Summary: | <media-libs/tiff-4.0.4: Out-of-bounds reads followed by a crash in bmp2tiff (CVE-2014-9330) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | graphics+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1177893 | ||
Whiteboard: | A3 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-12-31 15:27:58 UTC
CVE-2014-9330 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9330): Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) via crafted BMP image, related to dimensions, which triggers an out-of-bounds read. Maintainers this was addressed by RedHat in version libtiff-3.9.4-18. We do not have that version in the tree the lowest being: 3.9.7-r1 Please confirm that this does not apply to the packages so that we can close this bug if this is not an issue. This was fixed upstream in 4.0.4beta. No history on whether that particular version landed in the tree so adjusting summary to match upstream changes. Tree has a proper fixed version that is already stable. http://libtiff.maptools.org/v4.0.4beta.html This issue was resolved and addressed in GLSA 201701-16 at https://security.gentoo.org/glsa/201701-16 by GLSA coordinator Thomas Deutschmann (whissi). |