Oval Definition:	oval:org.opensuse.security:def:58756
Revision Date: 2021-06-02 Version: 1 Title: Security update for libwebp (Critical) Description: This update for libwebp fixes the following issues: - CVE-2018-25010: Fixed heap-based buffer overflow in ApplyFilter() (bsc#1185685). - CVE-2020-36330: Fixed heap-based buffer overflow in ChunkVerifyAndAssign() (bsc#1185691). - CVE-2020-36332: Fixed extreme memory allocation when reading a file (bsc#1185674). - CVE-2020-36329: Fixed use-after-free in EmitFancyRGB() (bsc#1185652). - CVE-2018-25012: Fixed heap-based buffer overflow in GetLE24() (bsc#1185690). - CVE-2018-25013: Fixed heap-based buffer overflow in ShiftBytes() (bsc#1185654). - CVE-2020-36331: Fixed heap-based buffer overflow in ChunkAssignData() (bsc#1185686). - CVE-2018-25009: Fixed heap-based buffer overflow in GetLE16() (bsc#1185673). - CVE-2018-25011: Fixed fail on multiple image chunks (bsc#1186247). Family: unix Class: patch Status: Reference(s): 1012382 1031717 1036304 1045735 1046610 1049825 1057734 1070536 1070851 1075428 1076192 1076847 1077560 1079334 1080919 1081741 1082153 1082299 1083125 1083745 1083836 1084353 1084610 1084721 1084829 1085042 1085185 1085224 1085402 1085404 1086162 1086194 1087088 1087200 1087260 1087845 1088241 1088242 1088600 1088684 1088705 1089198 1089608 1089644 1089752 1090338 1090643 1091624 1092413 1096740 1096803 1099847 1100028 1101349 1102429 1103411 1106222 1108308 1109465 1110910 1111006 1111010 1111013 1112852 1114422 1117473 1121563 1123482 1124525 1124729 1124734 1125352 1126056 1127223 1127308 1127557 1128378 1128574 1128657 1130230 1132348 1132400 1132721 1133810 1140868 1145665 1149323 1174628 1185652 1185654 1185673 1185674 1185685 1185686 1185690 1185691 1186247 955942 CVE-2009-5155 CVE-2011-1761 CVE-2012-2737 CVE-2013-4233 CVE-2013-4234 CVE-2014-2892 CVE-2014-9273 CVE-2017-18257 CVE-2017-9269 CVE-2018-10087 CVE-2018-10124 CVE-2018-1050 CVE-2018-10839 CVE-2018-10858 CVE-2018-1087 CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 CVE-2018-15746 CVE-2018-17958 CVE-2018-17962 CVE-2018-17963 CVE-2018-18849 CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2018-3665 CVE-2018-6954 CVE-2018-7685 CVE-2018-7740 CVE-2018-8043 CVE-2018-8781 CVE-2018-8822 CVE-2018-8897 CVE-2019-11709 CVE-2019-11710 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11714 CVE-2019-11715 CVE-2019-11716 CVE-2019-11717 CVE-2019-11718 CVE-2019-11719 CVE-2019-11720 CVE-2019-11721 CVE-2019-11723 CVE-2019-11724 CVE-2019-11725 CVE-2019-11727 CVE-2019-11728 CVE-2019-11729 CVE-2019-11730 CVE-2019-11733 CVE-2019-11735 CVE-2019-11736 CVE-2019-11738 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11747 CVE-2019-11748 CVE-2019-11749 CVE-2019-11750 CVE-2019-11751 CVE-2019-11752 CVE-2019-11753 CVE-2019-3842 CVE-2019-6454 CVE-2019-6974 CVE-2019-7221 CVE-2019-9169 CVE-2019-9213 CVE-2019-9811 CVE-2019-9812 CVE-2020-14344 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 SUSE-SU-2018:1173-1 SUSE-SU-2018:1944-1 SUSE-SU-2018:2339-1 SUSE-SU-2018:3074-1 SUSE-SU-2018:3749-1 SUSE-SU-2018:4237-1 SUSE-SU-2019:1265-1 SUSE-SU-2019:1958-1 SUSE-SU-2020:2117-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND kdebase4-workspace-libs-4.11.22-lp150.7 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND haproxy-2.0.10+git0.ac198b92-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libsystemd0-228-150.66 is installed OR libsystemd0-32bit-228-150.66 is installed OR libudev1-228-150.66 is installed OR libudev1-32bit-228-150.66 is installed OR systemd-228-150.66 is installed OR systemd-32bit-228-150.66 is installed OR systemd-bash-completion-228-150.66 is installed OR systemd-sysvinit-228-150.66 is installed OR udev-228-150.66 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libzypp-16.17.20-27.52 is installed OR zypper-1.13.45-18.33 is installed OR zypper-log-1.13.45-18.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libwebp5-0.4.3-4.7.1 is installed OR libwebp5-32bit-0.4.3-4.7.1 is installed OR libwebpdemux1-0.4.3-4.7.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed
BACK