Описание
Security update for tiff
This update to tiff 4.0.6 fixes the following issues:
- CVE-2015-7554: Out-of-bounds write in the thumbnail and tiffcmp tools allowed attacker to cause a denial of service or have unspecified further impact (bsc#960341)
- bsc#942690: potential out-of-bound write in NeXTDecode() (#2508)
This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.1
libtiff-devel-4.0.6-3.1
libtiff-devel-32bit-4.0.6-3.1
libtiff5-4.0.6-3.1
libtiff5-32bit-4.0.6-3.1
tiff-4.0.6-3.1
Ссылки
- E-Mail link for openSUSE-SU-2016:0252-1
- SUSE Security Ratings
Описание
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.
Затронутые продукты
openSUSE Leap 42.1:libtiff-devel-32bit-4.0.6-3.1
openSUSE Leap 42.1:libtiff-devel-4.0.6-3.1
openSUSE Leap 42.1:libtiff5-32bit-4.0.6-3.1
openSUSE Leap 42.1:libtiff5-4.0.6-3.1
Ссылки
- CVE-2015-7554
- SUSE Bug 1007276
- SUSE Bug 1017690
- SUSE Bug 1040322
- SUSE Bug 960341
- SUSE Bug 974621
- SUSE Bug 983436