| Revision Date: | 2018-12-06 | Version: | 1 |
| Title: | Security update for tiff (Moderate) |
| Description: |
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257). - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672). - CVE-2018-18557: Fixed JBIG decode can lead to out-of-bounds write (bsc#1113094).
Non-security issues fixed:
- asan_build: build ASAN included - debug_build: build more suitable for debugging
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1099257
1113094
1113672
CVE-2018-12900
CVE-2018-18557
CVE-2018-18661
SUSE-SU-2018:3911-2
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP4
| Product(s): | |
| Definition Synopsis |
| Release Information SUSE Linux Enterprise Server 12 SP4 is installed
AND
libtiff5-4.0.9-44.27.1 is installed
OR libtiff5-32bit-4.0.9-44.27.1 is installed
OR tiff-4.0.9-44.27.1 is installed
OR Package Information
SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
AND
libtiff5-4.0.9-44.27.1 is installed
OR libtiff5-32bit-4.0.9-44.27.1 is installed
OR tiff-4.0.9-44.27.1 is installed
|