Описание
Security update for tiff
This update for tiff fixes the following issues:
Fixed multiple out of bounds read/write security issues:
CVE-2023-0795 (bsc#1208226), CVE-2023-0796 (bsc#1208227), CVE-2023-0797 (bsc#1208228), CVE-2023-0798 (bsc#1208229), CVE-2023-0799 (bsc#1208230), CVE-2023-0800 (bsc#1208231), CVE-2023-0801 (bsc#1208232), CVE-2023-0802 (bsc#1208233), CVE-2023-0803 (bsc#1208234), CVE-2023-0804 (bsc#1208236).
Список пакетов
Image SLES12-SP5-Azure-SAP-BYOS
Image SLES12-SP5-Azure-SAP-On-Demand
Image SLES12-SP5-EC2-SAP-BYOS
Image SLES12-SP5-EC2-SAP-On-Demand
Image SLES12-SP5-GCE-SAP-BYOS
Image SLES12-SP5-GCE-SAP-On-Demand
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 12 SP5
Ссылки
- Link for SUSE-SU-2023:2321-1
- E-Mail link for SUSE-SU-2023:2321-1
- SUSE Security Ratings
- SUSE Bug 1208226
- SUSE Bug 1208227
- SUSE Bug 1208228
- SUSE Bug 1208229
- SUSE Bug 1208230
- SUSE Bug 1208231
- SUSE Bug 1208232
- SUSE Bug 1208233
- SUSE Bug 1208234
- SUSE Bug 1208236
- SUSE CVE CVE-2023-0795 page
- SUSE CVE CVE-2023-0796 page
- SUSE CVE CVE-2023-0797 page
- SUSE CVE CVE-2023-0798 page
- SUSE CVE CVE-2023-0799 page
- SUSE CVE CVE-2023-0800 page
- SUSE CVE CVE-2023-0801 page
Описание
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
Затронутые продукты
Ссылки
- CVE-2023-0795
- SUSE Bug 1208226
Описание
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
Затронутые продукты
Ссылки
- CVE-2023-0796
- SUSE Bug 1208227
Описание
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
Затронутые продукты
Ссылки
- CVE-2023-0797
- SUSE Bug 1208228
Описание
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
Затронутые продукты
Ссылки
- CVE-2023-0798
- SUSE Bug 1208229
Описание
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
Затронутые продукты
Ссылки
- CVE-2023-0799
- SUSE Bug 1208230
Описание
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
Затронутые продукты
Ссылки
- CVE-2023-0800
- SUSE Bug 1208231
Описание
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
Затронутые продукты
Ссылки
- CVE-2023-0801
- SUSE Bug 1208232
Описание
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
Затронутые продукты
Ссылки
- CVE-2023-0802
- SUSE Bug 1208233
Описание
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
Затронутые продукты
Ссылки
- CVE-2023-0803
- SUSE Bug 1208234
Описание
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
Затронутые продукты
Ссылки
- CVE-2023-0804
- SUSE Bug 1208236