Explore top 10 tips to secure your open-source projects now. Read More
×
Tiff was updated to version 4.0.7. This update fixes the following issues:
* libtiff/tif_aux.c
+ Fix crash in TIFFVGetFieldDefaulted() when requesting Predictor tag
and that the zip/lzw codec is not configured.
()
* libtiff/tif_compress.c
+ Make TIFFNoDecode() return 0 to indicate an error and make upper
level read routines treat it accordingly.
()
* libtiff/tif_dir.c
+ Discard values of SMinSampleValue and SMaxSampleValue when they have
been read and the value of SamplesPerPixel is changed afterwards
(like when reading a OJPEG compressed image with a missing
SamplesPerPixel tag, and whose photometric is RGB or YCbCr, forcing
SamplesPerPixel being 3). Otherwise when rewriting the directory
(for example with tiffset, we will expect 3 values whereas the array
had been allocated with just
one), thus causing a out of bound read access....
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2016-1425=1
To bring your system up-to-date, use "zypper patch".
- openSUSE 13.2 (i586 x86_64):
libtiff-devel-4.0.7-10.35.1
libtiff5-4.0.7-10.35.1
libtiff5-debuginfo-4.0.7-10.35.1
tiff-4.0.7-10.35.1
tiff-debuginfo-4.0.7-10.35.1
tiff-debugsource-4.0.7-10.35.1
- openSUSE 13.2 (x86_64):
libtiff-devel-32bit-4.0.7-10.35.1
libtiff5-32bit-4.0.7-10.35.1
libtiff5-debuginfo-32bit-4.0.7-10.35.1
https://www.suse.com/security/cve/CVE-2014-8127.html
https://www.suse.com/security/cve/CVE-2015-7554.html
https://www.suse.com/security/cve/CVE-2015-8665.html
https://www.suse.com/security/cve/CVE-2015-8683.html
https://www.suse.com/security/cve/CVE-2016-3622.html
https://www.suse.com/security/cve/CVE-2016-3658.html
https://www.suse.com/security/cve/CVE-2016-5321.html
https://www.suse.com/security/cve/CVE-2016-5323.html
https://www.suse.com/security/cve/CVE-2016-5652.html
https://www.suse.com/security/cve/CVE-2016-5875.html
https://www.suse.com/security/cve/CVE-2016-9273.html
https://www.suse.com/security/cve/CVE-2016-9297.html
https://www.suse.com/security/cve/CVE-2016-9448.html
https://www.suse.com/security/cve/CVE-2016-9453.html
https://bugzilla.suse.com/1007280
https://bugzilla.suse.com/1010161
https://bugzilla.suse.com/1010163
https://bugzilla.suse.com/1011103
https://bugzilla.suse.com/1011107
https://bugzilla.suse.com/914890
https://bugzilla.suse.com/974449
https://bugzilla.suse.com/974840
https://bug...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.