SUSE-SU-2018:1472-1: moderate: Security update for tiff
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Wed May 30 07:13:25 MDT 2018
SUSE Security Update: Security update for tiff
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1472-1
Rating: moderate
References: #1017694 #1031250 #1031254 #1033109 #1033111
#1033112 #1033113 #1033120 #1033126 #1033127
#1033129 #1074317 #984808 #984809 #984831
#987351
Cross-References: CVE-2016-10267 CVE-2016-10269 CVE-2016-10270
CVE-2016-5314 CVE-2016-5315 CVE-2017-18013
CVE-2017-7593 CVE-2017-7595 CVE-2017-7596
CVE-2017-7597 CVE-2017-7599 CVE-2017-7600
CVE-2017-7601 CVE-2017-7602
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that solves 14 vulnerabilities and has two fixes
is now available.
Description:
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote
attackers to cause a denial of service (out-of-bounds read) via a
crafted tiff image. (bsc#984809)
- CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of
service (divide-by-zero error and application crash) via a crafted TIFF
image, related to libtiff/tif_ojpeg.c:816:8. (bsc#1017694)
- CVE-2016-10269: LibTIFF allowed remote attackers to cause a denial of
service (heap-based buffer over-read) or possibly have unspecified other
impact via a crafted TIFF image, related to "READ of size 512" and
libtiff/tif_unix.c:340:2. (bsc#1031254)
- CVE-2016-10270: LibTIFF allowed remote attackers to cause a denial of
service (heap-based buffer over-read) or possibly have unspecified other
impact via a crafted TIFF image, related to "READ of size 8" and
libtiff/tif_read.c:523:22. (bsc#1031250)
- CVE-2017-18013: In LibTIFF, there was a Null-Pointer Dereference in the
tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo
crash. (bsc#1074317)
- CVE-2017-7593: tif_read.c did not ensure that tif_rawdata is properly
initialized, which might have allowed remote attackers to obtain
sensitive information from process memory via a crafted image.
(bsc#1033129)
- CVE-2017-7595: The JPEGSetupEncode function in tiff_jpeg.c allowed
remote attackers to cause a denial of service (divide-by-zero error and
application crash) via a crafted image. (bsc#1033127)
- CVE-2017-7596: LibTIFF had an "outside the range of representable values
of type float" undefined behavior issue, which might have allowed remote
attackers to cause a denial of service (application crash) or possibly
have unspecified other impact via a crafted image. (bsc#1033126)
- CVE-2017-7597: tif_dirread.c had an "outside the range of representable
values of type float" undefined behavior issue, which might have allowed
remote attackers to cause a denial of service (application crash) or
possibly have unspecified other impact via a crafted image.
(bsc#1033120)
- CVE-2017-7599: LibTIFF had an "outside the range of representable values
of type short" undefined behavior issue, which might have allowed remote
attackers to cause a denial of service (application crash) or possibly
have unspecified other impact via a crafted image. (bsc#1033113)
- CVE-2017-7600: LibTIFF had an "outside the range of representable values
of type unsigned char" undefined behavior issue, which might have
allowed remote attackers to cause a denial of service (application
crash) or possibly have unspecified other impact via a crafted image.
(bsc#1033112)
- CVE-2017-7601: LibTIFF had a "shift exponent too large for 64-bit type
long" undefined behavior issue, which might have allowed remote
attackers to cause a denial of service (application crash) or possibly
have unspecified other impact via a crafted image. (bsc#1033111)
- CVE-2017-7602: LibTIFF had a signed integer overflow, which might have
allowed remote attackers to cause a denial of service (application
crash) or possibly have unspecified other impact via a crafted image.
(bsc#1033109)
- Multiple divide by zero issues
- CVE-2016-5314: Buffer overflow in the PixarLogDecode function in
tif_pixarlog.c allowed remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact via a
crafted TIFF image, as demonstrated by overwriting the vgetparent
function pointer with rgb2ycbcr. (bsc#987351 bsc#984808 bsc#984831)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11-SP4:
zypper in -t patch sdksp4-tiff-13631=1
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-tiff-13631=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-tiff-13631=1
Package List:
- SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64):
libtiff-devel-3.8.2-141.169.6.1
- SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64):
libtiff-devel-32bit-3.8.2-141.169.6.1
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
libtiff3-3.8.2-141.169.6.1
tiff-3.8.2-141.169.6.1
- SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64):
libtiff3-32bit-3.8.2-141.169.6.1
- SUSE Linux Enterprise Server 11-SP4 (ia64):
libtiff3-x86-3.8.2-141.169.6.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
tiff-debuginfo-3.8.2-141.169.6.1
tiff-debugsource-3.8.2-141.169.6.1
References:
https://www.suse.com/security/cve/CVE-2016-10267.html
https://www.suse.com/security/cve/CVE-2016-10269.html
https://www.suse.com/security/cve/CVE-2016-10270.html
https://www.suse.com/security/cve/CVE-2016-5314.html
https://www.suse.com/security/cve/CVE-2016-5315.html
https://www.suse.com/security/cve/CVE-2017-18013.html
https://www.suse.com/security/cve/CVE-2017-7593.html
https://www.suse.com/security/cve/CVE-2017-7595.html
https://www.suse.com/security/cve/CVE-2017-7596.html
https://www.suse.com/security/cve/CVE-2017-7597.html
https://www.suse.com/security/cve/CVE-2017-7599.html
https://www.suse.com/security/cve/CVE-2017-7600.html
https://www.suse.com/security/cve/CVE-2017-7601.html
https://www.suse.com/security/cve/CVE-2017-7602.html
https://bugzilla.suse.com/1017694
https://bugzilla.suse.com/1031250
https://bugzilla.suse.com/1031254
https://bugzilla.suse.com/1033109
https://bugzilla.suse.com/1033111
https://bugzilla.suse.com/1033112
https://bugzilla.suse.com/1033113
https://bugzilla.suse.com/1033120
https://bugzilla.suse.com/1033126
https://bugzilla.suse.com/1033127
https://bugzilla.suse.com/1033129
https://bugzilla.suse.com/1074317
https://bugzilla.suse.com/984808
https://bugzilla.suse.com/984809
https://bugzilla.suse.com/984831
https://bugzilla.suse.com/987351
More information about the sle-updates
mailing list