Overview

File _patchinfo of Package patchinfo.4014

<patchinfo incident="4014">
  <issue id="1019611" tracker="bnc">VUL-1: CVE-2017-5225: tiff: heap buffer overflow in tools/tiffcp via a crafted BitsPerSample value</issue>
  <issue id="1022103" tracker="bnc">L3-Question: tiff/libtiff 4.0.7-35.1 Breaks TIFFTAG_FAXRECVPARAMS</issue>
  <issue id="2017-5225" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>fstrba</packager>
  <description>
This update for tiff fixes the following issues:

- A crafted TIFF image could cause a crash and potential code execution when
processed by the 'tiffcp' utility (CVE-2017-5225, bsc#1019611).

Also a regression from the version update to 4.0.7 was fixed in
handling TIFFTAG_FAXRECVPARAMS. (bsc#1022103)

</description>
  <summary>Security update for tiff</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places