| Summary: | <media-libs/tiff-4.0.9-r3: uncontrolled resource consumption in TIFFSetDirectory function in tif_dir.c | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | graphics+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://bugzilla.maptools.org/show_bug.cgi?id=2772 | ||
| See Also: |
https://github.com/gentoo/gentoo/pull/7237 http://bugzilla.maptools.org/show_bug.cgi?id=2772 |
||
| Whiteboard: | A4 [noglsa cve] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
GLSAMaker/CVETool Bot
2018-01-25 16:19:36 UTC
Upstream fix: https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef PR: https://github.com/gentoo/gentoo/pull/7237 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b5f874c2b8cbbdb0eb013c1543ef3aaddbe67903 commit b5f874c2b8cbbdb0eb013c1543ef3aaddbe67903 Author: Michael Vetter <jubalh@iodoru.org> AuthorDate: 2018-02-20 14:18:53 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2018-02-20 14:29:48 +0000 media-libs/tiff: Fix CVE-2018-5784 Patch is upstream commit: https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef Bug: https://bugs.gentoo.org/645730 Package-Manager: Portage-2.3.19, Repoman-2.3.6 Closes: https://github.com/gentoo/gentoo/pull/7237 .../tiff/files/tiff-4.0.9-CVE-2018-5784.patch | 128 +++++++++++++++++++++ media-libs/tiff/tiff-4.0.9-r3.ebuild | 84 ++++++++++++++ 2 files changed, 212 insertions(+)} GLSA Vote: No tree is clean |