Overview

File _patchinfo of Package patchinfo.16850

<patchinfo incident="16850">
  <issue tracker="cve" id="2020-12866"/>
  <issue tracker="cve" id="2020-12862"/>
  <issue tracker="cve" id="2017-6318"/>
  <issue tracker="cve" id="2020-12861"/>
  <issue tracker="cve" id="2020-12863"/>
  <issue tracker="cve" id="2020-12864"/>
  <issue tracker="cve" id="2020-12865"/>
  <issue tracker="cve" id="2020-12867"/>
  <issue tracker="bnc" id="1172524">VUL-0: CVE-2020-12861, CVE-2020-12862,CVE-2020-12863,CVE-2020-12864,CVE-2020-12865,CVE-2020-12866,CVE-2020-12867: sane-backends: memory corruption bugs</issue>
  <issue tracker="jsc" id="SLE-15560"/>
  <issue tracker="jsc" id="ECO-2418"/>
  <issue tracker="jsc" id="SLE-15561"/>
  <packager>jsmeix</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for sane-backends</summary>
  <description>This update for sane-backends fixes the following issues:

- sane-backends version upgrade to 1.0.31:
  * sane-backends version upgrade to 1.0.30
    fixes memory corruption bugs CVE-2020-12861, CVE-2020-12862,
    CVE-2020-12863, CVE-2020-12864, CVE-2020-12865,
    CVE-2020-12866, CVE-2020-12867 (bsc#1172524)
  * sane-backends version upgrade to 1.0.31
    to further improve hardware enablement for scanner devices
    (jsc#SLE-15561 and jsc#SLE-15560 with jsc#ECO-2418)
  * The new escl backend cannot be provided for SLE12 because
    it requires more additional software (avahi-client, libcurl,
    and libpoppler-glib-devel) where in particular for libcurl
    the one that is in SLE12 (via libcurl-devel-7.37.0) is likely
    too old because with that building the escl backend fails with
    "escl/escl.c:1267:34: error: 'CURLOPT_UNIX_SOCKET_PATH'
    undeclared curl_easy_setopt(handle, CURLOPT_UNIX_SOCKET_PATH"
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places