caca-utils-0.99.beta19.git20171003-8.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10927 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z caca-utils-0.99.beta19.git20171003-8.3 on GA media These are all security issues fixed in the caca-utils-0.99.beta19.git20171003-8.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10927 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10927 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2018-20544/ SUSE CVE CVE-2018-20544 page https://www.suse.com/security/cve/CVE-2018-20545/ SUSE CVE CVE-2018-20545 page https://www.suse.com/security/cve/CVE-2018-20546/ SUSE CVE CVE-2018-20546 page https://www.suse.com/security/cve/CVE-2018-20549/ SUSE CVE CVE-2018-20549 page https://www.suse.com/security/cve/CVE-2021-30498/ SUSE CVE CVE-2021-30498 page https://www.suse.com/security/cve/CVE-2021-3410/ SUSE CVE CVE-2021-3410 page openSUSE Tumbleweed caca-utils-0.99.beta19.git20171003-8.3 libcaca-devel-0.99.beta19.git20171003-8.3 libcaca-ruby-0.99.beta19.git20171003-8.3 libcaca0-0.99.beta19.git20171003-8.3 libcaca0-32bit-0.99.beta19.git20171003-8.3 libcaca0-plugins-0.99.beta19.git20171003-8.3 libcaca0-plugins-32bit-0.99.beta19.git20171003-8.3 python3-caca-0.99.beta19.git20171003-8.3 caca-utils-0.99.beta19.git20171003-8.3 as a component of openSUSE Tumbleweed libcaca-devel-0.99.beta19.git20171003-8.3 as a component of openSUSE Tumbleweed libcaca-ruby-0.99.beta19.git20171003-8.3 as a component of openSUSE Tumbleweed libcaca0-0.99.beta19.git20171003-8.3 as a component of openSUSE Tumbleweed libcaca0-32bit-0.99.beta19.git20171003-8.3 as a component of openSUSE Tumbleweed libcaca0-plugins-0.99.beta19.git20171003-8.3 as a component of openSUSE Tumbleweed libcaca0-plugins-32bit-0.99.beta19.git20171003-8.3 as a component of openSUSE Tumbleweed python3-caca-0.99.beta19.git20171003-8.3 as a component of openSUSE Tumbleweed There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19. CVE-2018-20544 openSUSE Tumbleweed:caca-utils-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-devel-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-ruby-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:python3-caca-0.99.beta19.git20171003-8.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-20544.html CVE-2018-20544 https://bugzilla.suse.com/1120502 SUSE Bug 1120502 There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. CVE-2018-20545 openSUSE Tumbleweed:caca-utils-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-devel-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-ruby-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:python3-caca-0.99.beta19.git20171003-8.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-20545.html CVE-2018-20545 https://bugzilla.suse.com/1120470 SUSE Bug 1120470 https://bugzilla.suse.com/1120584 SUSE Bug 1120584 https://bugzilla.suse.com/1120589 SUSE Bug 1120589 There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. CVE-2018-20546 openSUSE Tumbleweed:caca-utils-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-devel-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-ruby-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:python3-caca-0.99.beta19.git20171003-8.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-20546.html CVE-2018-20546 https://bugzilla.suse.com/1120503 SUSE Bug 1120503 https://bugzilla.suse.com/1120504 SUSE Bug 1120504 There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. CVE-2018-20549 openSUSE Tumbleweed:caca-utils-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-devel-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-ruby-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:python3-caca-0.99.beta19.git20171003-8.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-20549.html CVE-2018-20549 https://bugzilla.suse.com/1120470 SUSE Bug 1120470 https://bugzilla.suse.com/1120584 SUSE Bug 1120584 https://bugzilla.suse.com/1120589 SUSE Bug 1120589 A flaw was found in libcaca. A heap buffer overflow in export.c in function export_tga might lead to memory corruption and other potential consequences. CVE-2021-30498 openSUSE Tumbleweed:caca-utils-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-devel-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-ruby-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:python3-caca-0.99.beta19.git20171003-8.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30498.html CVE-2021-30498 https://bugzilla.suse.com/1184752 SUSE Bug 1184752 https://bugzilla.suse.com/1200020 SUSE Bug 1200020 A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context. CVE-2021-3410 openSUSE Tumbleweed:caca-utils-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-devel-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca-ruby-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:libcaca0-plugins-32bit-0.99.beta19.git20171003-8.3 openSUSE Tumbleweed:python3-caca-0.99.beta19.git20171003-8.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-3410.html CVE-2021-3410 https://bugzilla.suse.com/1182731 SUSE Bug 1182731