OVAL Reference oval:org.opensuse.security:def:60697

Oval Definition:

oval:org.opensuse.security:def:60697

Revision Date:	2020-12-01	Version:	1
Title:	Security update for libexif (Moderate)
Description:	This update for libexif fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file (bsc#1055857). - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c (bsc#1059893). - CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943). - CVE-2019-9278: Fixed an integer overflow (bsc#1160770). - CVE-2020-0093: Fixed an out-of-bounds read in exif_data_save_data_entry (bsc#1171847). - CVE-2020-12767: Fixed a divide-by-zero error in exif_entry_get_value (bsc#1171475). - CVE-2020-13112: Fixed a time consumption DoS when parsing canon array markers (bsc#1172121). - CVE-2020-13113: Fixed a potential use of uninitialized memory (bsc#1172105). - CVE-2020-13114: Fixed various buffer overread fixes due to integer overflows in maker notes (bsc#1172116). Non-security issues fixed: - libexif was updated to version 0.6.22: * New translations: ms * Updated translations for most languages * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER
Family:	unix	Class:	patch
Status:		Reference(s):	1055857 1056421 1056562 1056621 1056622 1057511 1059893 1067720 1083624 1093697 1095472 1097775 1099805 1099808 1101644 1101645 1101651 1101656 1102379 1102400 1102410 1106812 1109673 1120943 1129271 1129272 1144902 1154212 1157763 1158442 1160770 1167231 1171475 1171847 1172105 1172116 1172121 1172265 1173027 1173576 1173613 1176262 1176410 1177143 CVE-2016-10507 CVE-2016-6328 CVE-2017-14039 CVE-2017-14040 CVE-2017-14041 CVE-2017-14164 CVE-2017-7544 CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9106 CVE-2017-9107 CVE-2017-9108 CVE-2017-9109 CVE-2018-1063 CVE-2018-10855 CVE-2018-10874 CVE-2018-10875 CVE-2018-1336 CVE-2018-17407 CVE-2018-20030 CVE-2018-2938 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3639 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 CVE-2019-10218 CVE-2019-15961 CVE-2019-20916 CVE-2019-2933 CVE-2019-2945 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2019-5418 CVE-2019-5419 CVE-2019-9278 CVE-2020-0093 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 CVE-2020-25219 CVE-2020-26154 CVE-2020-8177 SUSE-SU-2017:2649-1 SUSE-SU-2018:0926-1 SUSE-SU-2018:4130-1 SUSE-SU-2019:0915-1 SUSE-SU-2019:2890-1 SUSE-SU-2019:3177-1 SUSE-SU-2020:0051-1 SUSE-SU-2020:1534-1 SUSE-SU-2020:1732-1 SUSE-SU-2020:1899-1 SUSE-SU-2020:2726-1 SUSE-SU-2020:2900-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libX11-1.6.5-lp150.2.3 is installed OR libX11-6-1.6.5-lp150.2.3 is installed OR libX11-6-32bit-1.6.5-lp150.2.3 is installed OR libX11-data-1.6.5-lp150.2.3 is installed OR libX11-devel-1.6.5-lp150.2.3 is installed OR libX11-devel-32bit-1.6.5-lp150.2.3 is installed OR libX11-xcb1-1.6.5-lp150.2.3 is installed OR libX11-xcb1-32bit-1.6.5-lp150.2.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information bzip2-1.0.6-lp151.5.6 is installed OR bzip2-doc-1.0.6-lp151.5.6 is installed OR libbz2-1-1.0.6-lp151.5.6 is installed OR libbz2-1-32bit-1.0.6-lp151.5.6 is installed OR libbz2-devel-1.0.6-lp151.5.6 is installed OR libbz2-devel-32bit-1.0.6-lp151.5.6 is installed
Definition Synopsis
openSUSE Leap 15.2 is installed AND Package Information graphviz-2.40.1-lp152.7.4 is installed OR graphviz-addons-2.40.1-lp152.7.4 is installed OR graphviz-devel-2.40.1-lp152.7.4 is installed OR graphviz-doc-2.40.1-lp152.7.4 is installed OR graphviz-gd-2.40.1-lp152.7.4 is installed OR graphviz-gnome-2.40.1-lp152.7.4 is installed OR graphviz-guile-2.40.1-lp152.7.4 is installed OR graphviz-gvedit-2.40.1-lp152.7.4 is installed OR graphviz-java-2.40.1-lp152.7.4 is installed OR graphviz-lua-2.40.1-lp152.7.4 is installed OR graphviz-perl-2.40.1-lp152.7.4 is installed OR graphviz-php-2.40.1-lp152.7.4 is installed OR graphviz-plugins-core-2.40.1-lp152.7.4 is installed OR graphviz-python-2.40.1-lp152.7.4 is installed OR graphviz-ruby-2.40.1-lp152.7.4 is installed OR graphviz-smyrna-2.40.1-lp152.7.4 is installed OR graphviz-tcl-2.40.1-lp152.7.4 is installed OR libgraphviz6-2.40.1-lp152.7.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libopenjp2-7-2.1.0-4.6 is installed OR openjpeg2-2.1.0-4.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND clamav-0.100.3-33.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information adns-1.4-103.3 is installed OR libadns1-1.4-103.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information tomcat-8.0.53-29.13 is installed OR tomcat-admin-webapps-8.0.53-29.13 is installed OR tomcat-docs-webapp-8.0.53-29.13 is installed OR tomcat-el-3_0-api-8.0.53-29.13 is installed OR tomcat-javadoc-8.0.53-29.13 is installed OR tomcat-jsp-2_3-api-8.0.53-29.13 is installed OR tomcat-lib-8.0.53-29.13 is installed OR tomcat-servlet-3_1-api-8.0.53-29.13 is installed OR tomcat-webapps-8.0.53-29.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information MozillaFirefox-78.0.1-112.3 is installed OR MozillaFirefox-branding-SLE-78-35.3 is installed OR MozillaFirefox-devel-78.0.1-112.3 is installed OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libexif-0.6.22-8.9 is installed OR libexif12-0.6.22-8.9 is installed OR libexif12-32bit-0.6.22-8.9 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.15-30.72 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-30.72 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.15-30.72 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-30.72 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND ansible-2.4.6.0-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.3 is installed

BACK