{"affected":[{"ecosystem_specific":{"binaries":[{"sane-backends":"1.0.31-lp152.7.3.1","sane-backends-32bit":"1.0.31-lp152.7.3.1","sane-backends-autoconfig":"1.0.31-lp152.7.3.1","sane-backends-devel":"1.0.31-lp152.7.3.1","sane-backends-devel-32bit":"1.0.31-lp152.7.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"sane-backends","purl":"pkg:rpm/opensuse/sane-backends&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.31-lp152.7.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for sane-backends fixes the following issues:\n\nsane-backends was updated to 1.0.31 to further improve hardware enablement for scanner devices (jsc#ECO-2418 jsc#SLE-15561 jsc#SLE-15560)\nand also fix various security issues:\n\n- CVE-2020-12861,CVE-2020-12865: Fixed an out of bounds write (bsc#1172524)\n- CVE-2020-12862,CVE-2020-12863,CVE-2020-12864,: Fixed an out of bounds read (bsc#1172524)\n- CVE-2020-12866,CVE-2020-12867: Fixed a null pointer dereference (bsc#1172524)\n\nThe upstream changelogs can be found here:\n\n- https://gitlab.com/sane-project/backends/-/releases/1.0.28\n- https://gitlab.com/sane-project/backends/-/releases/1.0.29\n- https://gitlab.com/sane-project/backends/-/releases/1.0.30\n- https://gitlab.com/sane-project/backends/-/releases/1.0.31\n\nThis update was imported from the SUSE:SLE-15:Update update project.","id":"openSUSE-SU-2020:1798-1","modified":"2020-11-01T05:23:45Z","published":"2020-11-01T05:23:45Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/P7WMIMV37TSUISYMGUPUUTKOLGSMIONS/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1172524"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-12861"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-12862"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-12863"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-12864"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-12865"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-12866"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-12867"}],"related":["CVE-2020-12861","CVE-2020-12862","CVE-2020-12863","CVE-2020-12864","CVE-2020-12865","CVE-2020-12866","CVE-2020-12867"],"summary":"Security update for sane-backends","upstream":["CVE-2020-12861","CVE-2020-12862","CVE-2020-12863","CVE-2020-12864","CVE-2020-12865","CVE-2020-12866","CVE-2020-12867"]}