Oval Definition:	oval:org.opensuse.security:def:70790
Revision Date: 2021-07-22 Version: 1 Title: Security update for transfig (Moderate) Description: This update for transfig fixes the following issues: Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef() (bsc#1186329). - CVE-2019-19797: out-of-bounds write in read_colordef in read.c (bsc#1159293). - CVE-2019-19555: stack-based buffer overflow because of an incorrect sscanf (bsc#1161698). - CVE-2019-19746: segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130). - CVE-2019-14275: stack-based buffer overflow in the calc_arrow function in bound.c (bsc#1143650). Family: unix Class: patch Status: Reference(s): 1143650 1159130 1159293 1161698 1176262 1186329 CVE-2014-3514 CVE-2019-14275 CVE-2019-19555 CVE-2019-19746 CVE-2019-19797 CVE-2019-20916 CVE-2021-3561 SUSE-SU-2020:2784-1 SUSE-SU-2021:2454-1 Platform(s): SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Workstation Extension 15 SP2 Product(s): Definition Synopsis SUSE Linux Enterprise High Availability 15 SP1 is installed AND ruby2.5-rubygem-railties-5_1-5.1.4-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP2 is installed AND Package Information python-pip-10.0.1-3.3 is installed OR python2-pip-10.0.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND transfig-3.2.8a-4.12.2 is installed
BACK