Oval Definition:oval:org.opensuse.security:def:119217
Revision Date:2022-05-30Version:1
Title:Security update for tiff (Important)
Description:

This update for tiff fixes the following issues:

- CVE-2022-0561: Fixed null source pointer passed as an argument to memcpy() within TIFFFetchStripThing() in tif_dirread.c (bsc#1195964). - CVE-2022-0562: Fixed null source pointer passed as an argument to memcpy() within TIFFReadDirectory() in tif_dirread.c (bsc#1195965). - CVE-2022-0865: Fixed assertion failure in TIFFReadAndRealloc (bsc#1197066). - CVE-2022-0909: Fixed divide by zero error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197072). - CVE-2022-0924: Fixed out-of-bounds read error in tiffcp that could have led to a denial-of-service via a crafted tiff file (bsc#1197073). - CVE-2022-0908: Fixed null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() (bsc#1197074). - CVE-2022-1056: Fixed out-of-bounds read error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197631). - CVE-2022-0891: Fixed heap buffer overflow in extractImageSection (bsc#1197068).
Family:unixClass:patch
Status:Reference(s):1195964
1195965
1197066
1197068
1197072
1197073
1197074
1197631
CVE-2022-0561
CVE-2022-0562
CVE-2022-0865
CVE-2022-0891
CVE-2022-0908
CVE-2022-0909
CVE-2022-0924
CVE-2022-1056
SUSE-SU-2022:1882-1
Platform(s):SUSE Linux Enterprise Server 15 SP2-BCL
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 15 SP2-BCL is installed
  • AND Package Information
  • libtiff-devel-4.0.9-150000.45.8.1 is installed
  • OR libtiff5-4.0.9-150000.45.8.1 is installed
  • OR libtiff5-32bit-4.0.9-150000.45.8.1 is installed
    • BACK