Revision Date: | 2021-06-04 | Version: | 1 |
Title: | Security update for libwebp (Critical) |
Description: |
This update for libwebp fixes the following issues:
- CVE-2018-25010: Fixed heap-based buffer overflow in ApplyFilter() (bsc#1185685). - CVE-2020-36330: Fixed heap-based buffer overflow in ChunkVerifyAndAssign() (bsc#1185691). - CVE-2020-36332: Fixed extreme memory allocation when reading a file (bsc#1185674). - CVE-2020-36329: Fixed use-after-free in EmitFancyRGB() (bsc#1185652). - CVE-2018-25012: Fixed heap-based buffer overflow in GetLE24() (bsc#1185690). - CVE-2020-36328: Fixed heap-based buffer overflow in WebPDecode*Into functions (bsc#1185688). - CVE-2018-25013: Fixed heap-based buffer overflow in ShiftBytes() (bsc#1185654). - CVE-2020-36331: Fixed heap-based buffer overflow in ChunkAssignData() (bsc#1185686). - CVE-2018-25009: Fixed heap-based buffer overflow in GetLE16() (bsc#1185673). - CVE-2018-25011: Fixed fail on multiple image chunks (bsc#1186247).
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1173274 1185652 1185654 1185673 1185674 1185685 1185686 1185688 1185690 1185691 1186247 CVE-2014-4671 CVE-2014-7818 CVE-2014-7829 CVE-2016-2098 CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013 CVE-2019-5418 CVE-2019-5419 CVE-2020-14422 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 SUSE-SU-2020:1920-1 SUSE-SU-2021:1860-1
|
Platform(s): | SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Workstation Extension 15 SP2
| Product(s): | |
Definition Synopsis |
SUSE Linux Enterprise High Availability 15 SP1 is installed AND ruby2.5-rubygem-actionpack-5_1-5.1.4-3.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Python2 packages 15 SP2 is installed
AND python-ipaddress-1.0.18-3.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
AND libwebp6-0.5.0-3.5.1 is installed
|