This update for tiff fixes the following issues: These security issues were fixed :

  - CVE-2017-18013: There was a NULL pointer Dereference in     the tif_print.c TIFFPrintDirectory function, as     demonstrated by a tiffinfo crash. (bsc#1074317)

  - CVE-2018-10963: The TIFFWriteDirectorySec() function in     tif_dirwrite.c allowed remote attackers to cause a     denial of service (assertion failure and application     crash) via a crafted file, a different vulnerability     than CVE-2017-13726. (bsc#1092949)

  - CVE-2018-7456: Prevent a NULL pointer dereference in the     function TIFFPrintDirectory when using the tiffinfo tool     to print crafted TIFF information, a different     vulnerability than CVE-2017-18013 (bsc#1082825)

  - CVE-2017-11613: Prevent denial of service in the     TIFFOpen function. During the TIFFOpen process,     td_imagelength is not checked. The value of     td_imagelength can be directly controlled by an input     file. In the ChopUpSingleUncompressedStrip function, the
    _TIFFCheckMalloc function is called based on     td_imagelength. If the value of td_imagelength is set     close to the amount of system memory, it will hang the     system or trigger the OOM killer (bsc#1082332)

  - CVE-2018-8905: Prevent heap-based buffer overflow in the     function LZWDecodeCompat via a crafted TIFF file     (bsc#1086408)

  - CVE-2016-8331: Prevent remote code execution because of     incorrect handling of TIFF images. A crafted TIFF     document could have lead to a type confusion     vulnerability resulting in remote code execution. This     vulnerability could have been be triggered via a TIFF     file delivered to the application using LibTIFF's tag     extension functionality (bsc#1007276)

  - CVE-2016-3632: The _TIFFVGetField function allowed     remote attackers to cause a denial of service     (out-of-bounds write) or execute arbitrary code via a     crafted TIFF image (bsc#974621)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Detections

Analytics

SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2018:1826-1)

high Nessus Plugin ID 110763

Version 1.9