File _patchinfo of Package patchinfo.6312
<patchinfo incident="6312">
<issue id="960341" tracker="bnc">VUL-0: CVE-2015-7554: tiff: libtiff: invalid write in tiffsplit / _TIFFVGetField</issue>
<issue id="1069213" tracker="bnc">VUL-1: CVE-2017-16232: tiff: memory-based DoS in tiff2bw</issue>
<issue id="983436" tracker="bnc">VUL-0: CVE-2016-5318: tiff: stackoverflow in thumbnail</issue>
<issue id="969783" tracker="bnc">Security Fix request for SLES 11 SP1 LTSS: libtiff3 - CVE-2014-8127 - CVE-2014-9655</issue>
<issue id="1017690" tracker="bnc">VUL-0: CVE-2016-10095: libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c)</issue>
<issue id="2014-8128" tracker="cve" />
<issue id="2016-10095" tracker="cve" />
<issue id="2017-16232" tracker="cve" />
<issue id="2016-5318" tracker="cve" />
<issue id="2015-7554" tracker="cve" />
<category>security</category>
<rating>important</rating>
<packager>fstrba</packager>
<description>This update for tiff to version 4.0.9 fixes the following issues:
Security issues fixed:
- CVE-2014-8128: Fix out-of-bounds read with malformed TIFF image in multiple tools (bsc#969783).
- CVE-2015-7554: Fix invalid write in tiffsplit / _TIFFVGetField (bsc#960341).
- CVE-2016-10095: Fix stack-based buffer overflow in _TIFFVGetField (tif_dir.c) (bsc#1017690).
- CVE-2016-5318: Fix stackoverflow in thumbnail (bsc#983436).
- CVE-2017-16232: Fix memory-based DoS in tiff2bw (bsc#1069213).
</description>
<summary>Security update for tiff</summary>
</patchinfo>