OVAL Reference oval:org.opensuse.security:def:941

Oval Definition:

oval:org.opensuse.security:def:941

Revision Date:	2022-02-17	Version:	1
Title:	Security update for tiff (Important)
Description:	This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb (bsc#1071031). - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image (bsc#1154365). - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS via the invertImage() function (bsc#1190312). - CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808). - CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809). - CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811). - CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812). - CVE-2022-22844: Fixed out-of-bounds read in _TIFFmemcpy in tif_unix.c (bsc#1194539).
Family:	unix	Class:	patch
Status:		Reference(s):	1071031 1154365 1182808 1182809 1182811 1182812 1190312 1194539 CVE-2011-3172 CVE-2011-3172 CVE-2016-9962 CVE-2017-17095 CVE-2018-16873 CVE-2018-16874 CVE-2018-16875 CVE-2019-16884 CVE-2019-17546 CVE-2019-18905 CVE-2019-19921 CVE-2019-5736 CVE-2020-19131 CVE-2020-35521 CVE-2020-35522 CVE-2020-35523 CVE-2020-35524 CVE-2022-22844 SUSE-SU-2022:0480-1
Platform(s):	openSUSE 13.2 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Storage 7.1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 15 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 SUSE Package Hub for SUSE Linux Enterprise 15	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information cron-4.2-55 is installed OR cronie-1.4.11-55 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-32bit-1.7.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libasan2-5.3.1+r233831-12 is installed OR libasan2-32bit-5.3.1+r233831-12 is installed OR libffi4-5.3.1+r233831-12 is installed OR libffi4-32bit-5.3.1+r233831-12 is installed OR libmpx0-5.3.1+r233831-12 is installed OR libmpx0-32bit-5.3.1+r233831-12 is installed OR libmpxwrappers0-5.3.1+r233831-12 is installed OR libmpxwrappers0-32bit-5.3.1+r233831-12 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP3 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND Package Information libtiff-devel-4.0.9-45.5.1 is installed OR libtiff5-4.0.9-45.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND Package Information autoyast2-4.3.77-1.1 is installed OR autoyast2-installation-4.3.77-1.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information ruby2.5-rubygem-sprockets-3.7.2-3.3 is installed OR rubygem-sprockets-3.7.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information libxmlsec1-gcrypt1-1.2.26-3.3 is installed OR libxmlsec1-gnutls1-1.2.26-3.3 is installed OR libxmlsec1-openssl1-1.2.26-3.3 is installed OR xmlsec1-1.2.26-3.3 is installed OR xmlsec1-gnutls-devel-1.2.26-3.3 is installed OR xmlsec1-openssl-devel-1.2.26-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 SP2 is installed AND Package Information docker-runc-1.0.0rc8+gitr3917_3e425f80a8c9-6.35 is installed OR runc-1.0.0~rc10-1.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-3.3 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-3.3 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-3.3 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information pam-modules-12.1-3 is installed OR pam-modules-32bit-12.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND kernel-livepatch-tools-1.1-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information ctdb-pcp-pmda-4.7.11+git.186.d75219614c3-4.30 is installed OR ctdb-tests-4.7.11+git.186.d75219614c3-4.30 is installed OR samba-4.7.11+git.186.d75219614c3-4.30 is installed OR samba-doc-4.7.11+git.186.d75219614c3-4.30 is installed OR samba-python-4.7.11+git.186.d75219614c3-4.30 is installed OR samba-test-4.7.11+git.186.d75219614c3-4.30 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.8 is installed OR kernel-azure-base-4.12.14-5.8 is installed OR kernel-azure-devel-4.12.14-5.8 is installed OR kernel-devel-azure-4.12.14-5.8 is installed OR kernel-source-azure-4.12.14-5.8 is installed OR kernel-syms-azure-4.12.14-5.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information qemu-2.11.2-9.4 is installed OR qemu-arm-2.11.2-9.4 is installed OR qemu-block-curl-2.11.2-9.4 is installed OR qemu-block-iscsi-2.11.2-9.4 is installed OR qemu-block-rbd-2.11.2-9.4 is installed OR qemu-block-ssh-2.11.2-9.4 is installed OR qemu-guest-agent-2.11.2-9.4 is installed OR qemu-ipxe-1.0.0-9.4 is installed OR qemu-kvm-2.11.2-9.4 is installed OR qemu-lang-2.11.2-9.4 is installed OR qemu-ppc-2.11.2-9.4 is installed OR qemu-s390-2.11.2-9.4 is installed OR qemu-seabios-1.11.0-9.4 is installed OR qemu-sgabios-8-9.4 is installed OR qemu-vgabios-1.11.0-9.4 is installed OR qemu-x86-2.11.2-9.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information libmysqlclient18-10.0.11-6.4 is installed OR libmysqlclient18-32bit-10.0.11-6.4 is installed OR mariadb-10.0.11-6.4 is installed OR mariadb-client-10.0.11-6.4 is installed OR mariadb-errormessages-10.0.11-6.4 is installed OR mariadb-tools-10.0.11-6.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libhogweed2-2.7.1-9.1 is installed OR libhogweed2-32bit-2.7.1-9.1 is installed OR libnettle4-2.7.1-9.1 is installed OR libnettle4-32bit-2.7.1-9.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.13 is installed OR kernel-default-extra-4.12.14-25.13 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 15 is installed AND Package Information okular-17.12.3-bp150.3.3 is installed OR okular-devel-17.12.3-bp150.3.3 is installed OR okular-lang-17.12.3-bp150.3.3 is installed

BACK