Oval Definition:oval:org.opensuse.security:def:6165
Revision Date:2022-02-18Version:1
Title:Security update for tiff (Important)
Description:

This update for tiff fixes the following issues:

- CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb (bsc#1071031). - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image (bsc#1154365). - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS via the invertImage() function (bsc#1190312). - CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808). - CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809). - CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811). - CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812). - CVE-2022-22844: Fixed out-of-bounds read in _TIFFmemcpy in tif_unix.c (bsc#1194539).
Family:unixClass:patch
Status:Reference(s):1071031
1154365
1182808
1182809
1182811
1182812
1188881
1188917
1189369
1189370
1190312
1194539
CVE-2004-2771
CVE-2009-4492
CVE-2010-0541
CVE-2011-1004
CVE-2011-1005
CVE-2011-1526
CVE-2011-2054
CVE-2011-4182
CVE-2011-4815
CVE-2011-4862
CVE-2012-1152
CVE-2012-1616
CVE-2012-2738
CVE-2012-6706
CVE-2013-4314
CVE-2013-6393
CVE-2013-6473
CVE-2013-6474
CVE-2013-6475
CVE-2013-6476
CVE-2014-2525
CVE-2014-2707
CVE-2014-4336
CVE-2014-4337
CVE-2014-4338
CVE-2014-7844
CVE-2014-9130
CVE-2014-9474
CVE-2015-2265
CVE-2015-3258
CVE-2015-3279
CVE-2015-5276
CVE-2015-7995
CVE-2015-8327
CVE-2015-8560
CVE-2015-9019
CVE-2016-4738
CVE-2017-16611
CVE-2017-17095
CVE-2017-2885
CVE-2017-5029
CVE-2018-12910
CVE-2019-17546
CVE-2020-19131
CVE-2020-35521
CVE-2020-35522
CVE-2020-35523
CVE-2020-35524
CVE-2021-22930
CVE-2021-22931
CVE-2021-22939
CVE-2021-3672
CVE-2022-22844
SUSE-SU-2022:0496-1
Platform(s):openSUSE 13.1
openSUSE 13.1 NonFree
openSUSE 13.2
openSUSE 13.2 NonFree
openSUSE Leap 42.1
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Build System Kit 12 SP1
SUSE Linux Enterprise Build System Kit 12 SP2
SUSE Linux Enterprise Build System Kit 12 SP3
SUSE Linux Enterprise Build System Kit 12 SP4
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise for SAP 12
SUSE Linux Enterprise for SAP 12 SP1
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Live Patching 12 SP3
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Workstation Extension 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND kernel-zfcpdump-3.12.39-47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP1 is installed
  • AND Package Information
  • ghostscript-mini-9.15-17 is installed
  • OR ghostscript-mini-devel-9.15-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP2 is installed
  • AND Package Information
  • libudev-mini-devel-228-150.7 is installed
  • OR libudev-mini1-228-150.7 is installed
  • OR systemd-mini-228-150.7 is installed
  • OR systemd-mini-devel-228-150.7 is installed
  • OR udev-mini-228-150.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP3 is installed
  • AND Package Information
  • krb5-mini-1.12.5-40.16 is installed
  • OR krb5-mini-devel-1.12.5-40.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP4 is installed
  • AND Package Information
  • libreoffice-6.0.5.2-43.38 is installed
  • OR libreoffice-sdk-6.0.5.2-43.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • ImageMagick-6.4.3.6-7.26.1 is installed
  • OR libMagick++1-6.4.3.6-7.26.1 is installed
  • OR libMagickCore1-6.4.3.6-7.26.1 is installed
  • OR libMagickCore1-32bit-6.4.3.6-7.26.1 is installed
  • OR libMagickWand1-6.4.3.6-7.26.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • bash-3.2-147.22.1 is installed
