The following security vulnerabilities were addressed:
CVE-2015-8668: Fixed a heap-based buffer overflow in the PackBitsPreEncode
function in tif_packbits.c in bmp2tiff, which allowed remote attackers to
execute arbitrary code or cause a denial of service via a large width field
in a specially crafted BMP image. (bsc#960589)
CVE-2018-10779: Fixed a heap-based buffer over-read in TIFFWriteScanline() in
tif_write.c (bsc#1092480)
CVE-2017-17942: Fixed a heap-based buffer overflow in the function
PackBitsEncode in tif_packbits.c. (bsc#1074186)
CVE-2016-5319: Fixed a beap-based buffer overflow in bmp2tiff (bsc#983440)