File _patchinfo of Package patchinfo

<patchinfo incident="9924">
  <issue tracker="bnc" id="1115717"> VUL-1: CVE-2018-19210: tiff: NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c</issue>
  <issue tracker="bnc" id="1108606">VUL-1: CVE-2018-17000: tiff: NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction)</issue>
  <issue tracker="bnc" id="1121626">VUL-1: CVE-2019-6128: tiff: The TIFFFdOpen function in tif_unix.c in LibTIFF  has a memory leak</issue>
  <issue id="1125113" tracker="bnc">VUL-1: CVE-2019-7663: tiff: An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c</issue>
   <issue tracker="cve" id="2018-19210"/>
  <issue tracker="cve" id="2019-6128"/>
  <issue tracker="cve" id="2018-17000"/>
  <issue tracker="cve" id="2019-7663"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>pgajdos</packager>
  <description>This update for tiff fixes the following issues:

Security issues fixed:

- CVE-2018-19210: Fixed a NULL pointer dereference in TIFFWriteDirectorySec function (bsc#1115717).     
- CVE-2018-17000: Fixed a NULL pointer dereference in the _TIFFmemcmp function (bsc#1108606).
- CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626).
- CVE-2019-7663: Fixed an invalid address dereference in the
  TIFFWriteDirectoryTagTransfer function in libtiff/tif_dirwrite.c (bsc#1125113)

This update was imported from the SUSE:SLE-15:Update update project.</description>
  <summary>Security update for tiff</summary>
</patchinfo>
openSUSE Build Service is sponsored by