CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672).
CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257).
CVE-2017-9147: Fixed invalid read in the TIFFVGetField function in tifdir.c, that allowed remote attackers to cause a DoS via acrafted TIFF file (bsc#1040322).
CVE-2017-9117: Fixed BMP images processing that was verified without biWidth and biHeight values (bsc#1040080).
CVE-2017-17942: Fixed issue in the function PackBitsEncode that could have led to a heap overflow and caused a DoS (bsc#1074186).