SUSE-SU-2018:4008-1

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2018:4008-1

Related

Published

2018-12-07T09:21:29Z

Modified

2018-12-07T09:21:29Z

Summary

Security update for tiff

Details

This update for tiff fixes the following issues:

Security issues fixed:

CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function (bsc#1115717).
CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function (bsc#1054594).
CVE-2016-10094: Fixed heap-based buffer overflow in the _tiffWriteProc function (bsc#1017693).
CVE-2016-10093: Fixed heap-based buffer overflow in the _TIFFmemcpy function (bsc#1017693).
CVE-2016-10092: Fixed heap-based buffer overflow in the TIFFReverseBits function (bsc#1017693).
CVE-2016-6223: Fixed out-of-bounds read on memory-mapped files in TIFFReadRawStrip1() and TIFFReadRawTile1() (bsc#990460).

References

Affected packages

Name: tiff
Purl: purl:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.9-5.20.1

{
    "binaries": [
        {
            "libtiff5": "4.0.9-5.20.1",
            "libtiff-devel": "4.0.9-5.20.1"
        }
    ]
}

Name: tiff
Purl: purl:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.9-5.20.1

{
    "binaries": [
        {
            "libtiff5-32bit": "4.0.9-5.20.1"
        }
    ]
}

Name: tiff
Purl: purl:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.9-5.20.1

{
    "binaries": [
        {
            "tiff": "4.0.9-5.20.1"
        }
    ]
}