   SUSE Security Update: Security update for tiff
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:1835-1
Rating:             moderate
References:         #1007276 #1011839 #1011846 #1017689 #1017690 
                    #1019611 #1031263 #1082332 #1082825 #1086408 
                    #974621 
Cross-References:   CVE-2014-8128 CVE-2015-7554 CVE-2016-10095
                    CVE-2016-10266 CVE-2016-3632 CVE-2016-5318
                    CVE-2016-8331 CVE-2016-9535 CVE-2016-9540
                    CVE-2017-11613 CVE-2017-5225 CVE-2018-7456
                    CVE-2018-8905
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11-SP4
                    SUSE Linux Enterprise Server 11-SP4
                    SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________

   An update that fixes 13 vulnerabilities is now available.

Description:

   This update for tiff fixes the following security issues:

   - CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that
     could have caused DoS or code execution via a crafted BitsPerSample
     value (bsc#1019611)
   - CVE-2018-7456: Prevent a NULL Pointer dereference in the function
     TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF
     information, a different vulnerability than CVE-2017-18013 (bsc#1082825)
   - CVE-2017-11613: Prevent denial of service in the TIFFOpen function.
     During the TIFFOpen process, td_imagelength is not checked. The value of
     td_imagelength can be directly controlled by an input file. In the
     ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is
     called based on td_imagelength. If the value of td_imagelength is set
     close to the amount of system memory, it will hang the system or trigger
     the OOM killer (bsc#1082332)
   - CVE-2016-10266: Prevent remote attackers to cause a denial of service
     (divide-by-zero error and application crash) via a crafted TIFF image,
     related to libtiff/tif_read.c:351:22 (bsc#1031263)
   - CVE-2018-8905: Prevent heap-based buffer overflow in the function
     LZWDecodeCompat via a crafted TIFF file (bsc#1086408)
   - CVE-2016-9540: Prevent out-of-bounds write on tiled images with odd tile
     width versus image width (bsc#1011839).
   - CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could
     have lead to assertion failures in debug mode, or buffer overflows in
     release mode, when dealing with unusual tile size like YCbCr with
     subsampling (bsc#1011846).
   - CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could
     have lead to assertion failures in debug mode, or buffer overflows in
     release mode, when dealing with unusual tile size like YCbCr with
     subsampling (bsc#1011846).
   - Removed assert in readSeparateTilesIntoBuffer() function (bsc#1017689).
   - CVE-2016-10095: Prevent stack-based buffer overflow in the
     _TIFFVGetField function that allowed remote attackers to cause a denial
     of service (crash) via a crafted TIFF file (bsc#1017690).
   - CVE-2016-8331: Prevent remote code execution because of incorrect
     handling of TIFF images. A crafted TIFF document could have lead to a
     type confusion vulnerability resulting in remote code execution. This
     vulnerability could have been be triggered via a TIFF file delivered to
     the application using LibTIFF's tag extension functionality
     (bsc#1007276).
   - CVE-2016-3632: The _TIFFVGetField function allowed remote attackers to
     cause a denial of service (out-of-bounds write) or execute arbitrary
     code via a crafted TIFF image (bsc#974621).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11-SP4:

      zypper in -t patch sdksp4-tiff-13683=1

   - SUSE Linux Enterprise Server 11-SP4:

      zypper in -t patch slessp4-tiff-13683=1

   - SUSE Linux Enterprise Debuginfo 11-SP4:

      zypper in -t patch dbgsp4-tiff-13683=1



Package List:

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      libtiff-devel-3.8.2-141.169.9.1

   - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64):

      libtiff-devel-32bit-3.8.2-141.169.9.1

   - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      libtiff3-3.8.2-141.169.9.1
      tiff-3.8.2-141.169.9.1

   - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64):

      libtiff3-32bit-3.8.2-141.169.9.1

   - SUSE Linux Enterprise Server 11-SP4 (ia64):

      libtiff3-x86-3.8.2-141.169.9.1

   - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):

      tiff-debuginfo-3.8.2-141.169.9.1
      tiff-debugsource-3.8.2-141.169.9.1


References:

   https://www.suse.com/security/cve/CVE-2014-8128.html
   https://www.suse.com/security/cve/CVE-2015-7554.html
   https://www.suse.com/security/cve/CVE-2016-10095.html
   https://www.suse.com/security/cve/CVE-2016-10266.html
   https://www.suse.com/security/cve/CVE-2016-3632.html
   https://www.suse.com/security/cve/CVE-2016-5318.html
   https://www.suse.com/security/cve/CVE-2016-8331.html
   https://www.suse.com/security/cve/CVE-2016-9535.html
   https://www.suse.com/security/cve/CVE-2016-9540.html
   https://www.suse.com/security/cve/CVE-2017-11613.html
   https://www.suse.com/security/cve/CVE-2017-5225.html
   https://www.suse.com/security/cve/CVE-2018-7456.html
   https://www.suse.com/security/cve/CVE-2018-8905.html
   https://bugzilla.suse.com/1007276
   https://bugzilla.suse.com/1011839
   https://bugzilla.suse.com/1011846
   https://bugzilla.suse.com/1017689
   https://bugzilla.suse.com/1017690
   https://bugzilla.suse.com/1019611
   https://bugzilla.suse.com/1031263
   https://bugzilla.suse.com/1082332
   https://bugzilla.suse.com/1082825
   https://bugzilla.suse.com/1086408
   https://bugzilla.suse.com/974621