  • OR bash-doc-3.2-147.22.1 is installed
  • OR libreadline5-5.2-147.22.1 is installed
  • OR libreadline5-32bit-5.2-147.22.1 is installed
  • OR readline-doc-5.2-147.22.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • tigervnc-1.3.0-22 is installed
  • OR xorg-x11-Xvnc-1.3.0-22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND mailx-12.5-25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND python-pyOpenSSL-16.0.0-2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND argyllcms-1.6.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_61-52_66-default-5-3 is installed
  • OR kgraft-patch-3_12_61-52_66-xen-5-3 is installed
  • OR kgraft-patch-SLE12_Update_19-5-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 SP1 is installed
  • AND Package Information
  • MozillaFirefox-52.2.0esr-108.3 is installed
  • OR MozillaFirefox-branding-SLE-52-31.1 is installed
  • OR MozillaFirefox-devel-52.2.0esr-108.3 is installed
  • OR MozillaFirefox-translations-52.2.0esr-108.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND conntrack-tools-1.4.2-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND ctdb-4.6.16+git.124.aee309c5c18-3.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND autofs-5.1.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_51-60_25-default-6-2 is installed
  • OR kgraft-patch-3_12_51-60_25-xen-6-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_2-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP3 is installed
  • AND Package Information
  • kgraft-patch-4_4_103-6_33-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_6-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND python-setuptools-1.1.7-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • cups154-1.5.4-5 is installed
  • OR cups154-client-1.5.4-5 is installed
  • OR cups154-filters-1.5.4-5 is installed
  • OR cups154-libs-1.5.4-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND python-PyYAML-3.10-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php7-7.0.7-15 is installed
  • OR php7-7.0.7-15 is installed
  • OR php7-bcmath-7.0.7-15 is installed
  • OR php7-bz2-7.0.7-15 is installed
  • OR php7-calendar-7.0.7-15 is installed
  • OR php7-ctype-7.0.7-15 is installed
  • OR php7-curl-7.0.7-15 is installed
  • OR php7-dba-7.0.7-15 is installed
  • OR php7-dom-7.0.7-15 is installed
  • OR php7-enchant-7.0.7-15 is installed
  • OR php7-exif-7.0.7-15 is installed
  • OR php7-fastcgi-7.0.7-15 is installed
  • OR php7-fileinfo-7.0.7-15 is installed
  • OR php7-fpm-7.0.7-15 is installed
  • OR php7-ftp-7.0.7-15 is installed
  • OR php7-gd-7.0.7-15 is installed
  • OR php7-gettext-7.0.7-15 is installed
  • OR php7-gmp-7.0.7-15 is installed
  • OR php7-iconv-7.0.7-15 is installed
  • OR php7-imap-7.0.7-15 is installed
  • OR php7-intl-7.0.7-15 is installed
  • OR php7-json-7.0.7-15 is installed
  • OR php7-ldap-7.0.7-15 is installed
  • OR php7-mbstring-7.0.7-15 is installed
  • OR php7-mcrypt-7.0.7-15 is installed
  • OR php7-mysql-7.0.7-15 is installed
  • OR php7-odbc-7.0.7-15 is installed
  • OR php7-opcache-7.0.7-15 is installed
  • OR php7-openssl-7.0.7-15 is installed
  • OR php7-pcntl-7.0.7-15 is installed
  • OR php7-pdo-7.0.7-15 is installed
  • OR php7-pear-7.0.7-15 is installed
  • OR php7-pear-Archive_Tar-7.0.7-15 is installed
  • OR php7-pgsql-7.0.7-15 is installed
  • OR php7-phar-7.0.7-15 is installed
  • OR php7-posix-7.0.7-15 is installed
  • OR php7-pspell-7.0.7-15 is installed
  • OR php7-shmop-7.0.7-15 is installed
