SUSE 5153 Published by

The following updates has been released for openSUSE:

openSUSE-SU-2018:3369-1: moderate: Security update for pam_pkcs11
openSUSE-SU-2018:3370-1: moderate: Security update for tiff
openSUSE-SU-2018:3371-1: moderate: Security update for tiff
openSUSE-SU-2018:3372-1: moderate: Security update for udisks2
openSUSE-SU-2018:3373-1: moderate: Security update for rpm
openSUSE-SU-2018:3375-1: moderate: Security update for pam_pkcs11
openSUSE-SU-2018:3381-1: important: Security update for net-snmp
openSUSE-SU-2018:3384-1: moderate: Security update for apache-pdfbox
openSUSE-SU-2018:3396-1: important: Security update for Chromium



openSUSE-SU-2018:3369-1: moderate: Security update for pam_pkcs11

openSUSE Security Update: Security update for pam_pkcs11
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:3369-1
Rating: moderate
References: #1049219 #1105012
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for pam_pkcs11 provides the following fixes:

Security issues fixed (bsc#1105012):

- Fixed a logic bug in pampkcs11.c, leading to an authentication replay
vulnerability
- Fixed a stack-based buffer overflow in opensshmapper.c
- Make sure memory is properly cleaned before invoking free()

Other changes:

- Add a systemd service file. (bsc#1049219)

This update was imported from the SUSE:SLE-12:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1244=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

pam_pkcs11-0.6.8-13.3.1
pam_pkcs11-debuginfo-0.6.8-13.3.1
pam_pkcs11-debugsource-0.6.8-13.3.1

- openSUSE Leap 42.3 (x86_64):

pam_pkcs11-32bit-0.6.8-13.3.1
pam_pkcs11-debuginfo-32bit-0.6.8-13.3.1


References:

https://bugzilla.suse.com/1049219
https://bugzilla.suse.com/1105012

--


openSUSE-SU-2018:3370-1: moderate: Security update for tiff

openSUSE Security Update: Security update for tiff
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:3370-1
Rating: moderate
References: #1092480 #1106853 #1108627 #1108637 #1110358

Cross-References: CVE-2018-10779 CVE-2018-16335 CVE-2018-17100
CVE-2018-17101 CVE-2018-17795
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes 5 vulnerabilities is now available.

Description:

This update for tiff fixes the following issues:

Security issue fixed:

- CVE-2018-10779: TIFFWriteScanline in tif_write.c had a heap-based buffer
over-read, as demonstrated by bmp2tiff.(bsc#1092480)
- CVE-2018-17100: There is a int32 overflow in multiply_ms in
tools/ppm2tiff.c, which can cause a denial of service (crash) or
possibly have unspecified other impact via a crafted image file.
(bsc#1108637)
- CVE-2018-17101: There are two out-of-bounds writes in cpTags in
tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service
(application crash) or possibly have unspecified other impact via a
crafted image file. (bsc#1108627)
- CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote
attackers to cause a denial of service (heap-based buffer overflow and
application crash) or possibly have unspecified other impact via a
crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)
- CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in
tif_dirread.c allowed remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted TIFF file, as demonstrated by
tiff2pdf. This is a different vulnerability than CVE-2018-15209.
(bsc#1106853)


This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-1242=1



Package List:

- openSUSE Leap 15.0 (i586 x86_64):

libtiff-devel-4.0.9-lp150.4.6.1
libtiff5-4.0.9-lp150.4.6.1
libtiff5-debuginfo-4.0.9-lp150.4.6.1
tiff-4.0.9-lp150.4.6.1
tiff-debuginfo-4.0.9-lp150.4.6.1
tiff-debugsource-4.0.9-lp150.4.6.1

- openSUSE Leap 15.0 (x86_64):

libtiff-devel-32bit-4.0.9-lp150.4.6.1
libtiff5-32bit-4.0.9-lp150.4.6.1
libtiff5-32bit-debuginfo-4.0.9-lp150.4.6.1


References:

https://www.suse.com/security/cve/CVE-2018-10779.html
https://www.suse.com/security/cve/CVE-2018-16335.html
https://www.suse.com/security/cve/CVE-2018-17100.html
https://www.suse.com/security/cve/CVE-2018-17101.html
https://www.suse.com/security/cve/CVE-2018-17795.html
https://bugzilla.suse.com/1092480
https://bugzilla.suse.com/1106853
https://bugzilla.suse.com/1108627
https://bugzilla.suse.com/1108637
https://bugzilla.suse.com/1110358

--


openSUSE-SU-2018:3371-1: moderate: Security update for tiff

openSUSE Security Update: Security update for tiff
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:3371-1
Rating: moderate
References: #1106853 #1108627 #1108637 #1110358
Cross-References: CVE-2017-11613 CVE-2017-9935 CVE-2018-16335
CVE-2018-17100 CVE-2018-17101 CVE-2018-17795

Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes 6 vulnerabilities is now available.