SUSE: 2018:1835-1 moderate: tiff

June 28, 2018

An update that fixes 13 vulnerabilities is now available

Summary

This update for tiff fixes the following security issues: - CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could have caused DoS or code execution via a crafted BitsPerSample value (bsc#1019611) - CVE-2018-7456: Prevent a NULL Pointer dereference in the function TIFFPrintDirectory when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013 (bsc#1082825) - CVE-2017-11613: Prevent denial of service in the TIFFOpen function. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If the value of td_imagelength is set close to the amount of system memory, it will hang the system or trigger the OOM killer (bsc#1082332) - CVE-2016-10266: Prevent remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22 (bsc#1031263) - CVE-2018-8905: Prevent heap-based buffer overflow in the function LZWDecodeCompat via a crafted TIFF file (bsc#1086408) - CVE-2016-9540: Prevent out-of-bounds write on tiled images with odd tile width versus image width (bsc#1011839). - CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could have lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling (bsc#1011846). - CVE-2016-9535: tif_predict.h and tif_predict.c had assertions that could have lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling (bsc#1011846). - Removed assert in readSeparateTilesIntoBuffer() function (bsc#1017689). - CVE-2016-10095: Prevent stack-based buffer overflow in the _TIFFVGetField function that allowed remote attackers to cause a denial of service (crash) via a crafted TIFF file (bsc#1017690). - CVE-2016-8331: Prevent remote code execution because of incorrect handling of TIFF images. A crafted TIFF document could have lead to a type confusion vulnerability resulting in remote code execution. This vulnerability could have been be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality (bsc#1007276). - CVE-2016-3632: The _TIFFVGetField function allowed remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image (bsc#974621). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-tiff-13683=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-tiff-13683=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-tiff-13683=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libtiff-devel-3.8.2-141.169.9.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libtiff-devel-32bit-3.8.2-141.169.9.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libtiff3-3.8.2-141.169.9.1 tiff-3.8.2-141.169.9.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libtiff3-32bit-3.8.2-141.169.9.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libtiff3-x86-3.8.2-141.169.9.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): tiff-debuginfo-3.8.2-141.169.9.1 tiff-debugsource-3.8.2-141.169.9.1

References

#1007276 #1011839 #1011846 #1017689 #1017690

#1019611 #1031263 #1082332 #1082825 #1086408

#974621

Cross- CVE-2014-8128 CVE-2015-7554 CVE-2016-10095

CVE-2016-10266 CVE-2016-3632 CVE-2016-5318

CVE-2016-8331 CVE-2016-9535 CVE-2016-9540

CVE-2017-11613 CVE-2017-5225 CVE-2018-7456

CVE-2018-8905

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2014-8128.html

https://www.suse.com/security/cve/CVE-2015-7554.html

https://www.suse.com/security/cve/CVE-2016-10095.html

https://www.suse.com/security/cve/CVE-2016-10266.html

https://www.suse.com/security/cve/CVE-2016-3632.html

https://www.suse.com/security/cve/CVE-2016-5318.html

https://www.suse.com/security/cve/CVE-2016-8331.html

https://www.suse.com/security/cve/CVE-2016-9535.html

https://www.suse.com/security/cve/CVE-2016-9540.html

https://www.suse.com/security/cve/CVE-2017-11613.html

https://www.suse.com/security/cve/CVE-2017-5225.html

https://www.suse.com/security/cve/CVE-2018-7456.html

https://www.suse.com/security/cve/CVE-2018-8905.html

https://bugzilla.suse.com/1007276

https://bugzilla.suse.com/1011839

https://bugzilla.suse.com/1011846

https://bugzilla.suse.com/1017689

https://bugzilla.suse.com/1017690

https://bugzilla.suse.com/1019611

https://bugzilla.suse.com/1031263

https://bugzilla.suse.com/1082332

https://bugzilla.suse.com/1082825

https://bugzilla.suse.com/1086408

https://bugzilla.suse.com/974621

Severity

Announcement ID: SUSE-SU-2018:1835-1

Rating: moderate

What Are You Looking For?

SUSE: 2018:1835-1 moderate: tiff

Summary

References

Security Highlights from KubeCon + CloudNativeCon 2023

Kubernetes Security on AWS: A Practical Guide

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management

A Complete Guide to Torrenting Safely in 2024

Cloud Security Basics for Small Businesses

Scanning and Defending Networks with Nmap

CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

What Are You Looking For?

SUSE: 2018:1835-1 moderate: tiff

Summary

References

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By