Overview

File _patchinfo of Package patchinfo.16778

<patchinfo incident="16778">
  <issue tracker="cve" id="2020-12866"/>
  <issue tracker="cve" id="2020-12863"/>
  <issue tracker="cve" id="2020-12862"/>
  <issue tracker="cve" id="2020-12867"/>
  <issue tracker="cve" id="2020-12861"/>
  <issue tracker="cve" id="2020-12864"/>
  <issue tracker="cve" id="2020-12865"/>
  <issue tracker="bnc" id="1172524">VUL-0: CVE-2020-12861, CVE-2020-12862,CVE-2020-12863,CVE-2020-12864,CVE-2020-12865,CVE-2020-12866,CVE-2020-12867: sane-backends: memory corruption bugs</issue>
  <issue tracker="jsc" id="ECO-2418"/>
  <issue tracker="jsc" id="PM-2118"/>
  <issue tracker="jsc" id="SLE-15561"/>
  <issue tracker="jsc" id="SLE-15560"/>
  <packager>jsmeix</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for sane-backends</summary>
  <description>This update for sane-backends fixes the following issues:

sane-backends was updated to 1.0.31 to further improve hardware enablement for scanner devices (jsc#ECO-2418 jsc#SLE-15561 jsc#SLE-15560)
and also fix various security issues:

- CVE-2020-12861,CVE-2020-12865: Fixed an out of bounds write (bsc#1172524)
- CVE-2020-12862,CVE-2020-12863,CVE-2020-12864,: Fixed an out of bounds read (bsc#1172524)
- CVE-2020-12866,CVE-2020-12867: Fixed a null pointer dereference (bsc#1172524)

The upstream changelogs can be found here:

- https://gitlab.com/sane-project/backends/-/releases/1.0.28
- https://gitlab.com/sane-project/backends/-/releases/1.0.29
- https://gitlab.com/sane-project/backends/-/releases/1.0.30
- https://gitlab.com/sane-project/backends/-/releases/1.0.31
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places