{"affected":[{"ecosystem_specific":{"binaries":[{"libwmf-0_2-7":"0.2.8.4-242.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12","name":"libwmf","purl":"pkg:rpm/suse/libwmf&distro=SUSE%20Linux%20Enterprise%20Desktop%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.2.8.4-242.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwmf-0_2-7":"0.2.8.4-242.3","libwmf-devel":"0.2.8.4-242.3","libwmf-gnome":"0.2.8.4-242.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12","name":"libwmf","purl":"pkg:rpm/suse/libwmf&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.2.8.4-242.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwmf-0_2-7":"0.2.8.4-242.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 12","name":"libwmf","purl":"pkg:rpm/suse/libwmf&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.2.8.4-242.3"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"libwmf was updated to fix five security issues.\n\nThese security issues were fixed:\n- CVE-2009-1364: Fixed realloc return value usage (bsc#495842, bnc#831299)\n- CVE-2015-0848: Heap overflow on libwmf0.2-7 (bsc#933109)\n- CVE-2015-4588: DecodeImage() did not check that the run-length 'count' fits into the total size of the image, which could lead to a heap-based buffer overflow (bsc#933109)\n- CVE-2015-4695: meta_pen_create heap buffer over read (bsc#936058)\n- CVE-2015-4696: Use after free (bsc#936062)\n","id":"SUSE-SU-2015:1484-1","modified":"2015-07-31T15:10:23Z","published":"2015-07-31T15:10:23Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20151484-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/495842"},{"type":"REPORT","url":"https://bugzilla.suse.com/831299"},{"type":"REPORT","url":"https://bugzilla.suse.com/933109"},{"type":"REPORT","url":"https://bugzilla.suse.com/936058"},{"type":"REPORT","url":"https://bugzilla.suse.com/936062"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2009-1364"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0848"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4588"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4695"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4696"}],"related":["CVE-2009-1364","CVE-2015-0848","CVE-2015-4588","CVE-2015-4695","CVE-2015-4696"],"summary":"Security update for libwmf","upstream":["CVE-2009-1364","CVE-2015-0848","CVE-2015-4588","CVE-2015-4695","CVE-2015-4696"]}