Explore top 10 tips to secure your open-source projects now. Read More
×
This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672). - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257). - CVE-2017-9147: Fixed invalid read in the _TIFFVGetField function in tif_dir.c, that allowed remote attackers to cause a DoS via acrafted TIFF file (bsc#1040322). - CVE-2017-9117: Fixed BMP images processing that was verified without biWidth and biHeight values (bsc#1040080). - CVE-2017-17942: Fixed issue in the function PackBitsEncode that could have led to a heap overflow and caused a DoS (bsc#1074186). - CVE-2016-9273: Fixed heap-based buffer overflow issue (bsc#1010163).
#1010163 #1014461 #1040080 #1040322 #1074186
#1099257 #1113672 #974446 #974447 #974448
#983440
Cross- CVE-2015-8870 CVE-2016-3619 CVE-2016-3620
CVE-2016-3621 CVE-2016-5319 CVE-2016-9273
CVE-2017-17942 CVE-2017-9117 CVE-2017-9147
CVE-2018-12900 CVE-2018-18661
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
https://www.suse.com/security/cve/CVE-2015-8870.html
https://www.suse.com/security/cve/CVE-2016-3619.html
https://www.suse.com/security/cve/CVE-2016-3620.html
https://www.suse.com/security/cve/CVE-2016-3621.html
https://www.suse.com/security/cve/CVE-2016-5319.html
https://www.suse.com/security/cve/CVE-2016-9273.html
Get the latest Linux and open source security news straight to your inbox.