Security update for tiff
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2018-19210: Fixed a NULL pointer dereference in TIFFWriteDirectorySec function (bsc#1115717).
- CVE-2018-17000: Fixed a NULL pointer dereference in the _TIFFmemcmp function (bsc#1108606).
- CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626).
- CVE-2019-7663: Fixed an invalid address dereference in the
TIFFWriteDirectoryTagTransfer function in libtiff/tif_dirwrite.c (bsc#1125113)
This update was imported from the SUSE:SLE-15:Update update project.
- Submitted by Petr Gajdos (pgajdos)
Fixed bugs
bnc#1115717
VUL-1: CVE-2018-19210: tiff: NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c
bnc#1108606
VUL-1: CVE-2018-17000: tiff: NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction)
bnc#1121626
VUL-1: CVE-2019-6128: tiff: The TIFFFdOpen function in tif_unix.c in LibTIFF has a memory leak
bnc#1125113
VUL-1: CVE-2019-7663: tiff: An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c