File _patchinfo of Package patchinfo
<patchinfo incident="9924">
<issue tracker="bnc" id="1115717"> VUL-1: CVE-2018-19210: tiff: NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c</issue>
<issue tracker="bnc" id="1108606">VUL-1: CVE-2018-17000: tiff: NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction)</issue>
<issue tracker="bnc" id="1121626">VUL-1: CVE-2019-6128: tiff: The TIFFFdOpen function in tif_unix.c in LibTIFF has a memory leak</issue>
<issue id="1125113" tracker="bnc">VUL-1: CVE-2019-7663: tiff: An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c</issue>
<issue tracker="cve" id="2018-19210"/>
<issue tracker="cve" id="2019-6128"/>
<issue tracker="cve" id="2018-17000"/>
<issue tracker="cve" id="2019-7663"/>
<category>security</category>
<rating>moderate</rating>
<packager>pgajdos</packager>
<description>This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2018-19210: Fixed a NULL pointer dereference in TIFFWriteDirectorySec function (bsc#1115717).
- CVE-2018-17000: Fixed a NULL pointer dereference in the _TIFFmemcmp function (bsc#1108606).
- CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626).
- CVE-2019-7663: Fixed an invalid address dereference in the
TIFFWriteDirectoryTagTransfer function in libtiff/tif_dirwrite.c (bsc#1125113)
This update was imported from the SUSE:SLE-15:Update update project.</description>
<summary>Security update for tiff</summary>
</patchinfo>