Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:14002-1

Опубликовано: 01 апр. 2019
Источник: suse-cvrf

Описание

Security update for tiff

This update for tiff fixes the following issue:

Security vulnerabilities fixed:

  • CVE-2016-5102: Fixed a buffer overflow in readgifimage() (bsc#983268)
  • CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626)

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3
libtiff3-3.8.2-141.169.31.1
tiff-3.8.2-141.169.31.1
SUSE Linux Enterprise Server 11 SP4
libtiff3-3.8.2-141.169.31.1
libtiff3-32bit-3.8.2-141.169.31.1
libtiff3-x86-3.8.2-141.169.31.1
tiff-3.8.2-141.169.31.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libtiff3-3.8.2-141.169.31.1
libtiff3-32bit-3.8.2-141.169.31.1
libtiff3-x86-3.8.2-141.169.31.1
tiff-3.8.2-141.169.31.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libtiff-devel-3.8.2-141.169.31.1
libtiff-devel-32bit-3.8.2-141.169.31.1

Ссылки

Описание

Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:libtiff3-3.8.2-141.169.31.1
SUSE Linux Enterprise Point of Sale 11 SP3:tiff-3.8.2-141.169.31.1
SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.31.1
SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.31.1
Ссылки

Описание

The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:libtiff3-3.8.2-141.169.31.1
SUSE Linux Enterprise Point of Sale 11 SP3:tiff-3.8.2-141.169.31.1
SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.31.1
SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.31.1
Ссылки