Description:

This update for tiff fixes the following issues:

- CVE-2018-17100: There is a int32 overflow in multiply_ms in
tools/ppm2tiff.c, which can cause a denial of service (crash) or
possibly have unspecified other impact via a crafted image file.
(bsc#1108637)
- CVE-2018-17101: There are two out-of-bounds writes in cpTags in
tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service
(application crash) or possibly have unspecified other impact via a
crafted image file. (bsc#1108627)
- CVE-2018-17795: The function t2p_write_pdf in tiff2pdf.c allowed remote
attackers to cause a denial of service (heap-based buffer overflow and
application crash) or possibly have unspecified other impact via a
crafted TIFF file, a similar issue to CVE-2017-9935. (bsc#1110358)
- CVE-2018-16335: newoffsets handling in ChopUpSingleUncompressedStrip in
tif_dirread.c allowed remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted TIFF file, as demonstrated by
tiff2pdf. This is a different vulnerability than CVE-2018-15209.
(bsc#1106853)

This update was imported from the SUSE:SLE-12:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1249=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

libtiff-devel-4.0.9-37.1
libtiff5-4.0.9-37.1
libtiff5-debuginfo-4.0.9-37.1
tiff-4.0.9-37.1
tiff-debuginfo-4.0.9-37.1
tiff-debugsource-4.0.9-37.1

- openSUSE Leap 42.3 (x86_64):

libtiff-devel-32bit-4.0.9-37.1
libtiff5-32bit-4.0.9-37.1
libtiff5-debuginfo-32bit-4.0.9-37.1


References:

https://www.suse.com/security/cve/CVE-2017-11613.html
https://www.suse.com/security/cve/CVE-2017-9935.html
https://www.suse.com/security/cve/CVE-2018-16335.html
https://www.suse.com/security/cve/CVE-2018-17100.html
https://www.suse.com/security/cve/CVE-2018-17101.html
https://www.suse.com/security/cve/CVE-2018-17795.html
https://bugzilla.suse.com/1106853
https://bugzilla.suse.com/1108627
https://bugzilla.suse.com/1108637
https://bugzilla.suse.com/1110358

--


openSUSE-SU-2018:3372-1: moderate: Security update for udisks2

openSUSE Security Update: Security update for udisks2
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:3372-1
Rating: moderate
References: #1091274 #1109406
Cross-References: CVE-2018-17336
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:

This update for udisks2 fixes the following issues:

Following security issues was fixed:

- CVE-2018-17336: A format string vulnerability in udisks_log (bsc#1109406)

Following non-security issues were fixed:

- strip trailing newline from sysfs raid level information (bsc#1091274)
- Fix watcher error for non-redundant raid devices. (bsc#1091274)

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-1247=1



Package List:

- openSUSE Leap 15.0 (i586 x86_64):

libudisks2-0-2.6.5-lp150.2.3.1
libudisks2-0-debuginfo-2.6.5-lp150.2.3.1
typelib-1_0-UDisks-2_0-2.6.5-lp150.2.3.1
udisks2-2.6.5-lp150.2.3.1
udisks2-debuginfo-2.6.5-lp150.2.3.1
udisks2-debugsource-2.6.5-lp150.2.3.1
udisks2-devel-2.6.5-lp150.2.3.1

- openSUSE Leap 15.0 (noarch):

udisks2-lang-2.6.5-lp150.2.3.1


References:

https://www.suse.com/security/cve/CVE-2018-17336.html
https://bugzilla.suse.com/1091274
https://bugzilla.suse.com/1109406

--


openSUSE-SU-2018:3373-1: moderate: Security update for rpm

openSUSE Security Update: Security update for rpm
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:3373-1
Rating: moderate
References: #1077692 #943457
Cross-References: CVE-2017-7500 CVE-2017-7501
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for rpm fixes the following issues:

These security issues were fixed:

- CVE-2017-7500: rpm did not properly handle RPM installations when a
destination path was a symbolic link to a directory, possibly changing
ownership and permissions of an arbitrary directory, and RPM files being
placed in an arbitrary destination (bsc#943457).
- CVE-2017-7501: rpm used temporary files with predictable names when
installing an RPM. An attacker with ability to write in a directory
where files will be installed could create symbolic links to an
arbitrary location and modify content, and possibly permissions to
arbitrary files, which could be used for denial of service or possibly
privilege escalation (bsc#943457)

This non-security issue was fixed:

- Use ksym-provides tool [bsc#1077692]

