Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:dirkmueller:acdc:as_python3_module
patchinfo.7550
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7550
<patchinfo incident="7550"> <issue id="1082825" tracker="bnc">VUL-0: CVE-2018-7456: tiff: A NULL Pointer Dereference occurs in the function TIFFPrintDirectory intif_print.c when using the tiffinfo tool to print crafted TIFFinformation, a different vulnerability than CVE-2017-18013.</issue> <issue id="2018-7456" tracker="cve" /> <issue id="1092949" tracker="bnc">VUL-1: CVE-2018-10963: tiff: The TIFFWriteDirectorySec() function in tif_dirwrite.c allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file</issue> <issue id="1074317" tracker="bnc">VUL-0: CVE-2017-18013: tiff: A Null-Pointer Dereference in the tif_print.cTIFFPrintDirectory function, could lead to denial of service</issue> <issue id="1082332" tracker="bnc">VUL-1: CVE-2017-11613: tiff: denial of service in TIFFOpen function</issue> <issue id="1086408" tracker="bnc">VUL-0: CVE-2018-8905: tiff: A heap-based buffer overflow occurs in the functionLZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated bytiff2ps.</issue> <issue id="2018-8905" tracker="cve" /> <issue id="2017-11613" tracker="cve" /> <issue id="2018-10963" tracker="cve" /> <issue id="2017-18013" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>mvetter</packager> <description>This update for tiff fixes the following security issues: These security issues were fixed: - CVE-2017-18013: Fixed a NULL pointer dereference in the tif_print.cTIFFPrintDirectory function that could have lead to denial of service (bsc#1074317). - CVE-2018-10963: Fixed an assertion failure in the TIFFWriteDirectorySec() function in tif_dirwrite.c, which allowed remote attackers to cause a denial of service via a crafted file (bsc#1092949). - CVE-2018-7456: Prevent a NULL Pointer dereference in the function TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013 (bsc#1082825). - CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If the value of td_imagelength is set close to the amount of system memory, it will hang the system or trigger the OOM killer (bsc#1082332). - CVE-2018-8905: Prevent heap-based buffer overflow in the function LZWDecodeCompat via a crafted TIFF file (bsc#1086408). </description> <summary>Security update for tiff</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