  • OR php7-snmp-7.0.7-15 is installed
  • OR php7-soap-7.0.7-15 is installed
  • OR php7-sockets-7.0.7-15 is installed
  • OR php7-sqlite-7.0.7-15 is installed
  • OR php7-sysvmsg-7.0.7-15 is installed
  • OR php7-sysvsem-7.0.7-15 is installed
  • OR php7-sysvshm-7.0.7-15 is installed
  • OR php7-tokenizer-7.0.7-15 is installed
  • OR php7-wddx-7.0.7-15 is installed
  • OR php7-xmlreader-7.0.7-15 is installed
  • OR php7-xmlrpc-7.0.7-15 is installed
  • OR php7-xmlwriter-7.0.7-15 is installed
  • OR php7-xsl-7.0.7-15 is installed
  • OR php7-zip-7.0.7-15 is installed
  • OR php7-zlib-7.0.7-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND Package Information
  • bind-9.5.0P2-20.7.1 is installed
  • OR bind-chrootenv-9.5.0P2-20.7.1 is installed
  • OR bind-doc-9.5.0P2-20.7.1 is installed
  • OR bind-libs-9.5.0P2-20.7.1 is installed
  • OR bind-libs-32bit-9.5.0P2-20.7.1 is installed
  • OR bind-libs-x86-9.5.0P2-20.7.1 is installed
  • OR bind-utils-9.5.0P2-20.7.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND Package Information
  • apache2-2.2.12-1.28.1 is installed
  • OR apache2-doc-2.2.12-1.28.1 is installed
  • OR apache2-example-pages-2.2.12-1.28.1 is installed
  • OR apache2-prefork-2.2.12-1.28.1 is installed
  • OR apache2-utils-2.2.12-1.28.1 is installed
  • OR apache2-worker-2.2.12-1.28.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND
  • e2fsprogs-1.41.9-2.10.11.1 is installed
  • OR libblkid1-2.19.1-6.62.7 is installed
  • OR libblkid1-32bit-2.19.1-6.62.7 is installed
  • OR libblkid1-x86-2.19.1-6.62.7 is installed
  • OR libcom_err2-1.41.9-2.10.11.1 is installed
  • OR libcom_err2-32bit-1.41.9-2.10.11.1 is installed
  • OR libcom_err2-x86-1.41.9-2.10.11.1 is installed
  • OR libext2fs2-1.41.9-2.10.11.1 is installed
  • OR libuuid1-2.19.1-6.62.7 is installed
  • OR libuuid1-32bit-2.19.1-6.62.7 is installed
  • OR libuuid1-x86-2.19.1-6.62.7 is installed
  • OR uuid-runtime-2.19.1-6.62.7 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND
  • e2fsprogs-1.41.9-2.10.11.1 is installed
  • OR libblkid1-2.19.1-6.62.7 is installed
  • OR libblkid1-32bit-2.19.1-6.62.7 is installed
  • OR libblkid1-x86-2.19.1-6.62.7 is installed
  • OR libcom_err2-1.41.9-2.10.11.1 is installed
  • OR libcom_err2-32bit-1.41.9-2.10.11.1 is installed
  • OR libcom_err2-x86-1.41.9-2.10.11.1 is installed
  • OR libext2fs2-1.41.9-2.10.11.1 is installed
  • OR libuuid1-2.19.1-6.62.7 is installed
  • OR libuuid1-32bit-2.19.1-6.62.7 is installed
  • OR libuuid1-x86-2.19.1-6.62.7 is installed
  • OR uuid-runtime-2.19.1-6.62.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND kbd-1.14.1-16.31.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND enscript-1.6.4-152.22.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11-SECURITY is installed
  • AND Package Information
  • curl-openssl1-7.19.7-1.61.1 is installed
  • OR libcurl4-openssl1-7.19.7-1.61.1 is installed
  • OR libcurl4-openssl1-32bit-7.19.7-1.61.1 is installed
  • OR libcurl4-openssl1-x86-7.19.7-1.61.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND kbd-1.15.5-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libdcerpc-binding0-4.2.4-4 is installed
  • OR libdcerpc-binding0-32bit-4.2.4-4 is installed
  • OR libdcerpc0-4.2.4-4 is installed
  • OR libdcerpc0-32bit-4.2.4-4 is installed
  • OR libgensec0-4.2.4-4 is installed
  • OR libgensec0-32bit-4.2.4-4 is installed
  • OR libndr-krb5pac0-4.2.4-4 is installed
  • OR libndr-krb5pac0-32bit-4.2.4-4 is installed
  • OR libndr-nbt0-4.2.4-4 is installed
