Oval Definition:oval:org.opensuse.security:def:63943
Revision Date:2020-12-01Version:1
Title:Security update for libexif (Moderate)
Description:

This update for libexif fixes the following issues:

Security issues fixed:

- CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file (bsc#1055857). - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c (bsc#1059893). - CVE-2018-20030: Fixed a denial of service by endless recursion (bsc#1120943). - CVE-2019-9278: Fixed an integer overflow (bsc#1160770). - CVE-2020-0093: Fixed an out-of-bounds read in exif_data_save_data_entry (bsc#1171847). - CVE-2020-12767: Fixed a divide-by-zero error in exif_entry_get_value (bsc#1171475). - CVE-2020-13112: Fixed a time consumption DoS when parsing canon array markers (bsc#1172121). - CVE-2020-13113: Fixed a potential use of uninitialized memory (bsc#1172105). - CVE-2020-13114: Fixed various buffer overread fixes due to integer overflows in maker notes (bsc#1172116).

Non-security issues fixed:

- libexif was updated to version 0.6.22: * New translations: ms * Updated translations for most languages * Some useful EXIF 2.3 tag added: * EXIF_TAG_GAMMA * EXIF_TAG_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE * EXIF_TAG_GPS_H_POSITIONING_ERROR * EXIF_TAG_CAMERA_OWNER_NAME * EXIF_TAG_BODY_SERIAL_NUMBER * EXIF_TAG_LENS_SPECIFICATION * EXIF_TAG_LENS_MAKE * EXIF_TAG_LENS_MODEL * EXIF_TAG_LENS_SERIAL_NUMBER
Family:unixClass:patch
Status:Reference(s):1055857
1059893
1120943
1129059
1133313
1134218
1137332
1138287
1141322
1144065
1158527
1159819
1160770
1160888
1167976
1171186
1171475
1171847
1172105
1172116
1172121
1173948
1173986
1174189
1174420
1174538
1176631
1176756
CVE-2016-6328
CVE-2017-7544
CVE-2018-20030
CVE-2019-10214
CVE-2019-11745
CVE-2019-14907
CVE-2019-17006
CVE-2019-5787
CVE-2019-5788
CVE-2019-5789
CVE-2019-5790
CVE-2019-5791
CVE-2019-5792
CVE-2019-5793
CVE-2019-5794
CVE-2019-5795
CVE-2019-5796
CVE-2019-5797
CVE-2019-5798
CVE-2019-5799
CVE-2019-5800
CVE-2019-5801
CVE-2019-5802
CVE-2019-5803
CVE-2019-5804
CVE-2019-5805
CVE-2019-5806
CVE-2019-5807
CVE-2019-5808
CVE-2019-5809
CVE-2019-5810
CVE-2019-5811
CVE-2019-5812
CVE-2019-5813
CVE-2019-5814
CVE-2019-5815
CVE-2019-5816
CVE-2019-5817
CVE-2019-5818
CVE-2019-5819
CVE-2019-5820
CVE-2019-5821
CVE-2019-5822
CVE-2019-5823
CVE-2019-5824
CVE-2019-5827
CVE-2019-5828
CVE-2019-5829
CVE-2019-5830
CVE-2019-5831
CVE-2019-5832
CVE-2019-5833
CVE-2019-5834
CVE-2019-5835
CVE-2019-5836
CVE-2019-5837
CVE-2019-5838
CVE-2019-5839
CVE-2019-5840
CVE-2019-5842
CVE-2019-9278
CVE-2020-0093
CVE-2020-12387
CVE-2020-12392
CVE-2020-12393
CVE-2020-12395
CVE-2020-12397
CVE-2020-12767
CVE-2020-13112
CVE-2020-13113
CVE-2020-13114
CVE-2020-15652
CVE-2020-15653
CVE-2020-15654
CVE-2020-15655
CVE-2020-15656
CVE-2020-15657
CVE-2020-15658
CVE-2020-15659
CVE-2020-15673
CVE-2020-15676
CVE-2020-15677
CVE-2020-15678
CVE-2020-6463
CVE-2020-6510
CVE-2020-6511
CVE-2020-6512
CVE-2020-6513
CVE-2020-6514
CVE-2020-6515
CVE-2020-6516
CVE-2020-6517
CVE-2020-6518
CVE-2020-6519
CVE-2020-6520
CVE-2020-6521
CVE-2020-6522
CVE-2020-6523
CVE-2020-6524
CVE-2020-6525
CVE-2020-6526
CVE-2020-6527
CVE-2020-6528
CVE-2020-6529
CVE-2020-6530
CVE-2020-6531
CVE-2020-6533
CVE-2020-6534
CVE-2020-6535
CVE-2020-6536
CVE-2020-6831
openSUSE-SU-2019:1666-1
openSUSE-SU-2019:2137-1
openSUSE-SU-2020:0643-1
openSUSE-SU-2020:1021-1
openSUSE-SU-2020:1574-1
SUSE-SU-2020:0088-1
SUSE-SU-2020:0233-1
SUSE-SU-2020:1534-1
SUSE-SU-2020:2100-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chromedriver-75.0.3770.90-2 is installed
  • OR chromium-75.0.3770.90-2 is installed
  • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • MozillaFirefox-78.3.0-lp152.2.21 is installed
  • OR MozillaFirefox-branding-upstream-78.3.0-lp152.2.21 is installed
  • OR MozillaFirefox-buildsymbols-78.3.0-lp152.2.21 is installed
  • OR MozillaFirefox-devel-78.3.0-lp152.2.21 is installed
  • OR MozillaFirefox-translations-common-78.3.0-lp152.2.21 is installed
  • OR MozillaFirefox-translations-other-78.3.0-lp152.2.21 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libexif-0.6.22-8.9 is installed
  • OR libexif12-0.6.22-8.9 is installed
  • OR libexif12-32bit-0.6.22-8.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND bcm43xx-firmware-20180314-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • MozillaFirefox-78.1.0-112.8 is installed
  • OR MozillaFirefox-devel-78.1.0-112.8 is installed
  • OR MozillaFirefox-translations-common-78.1.0-112.8 is installed
  • BACK