Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for tiff

This update for tiff fixes the following security issues:

- CVE-2016-3622: Specially crafted TIFF images could trigger a crash in tiff2rgba (bsc#974449)
- Various out-of-bound write vulnerabilities with unspecified impact (MSVR 35093, MSVR 35094, MSVR 35095, MSVR 35096, MSVR 35097, MSVR 35098)
- CVE-2016-3623: Specially crafted TIFF images could trigger a crash in rgb2ycbcr (bsc#974618)
- CVE-2016-3945: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution via tiff2rgba (bsc#974614)
- CVE-2016-3990: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution (bsc#975069)
- CVE-2016-3991: Specially crafted TIFF images could trigger a crash or allow for arbitrary command execution via the tiffcrop tool (bsc#975070)

This update was imported from the SUSE:SLE-12:Update update project.

Fixed bugs
bnc#975069
VUL-1: CVE-2016-3990: tiff: out-of-bounds write in horizontalDifference8() in tiffcp tool
bnc#974618
VUL-1: CVE-2016-3623: libtiff: Divide By Zero in the rgb2ycbcr tool
bnc#975070
VUL-1: CVE-2016-3991: tiff: out-of-bounds write in loadImage() in tiffcrop tool
bnc#974614
VUL-1: CVE-2016-3945: tiff: Out-of-bounds Write in the tiff2rgba tool
bnc#974449
VUL-1: CVE-2016-3622: tiff: Divide By Zero in the tiff2rgba tool
CVE-2016-3945
CVE-2016-3990
CVE-2016-3991
CVE-2016-3622
CVE-2016-3623
Selected Binaries
openSUSE Build Service is sponsored by
Places