Download
| Alert*
|
oval:org.secpod.oval:def:89002537
This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c . - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf . - CVE-2017-9147: Fixed invalid read in the _ ... oval:org.secpod.oval:def:1800122 CVE-2016-9273: heap-buffer-overflow in cpStrips. Reference: CVE-2016-9297: segfault in _TIFFPrintField. Reference: CVE-2016-9448: Invalid read of size 1 in TIFFFetchNormalTag. Fix for CVE-2016-9297 introduced this issue. oval:org.secpod.oval:def:2101457 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. |
