Oval Definition:	oval:org.opensuse.security:def:60363
Revision Date: 2021-09-16 Version: 1 Title: Security update for transfig (Moderate) Description: This update for transfig fixes the following issues: Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef() (bsc#1186329). - CVE-2020-21683: Fixed buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c (bsc#1189325). - CVE-2020-21682: Fixed buffer overflow in the set_fill component in genge.c (bsc#1189346). - CVE-2020-21681: Fixed buffer overflow in the set_color component in genge.c (bsc#1189345). - CVE-2020-21680: Fixed stack-based buffer overflow in the put_arrow() component in genpict2e.c (bsc#1189343). - CVE-2019-19797: out-of-bounds write in read_colordef in read.c (bsc#1159293). - CVE-2019-19555: stack-based buffer overflow because of an incorrect sscanf (bsc#1161698). - CVE-2019-19746: segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130). Family: unix Class: patch Status: Reference(s): 1029638 1029639 1029706 1029707 1029751 1084521 1084524 1084532 1108752 1108756 1108757 1108761 1108762 1114592 1120629 1120630 1120631 1127155 1131823 1135254 1136882 1137977 1138034 1141897 1142649 1142654 1145604 1148517 1149145 1151021 1159130 1159293 1159646 1160968 1161698 1162202 1162675 1165787 1186329 1189325 1189343 1189345 1189346 CVE-2011-1098 CVE-2011-1154 CVE-2011-1155 CVE-2011-2709 CVE-2011-3389 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2013-1752 CVE-2013-2063 CVE-2013-4238 CVE-2014-2667 CVE-2014-4650 CVE-2014-9130 CVE-2016-0772 CVE-2016-1000110 CVE-2016-5636 CVE-2016-5699 CVE-2016-7951 CVE-2016-7952 CVE-2017-18379 CVE-2017-6435 CVE-2017-6436 CVE-2017-6437 CVE-2017-6438 CVE-2017-6439 CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 CVE-2018-16741 CVE-2018-16742 CVE-2018-16743 CVE-2018-16744 CVE-2018-16745 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2019-10164 CVE-2019-14250 CVE-2019-14835 CVE-2019-15847 CVE-2019-17571 CVE-2019-18634 CVE-2019-19555 CVE-2019-19746 CVE-2019-19797 CVE-2020-10188 CVE-2020-21680 CVE-2020-21681 CVE-2020-21682 CVE-2020-21683 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2021-3561 SUSE-SU-2017:2201-1 SUSE-SU-2018:0769-1 SUSE-SU-2018:2979-1 SUSE-SU-2019:1783-1 SUSE-SU-2019:2600-1 SUSE-SU-2020:0054-1 SUSE-SU-2020:0394-1 SUSE-SU-2020:0406-1 SUSE-SU-2020:0628-1 SUSE-SU-2020:1533-1 SUSE-SU-2020:2660-1 SUSE-SU-2021:3124-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libcryptopp-5.6.5-lp151.3.3 is installed OR libcryptopp-devel-5.6.5-lp151.3.3 is installed OR libcryptopp5_6_5-5.6.5-lp151.3.3 is installed OR libcryptopp5_6_5-32bit-5.6.5-lp151.3.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-75.0.3770.80-lp151.2.6 is installed OR chromium-75.0.3770.80-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXtst6-1.2.2-7 is installed OR libXtst6-32bit-1.2.2-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libsolv-0.6.36-2.30 is installed OR libsolv-devel-0.6.36-2.30 is installed OR libsolv-tools-0.6.36-2.30 is installed OR perl-solv-0.6.36-2.30 is installed OR python-solv-0.6.36-2.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information xen-4.9.4_08-3.66 is installed OR xen-doc-html-4.9.4_08-3.66 is installed OR xen-libs-4.9.4_08-3.66 is installed OR xen-libs-32bit-4.9.4_08-3.66 is installed OR xen-tools-4.9.4_08-3.66 is installed OR xen-tools-domU-4.9.4_08-3.66 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_61-default-8-2 is installed OR kgraft-patch-SLE12-SP3_Update_19-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information liblouis-2.6.4-6.6 is installed OR liblouis-data-2.6.4-6.6 is installed OR liblouis9-2.6.4-6.6 is installed OR python-louis-2.6.4-6.6 is installed OR python3-louis-2.6.4-6.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.8 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information dovecot22-2.2.31-19.22 is installed OR dovecot22-backend-mysql-2.2.31-19.22 is installed OR dovecot22-backend-pgsql-2.2.31-19.22 is installed OR dovecot22-backend-sqlite-2.2.31-19.22 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND transfig-3.2.8a-2.17.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND transfig-3.2.8a-2.17.1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed
BACK