered in bin/jp2/convert.c, triggering a crash in the tgatoimage function. The vulnerability may have lead to remote denial of service or possibly unspecified other impact (bsc#1056621). - CVE-2017-14041: A stack-based buffer overflow was discovered in the pgxtoimage function. The vulnerability caused an out-of-bounds write, which may have lead to remote denial of service or possibly remote code execution (bsc#1056562). Family: unix Class: patch Status: Reference(s): 1000195 1002496 1005028 1012651 1014298 1014300 1015169 1016340 1022871 1023004 1024041 1024047 1024076 1024079 1024834 1034849 1056421 1056562 1056621 1056622 1057511 1059066 1059101 1059155 1061265 1068032 1077001 1087066 1090023 1090024 1090025 1090026 1090027 1090028 1090029 1090030 1090032 1090033 1102682 1107832 1111622 1116574 1119947 1122668 1123886 1155787 1160467 1160468 1160594 1160764 1161779 1163922 1174157 CVE-2016-10507 CVE-2016-9921 CVE-2016-9922 CVE-2017-14039 CVE-2017-14040 CVE-2017-14041 CVE-2017-14164 CVE-2017-14517 CVE-2017-14518 CVE-2017-14520 CVE-2017-14977 CVE-2017-2518 CVE-2017-2615 CVE-2017-2620 CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2017-5715 CVE-2017-5837 CVE-2017-5839 CVE-2017-5842 CVE-2017-5844 CVE-2018-1000007 CVE-2018-13785 CVE-2018-14633 CVE-2018-16884 CVE-2018-18074 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 CVE-2018-5390 CVE-2019-14896 CVE-2019-14897 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-8013 SUSE-SU-2017:0571-1 SUSE-SU-2017:1039-1 SUSE-SU-2017:1445-1 SUSE-SU-2017:2649-1 SUSE-SU-2017:2952-1 SUSE-SU-2018:0008-1 SUSE-SU-2018:0217-1 SUSE-SU-2018:3789-1 SUSE-SU-2018:4064-1 SUSE-SU-2019:3050-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information curl-7.59.0-lp150.1 is installed OR libcurl4-7.59.0-lp150.1 is installed OR libcurl4-32bit-7.59.0-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information python-requests-2.20.1-lp151.2.3 is installed OR python-requests-test-2.20.1-lp151.2.3 is installed OR python2-requests-2.20.1-lp151.2.3 is installed OR python2-requests-test-2.20.1-lp151.2.3 is installed OR python3-requests-2.20.1-lp151.2.3 is installed OR python3-requests-test-2.20.1-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libopenjp2-7-2.1.0-4.6 is installed OR openjpeg2-2.1.0-4.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.25-30.39 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_98-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_26-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND libXxf86dga1-1.1.4-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20200602-13.68 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information grub2-2.02-4.53 is installed OR grub2-arm64-efi-2.02-4.53 is installed OR grub2-i386-pc-2.02-4.53 is installed OR grub2-snapper-plugin-2.02-4.53 is installed OR grub2-systemd-sleep-plugin-2.02-4.53 is installed OR grub2-x86_64-efi-2.02-4.53 is installed OR grub2-x86_64-xen-2.02-4.53 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libXvnc1-1.6.0-18.23 is installed OR tigervnc-1.6.0-18.23 is installed OR xorg-x11-Xvnc-1.6.0-18.23 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-PyKMIP-0.6.0-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information git-2.26.2-27.36 is installed OR git-core-2.26.2-27.36 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.3 is installed
BACK