Описание
Security update for tiff
This update to tiff 4.0.6 fixes the following issues:
- CVE-2015-7554: Out-of-bounds write in the thumbnail and tiffcmp tools allowed attacker to cause a denial of service or have unspecified further impact (bsc#960341)
- bsc#942690: potential out-of-bound write in NeXTDecode() (#2508)
Список пакетов
SUSE Linux Enterprise Desktop 12
libtiff5-4.0.6-19.1
libtiff5-32bit-4.0.6-19.1
SUSE Linux Enterprise Desktop 12 SP1
libtiff5-4.0.6-19.1
libtiff5-32bit-4.0.6-19.1
SUSE Linux Enterprise Server 12
libtiff5-4.0.6-19.1
libtiff5-32bit-4.0.6-19.1
tiff-4.0.6-19.1
SUSE Linux Enterprise Server 12 SP1
libtiff5-4.0.6-19.1
libtiff5-32bit-4.0.6-19.1
tiff-4.0.6-19.1
SUSE Linux Enterprise Server for SAP Applications 12
libtiff5-4.0.6-19.1
libtiff5-32bit-4.0.6-19.1
tiff-4.0.6-19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
libtiff5-4.0.6-19.1
libtiff5-32bit-4.0.6-19.1
tiff-4.0.6-19.1
SUSE Linux Enterprise Software Development Kit 12
libtiff-devel-4.0.6-19.1
SUSE Linux Enterprise Software Development Kit 12 SP1
libtiff-devel-4.0.6-19.1
Ссылки
- Link for SUSE-SU-2016:0160-1
- E-Mail link for SUSE-SU-2016:0160-1
- SUSE Security Ratings
- SUSE Bug 942690
- SUSE Bug 960341
- SUSE CVE CVE-2015-7554 page
Описание
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit-4.0.6-19.1
SUSE Linux Enterprise Desktop 12 SP1:libtiff5-4.0.6-19.1
SUSE Linux Enterprise Desktop 12:libtiff5-32bit-4.0.6-19.1
SUSE Linux Enterprise Desktop 12:libtiff5-4.0.6-19.1
Ссылки
- CVE-2015-7554
- SUSE Bug 1007276
- SUSE Bug 1017690
- SUSE Bug 1040322
- SUSE Bug 960341
- SUSE Bug 974621
- SUSE Bug 983436