Revision Date: | 2020-12-01 | Version: | 1 |
Title: | Security update for libexif (Moderate) |
Description: |
This update for libexif fixes the following issues:
Security issues fixed:
- CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file (bsc#1055857). - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c (bsc#1059893). - CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943). - CVE-2019-9278: Fixed an integer overflow (bsc#1160770). - CVE-2020-0093: Fixed an out-of-bounds read in exif_data_save_data_entry (bsc#1171847). - CVE-2020-12767: Fixed a divide-by-zero error in exif_entry_get_value (bsc#1171475). - CVE-2020-13112: Fixed a time consumption DoS when parsing canon array markers (bsc#1172121). - CVE-2020-13113: Fixed a potential use of uninitialized memory (bsc#1172105). - CVE-2020-13114: Fixed various buffer overread fixes due to integer overflows in maker notes (bsc#1172116).
Non-security issues fixed:
- libexif was updated to version 0.6.22: * New translations: ms * Updated translations for most languages * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1055857 1056421 1056562 1056621 1056622 1057511 1059893 1067720 1083624 1093697 1095472 1097775 1099805 1099808 1101644 1101645 1101651 1101656 1102379 1102400 1102410 1106812 1109673 1120943 1129271 1129272 1144902 1154212 1157763 1158442 1160770 1167231 1171475 1171847 1172105 1172116 1172121 1172265 1173027 1173576 1173613 1176262 1176410 1177143 CVE-2016-10507 CVE-2016-6328 CVE-2017-14039 CVE-2017-14040 CVE-2017-14041 CVE-2017-14164 CVE-2017-7544 CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9106 CVE-2017-9107 CVE-2017-9108 CVE-2017-9109 CVE-2018-1063 CVE-2018-10855 CVE-2018-10874 CVE-2018-10875 CVE-2018-1336 CVE-2018-17407 CVE-2018-20030 CVE-2018-2938 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3639 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-10218 CVE-2019-15961 CVE-2019-20916 CVE-2019-2933 CVE-2019-2945 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2019-5418 CVE-2019-5419 CVE-2019-9278 CVE-2020-0093 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 CVE-2020-25219 CVE-2020-26154 CVE-2020-8177 SUSE-SU-2017:2649-1 SUSE-SU-2018:0926-1 SUSE-SU-2018:4130-1 SUSE-SU-2019:0915-1 SUSE-SU-2019:2890-1 SUSE-SU-2019:3177-1 SUSE-SU-2020:0051-1 SUSE-SU-2020:1534-1 SUSE-SU-2020:1732-1 SUSE-SU-2020:1899-1 SUSE-SU-2020:2726-1 SUSE-SU-2020:2900-1
|
Platform(s): | openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9
| Product(s): | |
Definition Synopsis |
openSUSE Leap 15.0 is installed AND Package Information
libX11-1.6.5-lp150.2.3 is installed
OR libX11-6-1.6.5-lp150.2.3 is installed
OR libX11-6-32bit-1.6.5-lp150.2.3 is installed
OR libX11-data-1.6.5-lp150.2.3 is installed
OR libX11-devel-1.6.5-lp150.2.3 is installed
OR libX11-devel-32bit-1.6.5-lp150.2.3 is installed
OR libX11-xcb1-1.6.5-lp150.2.3 is installed
OR libX11-xcb1-32bit-1.6.5-lp150.2.3 is installed
|
Definition Synopsis |
openSUSE Leap 15.1 is installed
AND Package Information
bzip2-1.0.6-lp151.5.6 is installed
OR bzip2-doc-1.0.6-lp151.5.6 is installed
OR libbz2-1-1.0.6-lp151.5.6 is installed
OR libbz2-1-32bit-1.0.6-lp151.5.6 is installed
OR libbz2-devel-1.0.6-lp151.5.6 is installed
OR libbz2-devel-32bit-1.0.6-lp151.5.6 is installed
|
Definition Synopsis |
openSUSE Leap 15.2 is installed
AND Package Information
graphviz-2.40.1-lp152.7.4 is installed
OR graphviz-addons-2.40.1-lp152.7.4 is installed
OR graphviz-devel-2.40.1-lp152.7.4 is installed
OR graphviz-doc-2.40.1-lp152.7.4 is installed
OR graphviz-gd-2.40.1-lp152.7.4 is installed
OR graphviz-gnome-2.40.1-lp152.7.4 is installed
OR graphviz-guile-2.40.1-lp152.7.4 is installed
OR graphviz-gvedit-2.40.1-lp152.7.4 is installed
OR graphviz-java-2.40.1-lp152.7.4 is installed
OR graphviz-lua-2.40.1-lp152.7.4 is installed
OR graphviz-perl-2.40.1-lp152.7.4 is installed
OR graphviz-php-2.40.1-lp152.7.4 is installed
OR graphviz-plugins-core-2.40.1-lp152.7.4 is installed
OR graphviz-python-2.40.1-lp152.7.4 is installed
OR graphviz-ruby-2.40.1-lp152.7.4 is installed
OR graphviz-smyrna-2.40.1-lp152.7.4 is installed
OR graphviz-tcl-2.40.1-lp152.7.4 is installed
OR libgraphviz6-2.40.1-lp152.7.4 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3 is installed
AND Package Information
libopenjp2-7-2.1.0-4.6 is installed
OR openjpeg2-2.1.0-4.6 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-BCL is installed
AND clamav-0.100.3-33.29 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
adns-1.4-103.3 is installed
OR libadns1-1.4-103.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND Package Information
libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed
OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed
OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed
OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed
OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed
OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed
OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed
OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed
OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed
OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed
OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed
OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed
OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed
OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR samba-4.6.16+git.169.064abe062be-3.46 is installed
OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed
OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed
OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed
OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed
OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed
OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND Package Information
tomcat-8.0.53-29.13 is installed
OR tomcat-admin-webapps-8.0.53-29.13 is installed
OR tomcat-docs-webapp-8.0.53-29.13 is installed
OR tomcat-el-3_0-api-8.0.53-29.13 is installed
OR tomcat-javadoc-8.0.53-29.13 is installed
OR tomcat-jsp-2_3-api-8.0.53-29.13 is installed
OR tomcat-lib-8.0.53-29.13 is installed
OR tomcat-servlet-3_1-api-8.0.53-29.13 is installed
OR tomcat-webapps-8.0.53-29.13 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4 is installed
AND Package Information
apache2-2.4.23-29.24 is installed
OR apache2-doc-2.4.23-29.24 is installed
OR apache2-example-pages-2.4.23-29.24 is installed
OR apache2-prefork-2.4.23-29.24 is installed
OR apache2-utils-2.4.23-29.24 is installed
OR apache2-worker-2.4.23-29.24 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
AND Package Information
MozillaFirefox-78.0.1-112.3 is installed
OR MozillaFirefox-branding-SLE-78-35.3 is installed
OR MozillaFirefox-devel-78.0.1-112.3 is installed
OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 8 is installed
AND Package Information
libexif-0.6.22-8.9 is installed
OR libexif12-0.6.22-8.9 is installed
OR libexif12-32bit-0.6.22-8.9 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 9 is installed
AND Package Information
java-1_8_0-ibm-1.8.0_sr6.15-30.72 is installed
OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-30.72 is installed
OR java-1_8_0-ibm-devel-1.8.0_sr6.15-30.72 is installed
OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-30.72 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud Crowbar 8 is installed
AND ansible-2.4.6.0-3.3 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud Crowbar 9 is installed
AND python-Django1-1.11.20-3.3 is installed
|