Oval Definition:	oval:org.opensuse.security:def:58649
Revision Date: 2020-12-01 Version: 1 Title: Security update for audiofile (Low) Description: This audiofile update fixes the following issue: Security issues fixed: - CVE-2015-7747: Fixed buffer overflow issue when changing both number of channels and sample format. (bsc#949399) - CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp) (bsc#1026979) - CVE-2017-6828: heap-based buffer overflow in readValue (FileHandle.cpp) (bsc#1026980) - CVE-2017-6829: global buffer overflow in decodeSample (IMA.cpp) (bsc#1026981) - CVE-2017-6830: heap-based buffer overflow in alaw2linear_buf (G711.cpp) (bsc#1026982) - CVE-2017-6831: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) (bsc#1026983) - CVE-2017-6832: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) (bsc#1026984) - CVE-2017-6833: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp) (bsc#1026985) - CVE-2017-6834: heap-based buffer overflow in ulaw2linear_buf (G711.cpp) (bsc#1026986) - CVE-2017-6835: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp) (bsc#1026988) - CVE-2017-6836: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h) (bsc#1026987) - CVE-2017-6837, CVE-2017-6838, CVE-2017-6839: multiple ubsan crashes (bsc#1026978) Family: unix Class: patch Status: Reference(s): 1007454 1008519 1009109 1013285 1013341 1013764 1013767 1014109 1014110 1014111 1014112 1014256 1014514 1016779 1026978 1026979 1026980 1026981 1026982 1026983 1026984 1026985 1026986 1026987 1026988 1040662 1049423 1052448 1052449 1052466 1077732 1079405 1083125 1083488 1085114 1085447 1090338 1090368 1090646 1090869 1092885 1096740 1103098 1121826 1150733 1164692 1169740 1171355 1172651 1173334 1174628 937125 949399 CVE-2012-3466 CVE-2014-7300 CVE-2015-0247 CVE-2015-1572 CVE-2015-7747 CVE-2016-9102 CVE-2016-9103 CVE-2016-9381 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846 CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913 CVE-2016-9921 CVE-2016-9922 CVE-2017-11423 CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 CVE-2017-13166 CVE-2017-6418 CVE-2017-6419 CVE-2017-6420 CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830 CVE-2017-6831 CVE-2017-6832 CVE-2017-6833 CVE-2017-6834 CVE-2017-6835 CVE-2017-6836 CVE-2017-6837 CVE-2017-6838 CVE-2017-6839 CVE-2018-1068 CVE-2018-1087 CVE-2018-3639 CVE-2018-3665 CVE-2018-5391 CVE-2018-7566 CVE-2018-8781 CVE-2018-8897 CVE-2018-8956 CVE-2019-3689 CVE-2019-6133 CVE-2020-11868 CVE-2020-13817 CVE-2020-14344 CVE-2020-15025 CVE-2020-1938 SUSE-SU-2017:0127-1 SUSE-SU-2017:0940-1 SUSE-SU-2018:0255-1 SUSE-SU-2018:0990-1 SUSE-SU-2018:1534-1 SUSE-SU-2018:1942-1 SUSE-SU-2019:2035-1 SUSE-SU-2019:2781-1 SUSE-SU-2020:0725-1 SUSE-SU-2020:2196-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libXxf86vm1-1.1.4-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information podman-1.4.4-lp151.3.6 is installed OR podman-cni-config-1.4.4-lp151.3.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information qemu-2.6.2-41.40 is installed OR qemu-block-curl-2.6.2-41.40 is installed OR qemu-block-rbd-2.6.2-41.40 is installed OR qemu-block-ssh-2.6.2-41.40 is installed OR qemu-guest-agent-2.6.2-41.40 is installed OR qemu-ipxe-1.0.0-41.40 is installed OR qemu-kvm-2.6.2-41.40 is installed OR qemu-lang-2.6.2-41.40 is installed OR qemu-seabios-1.9.1-41.40 is installed OR qemu-sgabios-8-41.40 is installed OR qemu-tools-2.6.2-41.40 is installed OR qemu-vgabios-1.9.1-41.40 is installed OR qemu-x86-2.6.2-41.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_35-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_12-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information e2fsprogs-1.42.11-15 is installed OR libcom_err2-1.42.11-15 is installed OR libcom_err2-32bit-1.42.11-15 is installed OR libext2fs2-1.42.11-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpython3_4m1_0-3.4.6-25.16 is installed OR python3-3.4.6-25.16 is installed OR python3-base-3.4.6-25.16 is installed OR python3-curses-3.4.6-25.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libspice-client-glib-2_0-8-0.33-3.6 is installed OR libspice-client-glib-helper-0.33-3.6 is installed OR libspice-client-gtk-3_0-5-0.33-3.6 is installed OR libspice-controller0-0.33-3.6 is installed OR typelib-1_0-SpiceClientGlib-2_0-0.33-3.6 is installed OR typelib-1_0-SpiceClientGtk-3_0-0.33-3.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information tomcat-9.0.36-3.45 is installed OR tomcat-admin-webapps-9.0.36-3.45 is installed OR tomcat-docs-webapp-9.0.36-3.45 is installed OR tomcat-el-3_0-api-9.0.36-3.45 is installed OR tomcat-javadoc-9.0.36-3.45 is installed OR tomcat-jsp-2_3-api-9.0.36-3.45 is installed OR tomcat-lib-9.0.36-3.45 is installed OR tomcat-servlet-4_0-api-9.0.36-3.45 is installed OR tomcat-webapps-9.0.36-3.45 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information dnsmasq-2.78-18.6 is installed OR dnsmasq-utils-2.78-18.6 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND slf4j-1.7.12-3.3 is installed
BACK