Описание
Security update for tiff
This update for tiff fixes the following issues:
- CVE-2017-5225: A crafted TIFF image could cause a crash and potential code execution when processed by the 'tiffcp' utility (bsc#1019611).
Also a regression from the version update to 4.0.7 was fixed in handling TIFFTAG_FAXRECVPARAMS. (bsc#1022103)
This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.1
libtiff-devel-4.0.7-15.1
libtiff-devel-32bit-4.0.7-15.1
libtiff5-4.0.7-15.1
libtiff5-32bit-4.0.7-15.1
tiff-4.0.7-15.1
openSUSE Leap 42.2
libtiff-devel-4.0.7-15.1
libtiff-devel-32bit-4.0.7-15.1
libtiff5-4.0.7-15.1
libtiff5-32bit-4.0.7-15.1
tiff-4.0.7-15.1
Ссылки
- E-Mail link for openSUSE-SU-2017:0512-1
- SUSE Security Ratings
Описание
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
Затронутые продукты
openSUSE Leap 42.1:libtiff-devel-32bit-4.0.7-15.1
openSUSE Leap 42.1:libtiff-devel-4.0.7-15.1
openSUSE Leap 42.1:libtiff5-32bit-4.0.7-15.1
openSUSE Leap 42.1:libtiff5-4.0.7-15.1
Ссылки
- CVE-2017-5225
- SUSE Bug 1019611