Oval Definition:	oval:org.opensuse.security:def:64027
Revision Date: 2020-12-01 Version: 1 Title: Security update for exiv2 (Moderate) Description: This update for exiv2 fixes the following issues: - CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory() which might have led to denial of service (bsc#1110282). - CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which might have led to denial of service (bsc#1142678). - CVE-2019-13113: Fixed a potential denial of service via an invalid data location in a CRW image (bsc#1142683). - CVE-2019-17402: Fixed an improper validation of the relationship of the total size to the offset and size in Exiv2::getULong (bsc#1153577). - CVE-2019-20421: Fixed an infinite loop triggered via an input file (bsc#1161901). - CVE-2017-9239: Fixed a segmentation fault in TiffImageEntry::doWriteImage function (bsc#1040973). Family: unix Class: patch Status: Reference(s): 1040973 1058115 1065729 1071995 1085030 1110282 1134157 1134853 1137443 1139210 1141689 1142678 1142683 1143463 1143777 1143817 1143818 1143819 1143820 1143821 1143823 1143824 1143825 1143827 1143828 1143830 1143831 1144656 1144675 1146065 1146068 1146111 1146115 1146123 1146211 1146212 1146213 1148868 1151781 1151782 1151783 1151784 1151785 1151786 1152472 1152489 1153274 1153577 1154353 1154492 1155518 1155798 1156395 1157169 1158050 1158242 1158265 1158748 1158763 1158765 1159781 1159856 1159858 1159860 1159867 1160250 1160251 1160947 1160968 1161495 1161901 1162002 1162063 1162198 1162400 1164648 1164777 1164780 1165211 1165975 1166985 1167104 1167209 1167651 1168230 1168779 1168838 1169021 1169194 1169514 1169681 1170011 1170442 1170774 1170879 1170891 1170895 1171189 1171191 1171219 1171220 1171246 1171417 1171513 1171530 1171662 1171688 1171699 1171739 1171743 1171759 1171828 1171868 1171904 1171915 1171982 1171983 1172017 1172046 1172061 1172062 1172063 1172064 1172065 1172066 1172067 1172068 1172069 1172073 1172086 1172095 1172169 1172170 1172208 1172223 1172342 1172343 1172344 1172365 1172366 1172374 1172391 1172393 1172394 1172453 1172458 1172467 1172484 1172537 1172719 1172739 1172751 1172759 1172775 1172781 1172782 1172783 1172814 1172823 1172841 1172938 1172939 1172940 1172956 1172983 1172984 1172985 1172986 1172987 1172988 1172989 1172990 1172999 1173060 1173068 1173085 1173139 1173206 1173271 1173280 1173428 1173438 1173461 1174633 1174635 1174638 CVE-2017-9239 CVE-2018-17581 CVE-2019-11059 CVE-2019-11690 CVE-2019-12735 CVE-2019-13103 CVE-2019-13104 CVE-2019-13106 CVE-2019-13110 CVE-2019-13113 CVE-2019-14192 CVE-2019-14193 CVE-2019-14194 CVE-2019-14195 CVE-2019-14196 CVE-2019-14197 CVE-2019-14198 CVE-2019-14199 CVE-2019-14200 CVE-2019-14201 CVE-2019-14202 CVE-2019-14203 CVE-2019-14204 CVE-2019-14809 CVE-2019-14980 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140 CVE-2019-15141 CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 CVE-2019-16708 CVE-2019-16709 CVE-2019-16710 CVE-2019-16711 CVE-2019-16712 CVE-2019-16713 CVE-2019-17402 CVE-2019-18900 CVE-2019-19462 CVE-2019-20421 CVE-2019-20810 CVE-2019-20812 CVE-2019-9512 CVE-2019-9514 CVE-2020-10648 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10773 CVE-2020-12656 CVE-2020-12769 CVE-2020-12888 CVE-2020-13143 CVE-2020-13974 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14416 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-8432 openSUSE-SU-2019:1561-1 openSUSE-SU-2019:2056-1 openSUSE-SU-2019:2515-1 openSUSE-SU-2020:0087-1 openSUSE-SU-2020:0147-1 openSUSE-SU-2020:0935-1 SUSE-SU-2020:0860-1 SUSE-SU-2020:3256-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information gvim-8.0.1568-lp151.5.3 is installed OR vim-8.0.1568-lp151.5.3 is installed OR vim-data-8.0.1568-lp151.5.3 is installed OR vim-data-common-8.0.1568-lp151.5.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information kernel-debug-5.3.18-lp152.26 is installed OR kernel-debug-devel-5.3.18-lp152.26 is installed OR kernel-default-5.3.18-lp152.26 is installed OR kernel-default-base-5.3.18-lp152.26.2.lp152.8.2 is installed OR kernel-default-base-rebuild-5.3.18-lp152.26.2.lp152.8.2 is installed OR kernel-default-devel-5.3.18-lp152.26 is installed OR kernel-devel-5.3.18-lp152.26 is installed OR kernel-docs-5.3.18-lp152.26 is installed OR kernel-docs-html-5.3.18-lp152.26 is installed OR kernel-kvmsmall-5.3.18-lp152.26 is installed OR kernel-kvmsmall-devel-5.3.18-lp152.26 is installed OR kernel-macros-5.3.18-lp152.26 is installed OR kernel-obs-build-5.3.18-lp152.26 is installed OR kernel-obs-qa-5.3.18-lp152.26 is installed OR kernel-preempt-5.3.18-lp152.26 is installed OR kernel-preempt-devel-5.3.18-lp152.26 is installed OR kernel-source-5.3.18-lp152.26 is installed OR kernel-source-vanilla-5.3.18-lp152.26 is installed OR kernel-syms-5.3.18-lp152.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information exiv2-0.23-12.8 is installed OR libexiv2-12-0.23-12.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libzypp-16.21.2-2.45 is installed OR libzypp-devel-16.21.2-2.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information u-boot-2018.03-4.3 is installed OR u-boot-rpi3-2018.03-4.3 is installed OR u-boot-tools-2018.03-4.3 is installed
BACK