Oval Definition:	oval:org.opensuse.security:def:59517
Revision Date: 2021-08-05 Version: 1 Title: Security update for libsndfile (Critical) Description: This update for libsndfile fixes the following issues: - CVE-2018-13139: Fixed a stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (bsc#1100167) - CVE-2018-19432: Fixed a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. (bsc#1116993) - CVE-2021-3246: Fixed a heap buffer overflow vulnerability in msadpcm_decode_block. (bsc#1188540) - CVE-2018-19758: Fixed a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. (bsc#1117954) Family: unix Class: patch Status: Reference(s): 1043983 1048072 1055265 1056286 1056782 1058754 1058755 1058757 1062452 1065386 1069607 1069632 1073002 1078782 1082007 1082008 1082009 1082010 1082011 1082014 1082058 1087433 1087434 1087436 1087437 1087440 1087441 1091070 1095218 1095219 1097356 1100167 1112530 1112532 1116993 1117954 1123371 1123377 1123378 1125401 1128525 1130611 1130617 1130620 1130622 1130623 1130627 1139083 1151021 1152990 1152992 1152994 1152995 1154212 1158442 1168630 1171517 1172275 1173160 1174120 1174662 1188540 CVE-2010-0624 CVE-2010-2074 CVE-2012-4425 CVE-2012-4929 CVE-2014-9112 CVE-2015-9096 CVE-2016-2037 CVE-2016-2339 CVE-2016-7798 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436 CVE-2016-9437 CVE-2016-9438 CVE-2016-9439 CVE-2016-9440 CVE-2016-9441 CVE-2016-9442 CVE-2016-9443 CVE-2016-9621 CVE-2016-9622 CVE-2016-9623 CVE-2016-9624 CVE-2016-9625 CVE-2016-9626 CVE-2016-9627 CVE-2016-9628 CVE-2016-9629 CVE-2016-9630 CVE-2016-9631 CVE-2016-9632 CVE-2016-9633 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-16612 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2017-9228 CVE-2017-9229 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-10392 CVE-2018-11233 CVE-2018-11235 CVE-2018-13139 CVE-2018-16395 CVE-2018-16396 CVE-2018-16890 CVE-2018-19432 CVE-2018-19758 CVE-2018-5848 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2019-12900 CVE-2019-14835 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-17631 CVE-2019-2933 CVE-2019-2945 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2996 CVE-2019-2999 CVE-2019-3822 CVE-2019-3823 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2019-8936 CVE-2020-10663 CVE-2020-10745 CVE-2020-6819 CVE-2020-6820 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 CVE-2021-3246 SUSE-SU-2017:3214-1 SUSE-SU-2018:1565-1 SUSE-SU-2018:1566-1 SUSE-SU-2019:0249-1 SUSE-SU-2019:0789-1 SUSE-SU-2019:2013-1 SUSE-SU-2020:0024-1 SUSE-SU-2020:0928-1 SUSE-SU-2020:1570-1 SUSE-SU-2020:2232-1 SUSE-SU-2020:2312-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libgadu3-1.12.2-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information rmt-server-2.3.1-lp151.2.3 is installed OR rmt-server-config-2.3.1-lp151.2.3 is installed OR rmt-server-pubcloud-2.3.1-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-12-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cpio-2.11-35 is installed OR cpio-lang-2.11-35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libshibsp-lite6-2.5.5-6.6 is installed OR libshibsp6-2.5.5-6.6 is installed OR shibboleth-sp-2.5.5-6.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information ceph-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR ceph-common-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librados2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librbd1-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR librgw2-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rados-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rbd-12.2.12+git.1587570958.35d78d0243-2.45 is installed OR python-rgw-12.2.12+git.1587570958.35d78d0243-2.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libcgroup-0.41.rc1-10.9 is installed OR libcgroup-tools-0.41.rc1-10.9 is installed OR libcgroup1-0.41.rc1-10.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libsndfile1-1.0.25-36.23.1 is installed OR libsndfile1-32bit-1.0.25-36.23.1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.4-2.59 is installed OR libwebkit2gtk-4_0-37-2.28.4-2.59 is installed OR libwebkit2gtk3-lang-2.28.4-2.59 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59 is installed OR typelib-1_0-WebKit2-4_0-2.28.4-2.59 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.28.4-2.59 is installed OR webkit2gtk-4_0-injected-bundles-2.28.4-2.59 is installed OR webkit2gtk3-2.28.4-2.59 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.0-30.60 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.0-30.60 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.0-30.60 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information openstack-manila-7.3.1~dev15-4.18 is installed OR openstack-manila-api-7.3.1~dev15-4.18 is installed OR openstack-manila-data-7.3.1~dev15-4.18 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.18 is installed OR openstack-manila-share-7.3.1~dev15-4.18 is installed OR python-manila-7.3.1~dev15-4.18 is installed
BACK