Download
| Alert*
oval:org.secpod.oval:def:3300966
SUSE Security Update: Security update for tiff oval:org.secpod.oval:def:89047966 This update for tiff fixes the following issues: - CVE-2022-3597: Fixed out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c . - CVE-2022-3599: Fixed out-of-bounds read in writeSingleSection in tools/tiffcrop.c . - CVE-2022-3626: Fixed out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c - ... oval:org.secpod.oval:def:89047967 This update for tiff fixes the following issues: - CVE-2022-3597: Fixed out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c . - CVE-2022-3599: Fixed out-of-bounds read in writeSingleSection in tools/tiffcrop.c . - CVE-2022-3626: Fixed out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c - ... oval:org.secpod.oval:def:2107833 Oracle Solaris 11 - ( CVE-2022-3597 ) oval:org.secpod.oval:def:2600214 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. oval:org.secpod.oval:def:1506671 [4.4.0-7] - Fix CVE-2022-3970 - Resolves: CVE-2022-3970 [4.4.0-6] - Fix CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627 - Resolves: CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627 oval:org.secpod.oval:def:507649 The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: * libtiff: heap Buffer overflows in tiffcrop.c * libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix * libtiff: out-of-bounds write in extractContigSamplesShifted24bits i ... oval:org.secpod.oval:def:1701545 LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b71 ... oval:org.secpod.oval:def:89334 Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format library and tools, which may cause denial of service when processing a crafted TIFF image. oval:org.secpod.oval:def:610364 Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format library and tools, which may cause denial of service when processing a crafted TIFF image. |