This update was imported from the SUSE:SLE-12:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1246=1



Package List:

- openSUSE Leap 42.3 (i586 x86_64):

python3-rpm-4.11.2-14.10.1
python3-rpm-debuginfo-4.11.2-14.10.1
python3-rpm-debugsource-4.11.2-14.10.1
rpm-4.11.2-14.10.1
rpm-build-4.11.2-14.10.1
rpm-build-debuginfo-4.11.2-14.10.1
rpm-debuginfo-4.11.2-14.10.1
rpm-debugsource-4.11.2-14.10.1
rpm-devel-4.11.2-14.10.1
rpm-python-4.11.2-14.10.1
rpm-python-debuginfo-4.11.2-14.10.1
rpm-python-debugsource-4.11.2-14.10.1

- openSUSE Leap 42.3 (x86_64):

rpm-32bit-4.11.2-14.10.1
rpm-debuginfo-32bit-4.11.2-14.10.1


References:

https://www.suse.com/security/cve/CVE-2017-7500.html
https://www.suse.com/security/cve/CVE-2017-7501.html
https://bugzilla.suse.com/1077692
https://bugzilla.suse.com/943457

--


openSUSE-SU-2018:3375-1: moderate: Security update for pam_pkcs11

openSUSE Security Update: Security update for pam_pkcs11
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:3375-1
Rating: moderate
References: #1105012
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for pam_pkcs11 fixes the following security issues:

- It was possible to replay an authentication by using a specially
prepared smartcard or token (bsc#1105012)
- Prevent buffer overflow if a user has a home directory with a length of
more than 512 bytes (bsc#1105012)
- Memory not cleaned properly before free() (bsc#1105012)

This non-security issue was fixed:

- Fix segfault and fetch problems when checking CRLs

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-1250=1



Package List:

- openSUSE Leap 15.0 (i586 x86_64):

pam_pkcs11-0.6.9-lp150.2.3.1
pam_pkcs11-debuginfo-0.6.9-lp150.2.3.1
pam_pkcs11-debugsource-0.6.9-lp150.2.3.1
pam_pkcs11-devel-doc-0.6.9-lp150.2.3.1

- openSUSE Leap 15.0 (x86_64):

pam_pkcs11-32bit-0.6.9-lp150.2.3.1
pam_pkcs11-32bit-debuginfo-0.6.9-lp150.2.3.1


References:

https://bugzilla.suse.com/1105012

--


openSUSE-SU-2018:3381-1: important: Security update for net-snmp

openSUSE Security Update: Security update for net-snmp
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:3381-1
Rating: important
References: #1027353 #1081164 #1102775 #1111122
Cross-References: CVE-2018-18065
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that solves one vulnerability and has three fixes
is now available.

Description:

This update for net-snmp fixes the following issues:

Security issues fixed:

- CVE-2018-18065: _set_key in agent/helpers/table_container.c had a NULL
Pointer Exception bug that can be used by an authenticated attacker to
remotely cause the instance to crash via a crafted UDP packet, resulting
in Denial of Service. (bsc#1111122)

Non-security issues fixed:

- swintst_rpm: Protect against unspecified Group name (bsc#1102775)
- Add tsm and tlstm MIBs and the USM security module. (bsc#1081164)
- Fix agentx freezing on timeout (bsc#1027353)

This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-1243=1



Package List:

- openSUSE Leap 15.0 (i586 x86_64):

libsnmp30-5.7.3-lp150.6.3.1
libsnmp30-debuginfo-5.7.3-lp150.6.3.1
net-snmp-5.7.3-lp150.6.3.1
net-snmp-debuginfo-5.7.3-lp150.6.3.1
net-snmp-debugsource-5.7.3-lp150.6.3.1
net-snmp-devel-5.7.3-lp150.6.3.1
perl-SNMP-5.7.3-lp150.6.3.1
perl-SNMP-debuginfo-5.7.3-lp150.6.3.1
python2-net-snmp-5.7.3-lp150.6.3.1
python2-net-snmp-debuginfo-5.7.3-lp150.6.3.1
python3-net-snmp-5.7.3-lp150.6.3.1
python3-net-snmp-debuginfo-5.7.3-lp150.6.3.1
snmp-mibs-5.7.3-lp150.6.3.1

- openSUSE Leap 15.0 (x86_64):

libsnmp30-32bit-5.7.3-lp150.6.3.1
libsnmp30-32bit-debuginfo-5.7.3-lp150.6.3.1
net-snmp-devel-32bit-5.7.3-lp150.6.3.1


References:

https://www.suse.com/security/cve/CVE-2018-18065.html
https://bugzilla.suse.com/1027353
https://bugzilla.suse.com/1081164
https://bugzilla.suse.com/1102775
https://bugzilla.suse.com/1111122

--


openSUSE-SU-2018:3384-1: moderate: Security update for apache-pdfbox

openSUSE Security Update: Security update for apache-pdfbox
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:3384-1
Rating: moderate
References: #1099721 #1111009
Cross-References: CVE-2018-11797 CVE-2018-8036
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for apache-pdfbox fixes the following security issue:

- CVE-2018-8036: A crafted file could have triggered an infinite loop
which lead to DoS (bsc#1099721).
- CVE-2018-11797: A carefully crafted PDF file can trigger an extremely
long running computation when parsing the page tree. (bsc#1111009):

This update was imported from the SUSE:SLE-12-SP3:Update update project.


