File _patchinfo of Package patchinfo.6312

<patchinfo incident="6312">
  <issue id="960341" tracker="bnc">VUL-0: CVE-2015-7554: tiff: libtiff: invalid write in tiffsplit / _TIFFVGetField</issue>
  <issue id="1069213" tracker="bnc">VUL-1: CVE-2017-16232: tiff: memory-based DoS in tiff2bw</issue>
  <issue id="983436" tracker="bnc">VUL-0: CVE-2016-5318: tiff: stackoverflow in thumbnail</issue>
  <issue id="969783" tracker="bnc">Security Fix request for SLES 11 SP1 LTSS: libtiff3 - CVE-2014-8127 - CVE-2014-9655</issue>
  <issue id="1017690" tracker="bnc">VUL-0: CVE-2016-10095: libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c)</issue>
  <issue id="2014-8128" tracker="cve" />
  <issue id="2016-10095" tracker="cve" />
  <issue id="2017-16232" tracker="cve" />
  <issue id="2016-5318" tracker="cve" />
  <issue id="2015-7554" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>fstrba</packager>
  <description>This update for tiff to version 4.0.9 fixes the following issues:

Security issues fixed:

- CVE-2014-8128: Fix out-of-bounds read with malformed TIFF image in multiple tools (bsc#969783).
- CVE-2015-7554: Fix invalid write in tiffsplit / _TIFFVGetField (bsc#960341).
- CVE-2016-10095: Fix stack-based buffer overflow in _TIFFVGetField (tif_dir.c) (bsc#1017690).
- CVE-2016-5318: Fix stackoverflow in thumbnail (bsc#983436).
- CVE-2017-16232: Fix memory-based DoS in tiff2bw (bsc#1069213).
</description>
  <summary>Security update for tiff</summary>
</patchinfo>
openSUSE Build Service is sponsored by