Summary: | <media-libs/tiff-4.0.9-r4: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes crash | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Ian Zimmerman <nobrowser> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | Flags: | stable-bot:
sanity-check+
|
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://bugzilla.maptools.org/show_bug.cgi?id=2770 | ||
See Also: | http://bugzilla.maptools.org/show_bug.cgi?id=2770 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
media-libs/tiff-4.0.9-r4
|
Runtime testing required: | --- |
Description
Ian Zimmerman
2018-01-28 17:48:53 UTC
Fix: https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01 Not yet released. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=afb651b9908c9fd2d24a8e347e152bc195b486bc commit afb651b9908c9fd2d24a8e347e152bc195b486bc Author: Mike Frysinger <vapier@chromium.org> AuthorDate: 2018-05-29 01:02:58 +0000 Commit: Mike Frysinger <vapier@gentoo.org> CommitDate: 2018-05-29 01:03:54 +0000 media-libs/tiff: add upstream fix for CVE-2017-18013 #645982 Bug: https://bugs.gentoo.org/645982 .../tiff/files/tiff-4.0.9-CVE-2017-18013.patch | 39 +++++++++++ media-libs/tiff/tiff-4.0.9-r4.ebuild | 81 ++++++++++++++++++++++ 2 files changed, 120 insertions(+) If no one else is doing it... ppc/ppc64 stable arm64 stable amd64 stable ia64 stable sparc done. x86 stable hppa stable arm stable Stable on alpha. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ebfefcea0f35de57a889f1f8dd6b50e8f4d61d7e commit ebfefcea0f35de57a889f1f8dd6b50e8f4d61d7e Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-10-20 12:28:03 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-10-20 15:26:19 +0000 media-libs/tiff: Security cleanup Bug: https://bugs.gentoo.org/645982 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 media-libs/tiff/tiff-4.0.9-r3.ebuild | 80 ------------------------------------ 1 file changed, 80 deletions(-) |