Oval Definition:	oval:org.opensuse.security:def:59482
Revision Date: 2021-06-02 Version: 1 Title: Security update for libwebp (Critical) Description: This update for libwebp fixes the following issues: - CVE-2018-25010: Fixed heap-based buffer overflow in ApplyFilter() (bsc#1185685). - CVE-2020-36330: Fixed heap-based buffer overflow in ChunkVerifyAndAssign() (bsc#1185691). - CVE-2020-36332: Fixed extreme memory allocation when reading a file (bsc#1185674). - CVE-2020-36329: Fixed use-after-free in EmitFancyRGB() (bsc#1185652). - CVE-2018-25012: Fixed heap-based buffer overflow in GetLE24() (bsc#1185690). - CVE-2018-25013: Fixed heap-based buffer overflow in ShiftBytes() (bsc#1185654). - CVE-2020-36331: Fixed heap-based buffer overflow in ChunkAssignData() (bsc#1185686). - CVE-2018-25009: Fixed heap-based buffer overflow in GetLE16() (bsc#1185673). - CVE-2018-25011: Fixed fail on multiple image chunks (bsc#1186247). Family: unix Class: patch Status: Reference(s): 1023895 1032647 1052009 1052261 1060354 1060355 1060360 1060361 1060362 1060364 1064069 1064070 1064071 1064072 1064073 1064075 1064077 1064078 1064079 1064080 1064081 1064082 1064083 1064084 1064085 1064086 1107832 1110233 1111331 1125401 1126230 1127223 1127308 1128525 1128574 1129622 1130675 1136082 1138034 1154609 1154824 1156353 1156402 1157607 1161096 1162553 1169511 1171670 1171921 1171960 1171961 1171963 1172277 1172466 1178671 1185652 1185654 1185673 1185674 1185685 1185686 1185690 1185691 1186247 980486 CVE-2009-5155 CVE-2014-2892 CVE-2014-3566 CVE-2016-10165 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2017-12424 CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-14633 CVE-2018-17182 CVE-2018-20815 CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2019-10164 CVE-2019-11091 CVE-2019-18197 CVE-2019-2201 CVE-2019-8936 CVE-2019-9169 CVE-2019-9824 CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-10753 CVE-2020-12321 CVE-2020-2654 CVE-2020-2756 CVE-2020-2757 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 SUSE-SU-2017:2618-1 SUSE-SU-2017:2947-1 SUSE-SU-2017:2989-1 SUSE-SU-2019:0789-1 SUSE-SU-2019:1268-1 SUSE-SU-2019:1783-1 SUSE-SU-2019:2972-1 SUSE-SU-2020:1595-1 SUSE-SU-2020:1683-1 SUSE-SU-2020:1748-1 SUSE-SU-2020:3354-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libXext6-1.3.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information irssi-1.1.3-33 is installed OR irssi-devel-1.1.3-33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information qemu-2.6.2-41.52 is installed OR qemu-block-curl-2.6.2-41.52 is installed OR qemu-block-rbd-2.6.2-41.52 is installed OR qemu-block-ssh-2.6.2-41.52 is installed OR qemu-guest-agent-2.6.2-41.52 is installed OR qemu-ipxe-1.0.0-41.52 is installed OR qemu-kvm-2.6.2-41.52 is installed OR qemu-lang-2.6.2-41.52 is installed OR qemu-seabios-1.9.1-41.52 is installed OR qemu-sgabios-8-41.52 is installed OR qemu-tools-2.6.2-41.52 is installed OR qemu-vgabios-1.9.1-41.52 is installed OR qemu-x86-2.6.2-41.52 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND libmms0-0.6.2-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND autofs-5.0.9-28.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libwebp5-0.4.3-4.7.1 is installed OR libwebp5-32bit-0.4.3-4.7.1 is installed OR libwebpdemux1-0.4.3-4.7.1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.65-38.53 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.65-38.53 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ceph-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR ceph-common-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR libcephfs2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR librados2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR libradosstriper1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR librbd1-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR librgw2-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-cephfs-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-rados-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-rbd-12.2.13+git.1592168685.85110a3e9d-2.50 is installed OR python-rgw-12.2.13+git.1592168685.85110a3e9d-2.50 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information libfreebl3-3.53.1-58.48 is installed OR libfreebl3-32bit-3.53.1-58.48 is installed OR libfreebl3-hmac-3.53.1-58.48 is installed OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed OR libsoftokn3-3.53.1-58.48 is installed OR libsoftokn3-32bit-3.53.1-58.48 is installed OR libsoftokn3-hmac-3.53.1-58.48 is installed OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed OR mozilla-nspr-4.25-19.15 is installed OR mozilla-nspr-32bit-4.25-19.15 is installed OR mozilla-nspr-devel-4.25-19.15 is installed OR mozilla-nss-3.53.1-58.48 is installed OR mozilla-nss-32bit-3.53.1-58.48 is installed OR mozilla-nss-certs-3.53.1-58.48 is installed OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed OR mozilla-nss-devel-3.53.1-58.48 is installed OR mozilla-nss-sysinit-3.53.1-58.48 is installed OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed OR mozilla-nss-tools-3.53.1-58.48 is installed
BACK