Oval Definition:oval:org.opensuse.security:def:88697
Revision Date:2019-06-21Version:1
Title:Security update for netpbm (Moderate)
Description:

This update for netpbm fixes the following issues:

Security issues fixed:

- CVE-2018-8975: The pm_mallocarray2 function allowed remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file (bsc#1086777). - CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack() (bsc#1024288). - CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster() function (bsc#1024291).

- create netpbm-vulnerable subpackage and move pstopnm there (bsc#1136936)

Family:unixClass:patch
Status:Reference(s):1024288
1024291
1086777
1136936
CVE-2017-2579
CVE-2017-2580
CVE-2018-8975
SUSE-SU-2019:1645-1
Platform(s):SUSE Linux Enterprise Server 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libnetpbm11-10.66.3-8.7.2 is installed
  • OR libnetpbm11-32bit-10.66.3-8.7.2 is installed
  • OR netpbm-10.66.3-8.7.2 is installed
  • BACK