  • OR libndr-nbt0-32bit-4.2.4-4 is installed
  • OR libndr-standard0-4.2.4-4 is installed
  • OR libndr-standard0-32bit-4.2.4-4 is installed
  • OR libndr0-4.2.4-4 is installed
  • OR libndr0-32bit-4.2.4-4 is installed
  • OR libnetapi0-4.2.4-4 is installed
  • OR libnetapi0-32bit-4.2.4-4 is installed
  • OR libregistry0-4.2.4-4 is installed
  • OR libsamba-credentials0-4.2.4-4 is installed
  • OR libsamba-credentials0-32bit-4.2.4-4 is installed
  • OR libsamba-hostconfig0-4.2.4-4 is installed
  • OR libsamba-hostconfig0-32bit-4.2.4-4 is installed
  • OR libsamba-passdb0-4.2.4-4 is installed
  • OR libsamba-passdb0-32bit-4.2.4-4 is installed
  • OR libsamba-util0-4.2.4-4 is installed
  • OR libsamba-util0-32bit-4.2.4-4 is installed
  • OR libsamdb0-4.2.4-4 is installed
  • OR libsamdb0-32bit-4.2.4-4 is installed
  • OR libsmbclient-raw0-4.2.4-4 is installed
  • OR libsmbclient-raw0-32bit-4.2.4-4 is installed
  • OR libsmbclient0-4.2.4-4 is installed
  • OR libsmbclient0-32bit-4.2.4-4 is installed
  • OR libsmbconf0-4.2.4-4 is installed
  • OR libsmbconf0-32bit-4.2.4-4 is installed
  • OR libsmbldap0-4.2.4-4 is installed
  • OR libsmbldap0-32bit-4.2.4-4 is installed
  • OR libtevent-util0-4.2.4-4 is installed
  • OR libtevent-util0-32bit-4.2.4-4 is installed
  • OR libwbclient0-4.2.4-4 is installed
  • OR libwbclient0-32bit-4.2.4-4 is installed
  • OR samba-4.2.4-4 is installed
  • OR samba-32bit-4.2.4-4 is installed
  • OR samba-client-4.2.4-4 is installed
  • OR samba-client-32bit-4.2.4-4 is installed
  • OR samba-doc-4.2.4-4 is installed
  • OR samba-libs-4.2.4-4 is installed
  • OR samba-libs-32bit-4.2.4-4 is installed
  • OR samba-winbind-4.2.4-4 is installed
  • OR samba-winbind-32bit-4.2.4-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND clamav-0.99.2-25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • libtiff5-4.0.9-44.45.1 is installed
  • OR libtiff5-32bit-4.0.9-44.45.1 is installed
  • OR tiff-4.0.9-44.45.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND
  • libtiff5-4.0.9-44.45.1 is installed
  • OR libtiff5-32bit-4.0.9-44.45.1 is installed
  • OR tiff-4.0.9-44.45.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • libsoup-2_4-1-2.54.1-4 is installed
  • OR libsoup-lang-2.54.1-4 is installed
  • OR typelib-1_0-Soup-2_4-2.54.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND Package Information
  • openssh-7.2p2-74.42 is installed
  • OR openssh-askpass-gnome-7.2p2-74.42 is installed
  • OR openssh-fips-7.2p2-74.42 is installed
  • OR openssh-helpers-7.2p2-74.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP2 is installed
  • AND apache2-mod_security2-2.7.1-0.2.14.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-31.8.0esr-0.13.2 is installed
  • OR MozillaFirefox-devel-31.8.0esr-0.13.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • libapr-util1-1.3.4-12.22.23.1 is installed
  • OR libapr-util1-devel-1.3.4-12.22.23.1 is installed
  • OR libapr-util1-devel-32bit-1.3.4-12.22.23.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND alsa-devel-1.0.27.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND MozillaFirefox-devel-38.4.0esr-51 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND apache2-devel-2.4.23-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND Package Information
  • bsh2-2.0.0.b5-3 is installed
  • OR bsh2-classgen-2.0.0.b5-3 is installed
  • OR bsh2-javadoc-2.0.0.b5-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP4 is installed
  • AND libwmf-0_2-7-0.2.8.4-242 is installed
    • BACK