Security update for tiff
This update for tiff fixes the following issues:
* CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images (bsc#964225)
* CVE-2016-3186: Buffer overflow in gif2tiff (bnc#973340).
* CVE-2016-5875: heap-based buffer overflow when using the PixarLog compressionformat (bsc#987351)
* CVE-2016-5316: Out-of-bounds read in PixarLogCleanup() function in tif_pixarlog.c (bsc#984837)
* CVE-2016-5314: Out-of-bounds write in PixarLogDecode() function (bsc#984831)
* CVE-2016-5317: Out-of-bounds write in PixarLogDecode() function in libtiff.so (bsc#984842)
* CVE-2016-5320: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c (bsc#984808)
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Fridrich Strba (fstrba)
Fixed bugs
bnc#973340
Buffer overflow in gif2tiff
bnc#987351
Heap-based buffer overflow when using the PixarLog compressionformat
bnc#984842
Out-of-bounds write in PixarLogDecode() function in libtiff.so
bnc#984808
Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c
bnc#964225
Out-of-bounds writes for invalid images
bnc#984837
Out-of-bounds read in PixarLogCleanup() function in tif_pixarlog.c
bnc#984831
Out-of-bounds write in PixarLogDecode() function
