Описание
ELSA-2017-0225: libtiff security update (MODERATE)
[3.9.4-21]
- Fix patch for CVE-2016-5652
- Related: #1412078
[3.9.4-20]
- Fix CWE-476 defect found by covscan
- Related: #1412078
[3.9.4-19]
- Add patches for CVEs:
- CVE-2016-9533 CVE-2016-9534 CVE-2016-9535
- CVE-2016-9536 CVE-2016-9537 CVE-2016-9540
- CVE-2016-5652
- Resolves: #1412078
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
libtiff
3.9.4-21.el6_8
libtiff-devel
3.9.4-21.el6_8
libtiff-static
3.9.4-21.el6_8
Oracle Linux i686
libtiff
3.9.4-21.el6_8
libtiff-devel
3.9.4-21.el6_8
libtiff-static
3.9.4-21.el6_8
Oracle Linux sparc64
libtiff
3.9.4-21.el6_8
libtiff-devel
3.9.4-21.el6_8
libtiff-static
3.9.4-21.el6_8
Oracle Linux 7
Oracle Linux aarch64
libtiff
4.0.3-27.el7_3
libtiff-devel
4.0.3-27.el7_3
libtiff-static
4.0.3-27.el7_3
libtiff-tools
4.0.3-27.el7_3
Oracle Linux x86_64
libtiff
4.0.3-27.el7_3
libtiff-devel
4.0.3-27.el7_3
libtiff-static
4.0.3-27.el7_3
libtiff-tools
4.0.3-27.el7_3
Ссылки на источники
Связанные уязвимости
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.
An exploitable heap-based buffer overflow exists in the handling of TI ...
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.