Overview

File _patchinfo of Package patchinfo.7550

<patchinfo incident="7550">
  <issue id="1082825" tracker="bnc">VUL-0: CVE-2018-7456: tiff: A NULL Pointer Dereference occurs in the function TIFFPrintDirectory intif_print.c when using the tiffinfo tool to print crafted TIFFinformation, a different vulnerability than CVE-2017-18013.</issue>
  <issue id="2018-7456" tracker="cve" />
  <issue id="1092949" tracker="bnc">VUL-1: CVE-2018-10963: tiff: The TIFFWriteDirectorySec() function in tif_dirwrite.c allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file</issue>
  <issue id="1074317" tracker="bnc">VUL-0: CVE-2017-18013: tiff: A Null-Pointer Dereference in the tif_print.cTIFFPrintDirectory function, could lead to denial of service</issue>
  <issue id="1082332" tracker="bnc">VUL-1: CVE-2017-11613: tiff: denial of service in TIFFOpen function</issue>
  <issue id="1086408" tracker="bnc">VUL-0: CVE-2018-8905: tiff: A heap-based buffer overflow occurs in the functionLZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated bytiff2ps.</issue>
  <issue id="2018-8905" tracker="cve" />
  <issue id="2017-11613" tracker="cve" />
  <issue id="2018-10963" tracker="cve" />
  <issue id="2017-18013" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>mvetter</packager>
  <description>This update for tiff fixes the following security issues:

These security issues were fixed:

- CVE-2017-18013: Fixed a NULL pointer dereference in the
  tif_print.cTIFFPrintDirectory function that could have lead to denial of
  service (bsc#1074317).
- CVE-2018-10963: Fixed an assertion failure in the TIFFWriteDirectorySec()
  function in tif_dirwrite.c, which allowed remote attackers to cause a denial
  of service via a crafted file (bsc#1092949).
- CVE-2018-7456: Prevent a NULL Pointer dereference in the function
  TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF
  information, a different vulnerability than CVE-2017-18013 (bsc#1082825).
- CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During
  the TIFFOpen process, td_imagelength is not checked. The value of
  td_imagelength can be directly controlled by an input file. In the
  ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called
  based on td_imagelength. If the value of td_imagelength is set close to the
  amount of system memory, it will hang the system or trigger the OOM killer
  (bsc#1082332).
- CVE-2018-8905: Prevent heap-based buffer overflow in the function
  LZWDecodeCompat via a crafted TIFF file (bsc#1086408).
</description>
<summary>Security update for tiff</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places