CESA-2020:3902 -- centos 7 libtiffID: oval:org.secpod.oval:def:205632 | Date: (C)2020-10-28 (M)2023-12-20 |
Class: PATCH | Family: unix |
The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: integer overflow in _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c * libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.