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1245=1



Package List:

- openSUSE Leap 42.3 (noarch):

apache-pdfbox-1.8.12-4.3.1
apache-pdfbox-javadoc-1.8.12-4.3.1


References:

https://www.suse.com/security/cve/CVE-2018-11797.html
https://www.suse.com/security/cve/CVE-2018-8036.html
https://bugzilla.suse.com/1099721
https://bugzilla.suse.com/1111009

--


openSUSE-SU-2018:3396-1: important: Security update for Chromium

openSUSE Security Update: Security update for Chromium
______________________________________________________________________________

Announcement ID: openSUSE-SU-2018:3396-1
Rating: important
References: #1112111
Cross-References: CVE-2018-17462 CVE-2018-17463 CVE-2018-17464
CVE-2018-17465 CVE-2018-17466 CVE-2018-17467
CVE-2018-17468 CVE-2018-17469 CVE-2018-17470
CVE-2018-17471 CVE-2018-17472 CVE-2018-17473
CVE-2018-17474 CVE-2018-17475 CVE-2018-17476
CVE-2018-17477 CVE-2018-5179
Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that fixes 17 vulnerabilities is now available.

Description:

This update for Chromium to version 70.0.3538.67 fixes multiple issues.

Security issues fixed (bsc#1112111):

- CVE-2018-17462: Sandbox escape in AppCache
- CVE-2018-17463: Remote code execution in V8
- Heap buffer overflow in Little CMS in PDFium
- CVE-2018-17464: URL spoof in Omnibox
- CVE-2018-17465: Use after free in V8
- CVE-2018-17466: Memory corruption in Angle
- CVE-2018-17467: URL spoof in Omnibox
- CVE-2018-17468: Cross-origin URL disclosure in Blink
- CVE-2018-17469: Heap buffer overflow in PDFium
- CVE-2018-17470: Memory corruption in GPU Internals
- CVE-2018-17471: Security UI occlusion in full screen mode
- CVE-2018-17473: URL spoof in Omnibox
- CVE-2018-17474: Use after free in Blink
- CVE-2018-17475: URL spoof in Omnibox
- CVE-2018-17476: Security UI occlusion in full screen mode
- CVE-2018-5179: Lack of limits on update() in ServiceWorker
- CVE-2018-17477: UI spoof in Extensions

VAAPI hardware accelerated rendering is now enabled by default.

This update contains the following packaging changes:

- Use the system libusb-1.0 library
- Use bundled harfbuzz library
- Disable gnome-keyring to avoid crashes


Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-1253=1



Package List:

- openSUSE Leap 42.3 (x86_64):

chromedriver-70.0.3538.67-179.1
chromedriver-debuginfo-70.0.3538.67-179.1
chromium-70.0.3538.67-179.1
chromium-debuginfo-70.0.3538.67-179.1
chromium-debugsource-70.0.3538.67-179.1


References:

https://www.suse.com/security/cve/CVE-2018-17462.html
https://www.suse.com/security/cve/CVE-2018-17463.html
https://www.suse.com/security/cve/CVE-2018-17464.html
https://www.suse.com/security/cve/CVE-2018-17465.html
https://www.suse.com/security/cve/CVE-2018-17466.html
https://www.suse.com/security/cve/CVE-2018-17467.html
https://www.suse.com/security/cve/CVE-2018-17468.html
https://www.suse.com/security/cve/CVE-2018-17469.html
https://www.suse.com/security/cve/CVE-2018-17470.html
https://www.suse.com/security/cve/CVE-2018-17471.html
https://www.suse.com/security/cve/CVE-2018-17472.html
https://www.suse.com/security/cve/CVE-2018-17473.html
https://www.suse.com/security/cve/CVE-2018-17474.html
https://www.suse.com/security/cve/CVE-2018-17475.html
https://www.suse.com/security/cve/CVE-2018-17476.html
https://www.suse.com/security/cve/CVE-2018-17477.html
https://www.suse.com/security/cve/CVE-2018-5179.html
https://bugzilla.suse.com/1112111

--