Hello community, here is the log from the commit of package patchinfo.14787 for openSUSE:Leap:15.2:Update checked in at 2020-11-01 06:23:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.14787 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.14787.new.3463 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.14787" Sun Nov 1 06:23:44 2020 rev:1 rq:844688 version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="14787"> <issue tracker="cve" id="2020-12866"/> <issue tracker="cve" id="2020-12863"/> <issue tracker="cve" id="2020-12862"/> <issue tracker="cve" id="2020-12867"/> <issue tracker="cve" id="2020-12861"/> <issue tracker="cve" id="2020-12864"/> <issue tracker="cve" id="2020-12865"/> <issue tracker="bnc" id="1172524">VUL-0: CVE-2020-12861, CVE-2020-12862,CVE-2020-12863,CVE-2020-12864,CVE-2020-12865,CVE-2020-12866,CVE-2020-12867: sane-backends: memory corruption bugs</issue> <packager>jsmeix</packager> <rating>important</rating> <category>security</category> <summary>Security update for sane-backends</summary> <description>This update for sane-backends fixes the following issues: sane-backends was updated to 1.0.31 to further improve hardware enablement for scanner devices (jsc#ECO-2418 jsc#SLE-15561 jsc#SLE-15560) and also fix various security issues: - CVE-2020-12861,CVE-2020-12865: Fixed an out of bounds write (bsc#1172524) - CVE-2020-12862,CVE-2020-12863,CVE-2020-12864,: Fixed an out of bounds read (bsc#1172524) - CVE-2020-12866,CVE-2020-12867: Fixed a null pointer dereference (bsc#1172524) The upstream changelogs can be found here: - https://gitlab.com/sane-project/backends/-/releases/1.0.28 - https://gitlab.com/sane-project/backends/-/releases/1.0.29 - https://gitlab.com/sane-project/backends/-/releases/1.0.30 - https://gitlab.com/sane-project/backends/-/releases/1.0.31 This update was imported from the SUSE:SLE-15:Update update project.</description> </patchinfo>