Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2019:3058-1 Moderate Security Update for TIFF Buffer Overflow

suse
Calendar Grey November 25, 2019
Dist Suse Esm H88
SUSE Security Notice for JPG addresses 7 vulnerabilities. Notification ID: SUSE-SU-2020:4152-1 rated as important.
An update that fixes 5 vulnerabilities is now available

Summary

This update for tiff fixes the following issues: Security issues fixed: - CVE-2019-14973: Fixed an improper check which was depended on the compiler which could have led to integer overflow (bsc#1146608). - CVE-2016-5102: Fixed a buffer overflow in readgifimage() (bsc#983268) - CVE-2018-17000: Fixed a NULL pointer dereference in the _TIFFmemcmp function (bsc#1108606). - CVE-2019-6128: Fixed a memory leak in the TIFFFdOpen function in tif_unix.c (bsc#1121626). - CVE-2019-7663: Fixed an invalid address dereference in the TIFFWriteDirectoryTagTransfer function in libtiff/tif_dirwrite.c (bsc#1125113) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Topics%20covered

Topics Covered

security advisory moderate buffer overflow tiff SUSE Linux Enterprise

References

#1108606 #1121626 #1125113 #1146608 #983268

Cross- CVE-2016-5102 CVE-2018-17000 CVE-2019-14973

CVE-2019-6128 CVE-2019-7663

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Software Development Kit 12-SP4

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server 12-SP4

SUSE Linux Enterprise Desktop 12-SP4

https://www.suse.com/security/cve/CVE-2016-5102.html

https://www.suse.com/security/cve/CVE-2018-17000.html

https://www.suse.com/security/cve/CVE-2019-14973.html

https://www.suse.com/security/cve/CVE-2019-6128.html

https://www.suse.com/security/cve/CVE-2019-7663.html

https://bugzilla.suse.com/1108606

https://bugzilla.suse.com/1121626

https://bugzilla.suse.com/1125113

Announcement ID: SUSE-SU-2019:3058-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate buffer overflow tiff SUSE Linux Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here