Fedora 21: 2015-8673 Critical: libtiff Memory Safety Issues
fedora
May 30, 2015
Security fix for CVE-2014-9655, CVE-2015-1547
Summary
The libtiff package contains a library of functions for manipulating
TIFF (Tagged Image File Format) image format files. TIFF is a widely
used file format for bitmapped images. TIFF files usually end in the
.tif extension and they are often quite large.
The libtiff package should be installed if you need to manipulate TIFF
format image files.
Update Information:
Security fix for CVE-2014-9655, CVE-2015-1547
Topics Covered
Change Log
* Tue May 19 2015 Petr Hracek
References
[ 1 ] Bug #1190703 - CVE-2014-9655 libtiff: use of uninitialized memory in putcontig8bitYCbCr21tile and NeXTDecode
https://bugzilla.redhat.com/show_bug.cgi?id=1190703
[ 2 ] Bug #1190709 - CVE-2015-1547 libtiff: use of uninitialized memory in NeXTDecode
https://bugzilla.redhat.com/show_bug.cgi?id=1190709
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update libtiff' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: libtiff
Product: Fedora 21
Version: 4.0.3
Release: 20.fc21
URL: Summary : Library of functions for manipulating TIFF format image files
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!